Late last month, Microsoft quietly released a security update for its oldest Windows 10 version, 1507. This update is designed to address a local privilege elevation (LPE) flaw that can occur as a result of Group Policy abuse. defect.
This patch is deployed through the Remote Server Administration Tools (RSAT) update for Windows Server 2016. For those who don't know, RSAT is a remote server management tool that IT and system administrators can control from their Windows 10 PCs. , in this case.
This security vulnerability is rated by CVSS (Common Vulnerability Scoring System) with a base score of 7.0 and a temporary score of 6.1, and is tracked as CVE-2024-20657.
Microsoft writes in a support document:
KB5035238: Security update for Windows 10, version 1507 and Windows Server 2016 for RSAT: January 31, 2024
summary
This article describes security updates for Remote Server Administration Tools (RSAT) in Windows 10, version 1507 and Windows Server 2016. This update resolves the security issues described in the following articles:
CVE-2024-20657 | Windows Group Policy Elevation of Privilege Vulnerability
In case you're wondering, this update should install automatically via Windows Update. However, users can also manually download and install it from the Microsoft Update Catalog website. At this link.
It is also available from the Microsoft Download Center website through RSAT Updates. The file size is 54.2MB for the 64-bit version and 33MB for the 32-bit version. You can download and install it from our download center here.
