CVE-2026-50433
Windows Media Elevation of Privilege Vulnerability
Description
Use after free in Windows Media allows an authorized attacker to elevate privileges locally.
In plain language
AI Act nowCVE-2026-50433 is a Windows Media bug that can let someone with local access run code as a higher-privileged user; if your machines are exposed to “insider” or stolen local access, you should treat this as urgent and patch it.
CVE-2026-50433 is a local elevation-of-privilege issue (CWE-416 use-after-free) in Windows Media where an authorized local attacker can execute arbitrary code with elevated privileges.
What to do now
- Check which affected Windows versions you run (Windows 10/11 and Windows Server 2012/2012 R2/2016/2019/2022/2025) and identify their exact build numbers/KB level.
- Compare your installed version to the fixed versions below for your exact OS branch.
- Upgrade/patch Windows Media to the fixed version for your OS (do not wait for symptoms).
- After patching, review security logs for evidence of unexpected local privilege escalation attempts by accounts that should not have admin-level capabilities.
CVSS Vector Breakdown
AV:LAttack VectorAC:LAttack ComplexityPR:LPrivileges RequiredUI:NUser InteractionS:UScopeC:HConfidentialityI:HIntegrityA:HAvailabilityWeaknesses
Affected Products
Exploitability
Attack Graph
Click technique nodes for MITRE ATT&CK details · drag to pan · Ctrl/⌘ + scroll to zoom, or go fullscreen.
MITRE ATT&CK
2 techniquesReferences
- Microsoft and Adobe Patch Tuesday, July 2026 Security Update Reviewen-us·Qualys Security Blog·
- Microsoft Patch Tuesday for July 2026 — Snort rules and prominent vulnerabilitiesen·Cisco Talos·
- Microsoft Patch Tuesday July 2026 - The AI Acopolypse is Hereen·SANS Internet Storm Center·
- Microsoft July 2026 Patch Tuesday fixes massive 570 flaws, 3 zero-daysen-us·BleepingComputer·
Unlock Complete Vulnerability Intelligence
Get the full picture for CVE-2026-50433 and every CVE in our database. Create a free account — no credit card required.
Create Free Account