April 22, 2021 at 01:04PM

■■■□□ Microsoft quietly patched a local privilege escalation (LPE) flaw that affects both Windows 7 and Server 2008 R2 computers. This LPE flaw (which has yet to be assigned a CVE ID) is caused by a misconfiguration of two service registry keys, and it enables local attackers to escalate privileges on fully patched devices.