CVE-2026-50667
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Description
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows NTFS allows an authorized attacker to elevate privileges locally.
In plain language
AI Act nowCVE-2026-50667 is a Windows bug in the NTFS driver where a local user can potentially use a timing “race” to gain higher privileges; typical small businesses should patch because it affects many Windows versions but is not a drive-by internet attack.
CVE-2026-50667 is a local race condition in the Windows NTFS driver (CWE-362) that can let an authenticated/authorized user escalate privileges without needing user interaction.
What to do now
- Check which affected Windows edition your devices run (Windows 10/11 or the listed Windows Server versions).
- Confirm whether your system is currently below the fixed build numbers listed by your vendor/IT update channel.
- Upgrade/patch Windows so it is at or above the fixed versions for your branch (use the exact fixed versions in the “what_to_do_full” section).
- If patching is delayed, restrict who can log on locally and reduce the chance of an “authorized” user being available (tight access controls and least privilege).
- After patching, verify Windows build/version matches the fixed minimum for your OS branch and monitor for suspicious privilege escalation activity (local admin creation, unexpected scheduled tasks, and system service changes).
CVSS Vector Breakdown
AV:LAttack VectorAC:LAttack ComplexityPR:LPrivileges RequiredUI:NUser InteractionS:UScopeC:HConfidentialityI:HIntegrityA:HAvailabilityWeaknesses
Affected Products
Exploitability
Attack Graph
Click technique nodes for MITRE ATT&CK details · drag to pan · Ctrl/⌘ + scroll to zoom, or go fullscreen.
MITRE ATT&CK
1 techniqueReferences
- Microsoft and Adobe Patch Tuesday, July 2026 Security Update Reviewen-us·Qualys Security Blog·
- Microsoft Patch Tuesday for July 2026 — Snort rules and prominent vulnerabilitiesen·Cisco Talos·
- Microsoft Patch Tuesday July 2026 - The AI Acopolypse is Hereen·SANS Internet Storm Center·
- Microsoft July 2026 Patch Tuesday fixes massive 570 flaws, 3 zero-daysen-us·BleepingComputer·
Unlock Complete Vulnerability Intelligence
Get the full picture for CVE-2026-50667 and every CVE in our database. Create a free account — no credit card required.
Create Free Account