PatchSiren cyber security CVE debrief
CVE-2026-42837 Microsoft CVE debrief
CVE-2026-42837 is a HIGH severity vulnerability in the Windows Projected File System Filter Driver. A buffer over-read issue exists that allows an authorized attacker to elevate privileges locally. The vulnerability has a CVSS score of 7.8.
- Vendor
- Microsoft
- Product
- Windows Projected File System Filter Driver
- CVSS
- HIGH 7.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-09
- Original CVE updated
- 2026-06-11
- Advisory published
- 2026-06-09
- Advisory updated
- 2026-06-11
Who should care
Administrators and users of affected Microsoft Windows systems should prioritize patching this vulnerability to prevent local privilege escalation attacks.
Technical summary
The vulnerability exists in the Windows Projected File System Filter Driver and is caused by a buffer over-read issue. This allows an authorized attacker to elevate privileges locally.
Defensive priority
HIGH
Recommended defensive actions
- Apply patches from Microsoft as soon as possible.
- Review and update system configurations to ensure proper protections are in place.
- Monitor systems for unusual activity that could indicate exploitation attempts.
Evidence notes
The CVE-2026-42837 vulnerability was published on 2026-06-09 and modified on 2026-06-11. It affects various versions of Microsoft Windows.
Official resources
-
CVE-2026-42837 CVE record
CVE.org
-
CVE-2026-42837 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
CVE-2026-42837 was published on 2026-06-09T17:17:09.453Z and modified on 2026-06-11T16:51:47.073Z.