Local privilege escalation flaw in the Windows Update Stack. By abusing directory junctions or symbolic links, attackers can hijack trusted paths accessed by SYSTEM-level processes like MoUsoCoreWorker.exe and execute arbitrary code with elevated privileges.
https://cyberdom.blog/abusing-the-windows-update-stack-to-gain-system-access-cve-2025-21204/
https://cyberdom.blog/abusing-the-windows-update-stack-to-gain-system-access-cve-2025-21204/