Microsoft: critical privilege escalation vulnerability in Windows Admin Center

Microsoft is warning of a security vulnerability in Windows Admin Center. Attackers can use it to escalate their privileges. IT managers must take action to close the vulnerability and install a software update.

The vulnerability description, designated CVE-2026-26119, was published by Microsoft on Wednesday night. It is an insufficient authentication (CWE-287), as Microsoft only states. The developers further elaborate on the consequences of successful exploitation: "Attackers would gain the privileges of the users running the affected application." (CVE-2026-26119, CVSS 8.8, Risk "high"). However, deviating from the risk classification according to the CVSS3 value, the Redmond-based company even assesses the risk as "critical".

While details of the vulnerability have not yet been published and Microsoft is not aware of any available exploits, the company estimates that attackers will exploit the security vulnerability with a higher probability in the foreseeable future.

Windows Admin Center: Update available

The software version 2511 is available for Windows Admin Center. It was released in December last year and corrects the security problem now reported. However, Microsoft developers updated the distribution script and associated documentation a week ago. Those who have already installed the software update do not need to take further action; those still using older versions should quickly switch to the new version.

Windows Admin Center is a free add-on software that serves to manage Windows devices from Windows 10 and Windows Server 2012 onwards in networks with a web-based user interface. It provides clear information on server performance, forecasts for required capacities, as well as functions for managing Windows systems and solving emerging problems, for example, through remote maintenance. Technically, it is based on the Microsoft Management Console (MMC).

(dmk)