The Windows Installer is a tool used to install and update software on Windows systems. This vulnerability allows an authorized attacker to elevate privileges locally, potentially leading to unauthorized access to sensitive data or system modifications.
You're affected if you use Improper. Specific version info not stated in the advisory.
To fix this vulnerability, Microsoft recommends applying the latest security update:
1. Go to the Microsoft Update Catalog website and download the KB5003639 update.
2. Run the downloaded update package using the built-in Windows Installer or by running the wuauclt.exe command with the /update option.
Immediate mitigations if upgrade isn't possible: