Microsoft Patches CVE-2026-26119 Privilege Escalation in Windows Admin Center
Source: The Hacker News
Overview
Microsoft has disclosed a now‑patched security flaw in Windows Admin Center that could allow an attacker to elevate their privileges.
Windows Admin Center is a locally deployed, browser‑based management tool set that lets users manage Windows clients, servers, and clusters without the need to connect to the cloud.
The high‑severity vulnerability, tracked as CVE‑2026‑26119, carries a CVSS score of 8.8 (out of 10).
“Improper authentication in Windows Admin Center allows an authorized attacker to elevate privileges over a network,” Microsoft said in an advisory released on February 17 2026. “The attacker would gain the rights of the user that is running the affected application.”
— Microsoft advisory
Vulnerability Details
- Researcher: The issue was discovered and reported by Semperis researcher Andrea Pierini.
- Patch status: The flaw was patched in Windows Admin Center version 2511, released in December 2025.
- Exploitation likelihood: Microsoft tags the vulnerability with an “Exploitation More Likely” assessment, although no public exploitation has been reported.
- Potential impact: According to a LinkedIn post by Pierini, the vulnerability could “allow a full domain compromise starting from a standard user” under certain conditions.
Patch and Mitigation
- Update: Apply the latest Windows Admin Center version 2511 or any newer release that includes the fix for CVE‑2026‑26119.
- Best practices:
- Restrict access to Windows Admin Center to trusted administrators only.
- Enforce strong authentication mechanisms (e.g., multi‑factor authentication).
- Regularly review and apply security updates from Microsoft.
For more information on the patch, see the official announcement:
Windows Admin Center version 2511 is now generally available