Local attackers can use Group Policy flaw to take over enterprise Windows systems

CERT-LatestNews ThreatsCybercrime ThreatsEconomic VulnerabilitiesAll VulnerabilitiesApplications VulnerabilitiesMicrosoft VulnerabilitiesNetwork VulnerabilitiesOS

Furthermore, while performing this operation the service does not switch its context and privileges to the local user who requested the update — known as user impersonation in Windows API language — but performs the file writing operation with LocalSystem privileges.