{"id":46814,"date":"2022-05-24T21:43:54","date_gmt":"2022-05-24T21:43:54","guid":{"rendered":"https:\/\/www.darkreading.com\/application-security\/number-of-elevation-of-privilege-bugs-in-microsoft-products-increased-again-in-2021"},"modified":"2022-05-24T21:43:54","modified_gmt":"2022-05-24T21:43:54","slug":"microsoft-elevation-of-privilege-vulnerabilities-spiked-again-in-2021","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/microsoft-elevation-of-privilege-vulnerabilities-spiked-again-in-2021\/","title":{"rendered":"Microsoft Elevation-of-Privilege Vulnerabilities Spiked Again in 2021"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt6e322d1d4dfd5b2c\/628d42460f114c7f1add4fba\/windows_Alberto_Garcia_Guillen_shutterstock.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>The number of privilege escalation bugs in Microsoft&#8217;s products increased for the second year in a row in 2021, highlighting the growing risk this vulnerability category poses for organizations.<\/p>\n<p>BeyondTrust recently analyzed data from Microsoft vulnerability disclosures in 2021 and found that 588 \u2014 or 49% \u2014 of the total 1,212 bugs that the company disclosed gave attackers a way to elevate privileges on compromised systems and networks. The number represented a 5% increase from the 559 privilege escalation bugs in Microsoft products that BeyondTrust counted in 2020, when such bugs also <a href=\"https:\/\/www.beyondtrust.com\/press\/beyondtrust-report-finds-elevation-of-privilege-the-1-microsoft-vulnerability-category-in-2021\" target=\"_blank\" rel=\"noopener\">eclipsed all other categories of vulns<\/a> in the company&#8217;s technologies.<\/p>\n<p>The trend is important because organizations sometimes tend to pay less attention to privilege escalation vulnerabilities than other bugs because often, they can only be exploited after an attacker has already compromised a system. &#8220;Elevation of privilege bugs do not get the same attention from organizations&#8221; as some other vulnerabilities, says Tim McGuffin, director of adversarial engineering at LARES Consulting. Most organizations focus on preventing initial compromise, which can come from remote code execution vulnerabilities and other flaws, he says. &#8220;But [they] often de-prioritize patches for EoP vulns and wait until quarterly or annual patch cycles.&#8221;<\/p>\n<h2 class=\"regular-text\">A New Trend<\/h2>\n<p>The number of privilege escalation vulnerabilities in Microsoft&#8217;s technologies increased last year even as the overall number of reported bugs in the company&#8217;s products declined for the first time in years. The 1,212 bugs that Microsoft disclosed in 2021 was about 5% lower than the 1,268 bugs it reported in 2020. That was in sharp contrast to the previous four years, which saw a near doubling in bugs \u2014 from 451 in 2016 to 858 in 2019.<\/p>\n<p>BeyondTrust also observed a 47% decrease in the number of critical vulnerabilities that Microsoft disclosed in 2021 \u2014 104 compared to 196 in 2020. The number of Windows OS vulnerabilities, too, dropped dramatically in 2021 \u2014 from a record 907 vulnerabilities across Windows 7, Windows RT, Windows 8\/8.1, and Windows 10 to just 507 last year.<\/p>\n<p>Remote code execution vulnerabilities, which were the most common type of security issue in Microsoft products until 2019, ranked second last year at 326, followed by information disclosure vulnerabilities (119), spoofing (66), and denial of service bugs (55). Microsoft reported a total of 44 security bypass vulnerabilities last year and 3 issues related to tampering. BeyondTrust observed declines in other vulnerabilities such as in overflow, memory corruption, and cross-site scripting flaws in Microsoft technologies. Cumulatively, there were 215 fewer vulnerabilities across these three categories in 2021 compared to the prior year.<\/p>\n<p>The vendor ascribed several likely reasons for the <a href=\"https:\/\/www.darkreading.com\/threat-intelligence\/a-year-in-microsoft-bugs-the-most-critical-overlooked-and-hard-to-patch\" target=\"_blank\" rel=\"noopener\">Microsoft vulnerability reductions<\/a> last year, including better security and coding practices on Microsoft&#8217;s part; end of life of Windows 7 and other products: and the shift of more enterprise workloads and services to the cloud.<\/p>\n<h2 class=\"regular-text\">Fewer Critical Vulnerabilities<\/h2>\n<p>&#8220;A drop in critical vulnerabilities reported from 196 to 104 is great news,&#8221; says Richard Stiennon, chief research analyst at IT-Harvest. &#8220;Yet it&#8217;s hard to derive insights from just the numbers.&#8221;<\/p>\n<p> The increase in privilege escalation vulnerabilities, for instance, is significant because it indicates that researchers are looking harder for these flaws in Microsoft products. &#8220;These are critical because an attacker will use them to ultimately get admin privileges and thus complete control of a system,&#8221; Stiennon says. &#8220;APT groups usually have some sort of escalation exploits in their toolboxes to compromise their targets.&#8221;<\/p>\n<p>Microsoft&#8217;s late-2021 adoption of the industry-standard CVSS format for reporting vulnerabilities also made it impossible to determine how many of the critical vulnerabilities it disclosed last year could have been mitigated by removing admin rights on user systems, BeyondTrust said.<\/p>\n<p>The CVSS is derived from data that is designed to produce a numerical score relative to the severity of a vulnerability, says Christopher Hills, chief security strategist at BeyondTrust. &#8220;This is great for the overall audience in seeing which vulnerabilities have the highest severity,&#8221; he says. &#8220;But it provides camouflage for those vulnerabilities that leverage privilege elevation because those are now buried in the report.&#8221;<\/p>\n<p>Between 2015 and 2020, some 75% of critical Microsoft vulnerabilities could have been mitigated by removing admin rights on user systems. There&#8217;s little reason to believe that the situation has changed a whole lot now, according to BeyondTrust.<\/p>\n<p>&#8220;With end user systems and remote access being the top attack vector for bad actors, there truly is no valid reason why users should have standing rights or admin rights on end user systems,&#8221; Hills says. Removal of admin rights has the potential to impact end user productivity and foster a bad user experience, he admits: &#8220;But with today\u2019s technology and the solutions available, there is no amount of end user productivity that could outweigh the cost of a breach or compromise.&#8221;<\/p>\n<p>McGuffin says the decline in reported Microsoft vulnerabilities last year could also have to do with other reasons. Some countries have modified their vulnerability disclosure processes so that newly discovered vulnerabilities must be reported to the government first \u2014 and only then can be reported to the vendor, he notes. &#8220;Those same countries have also restricted citizens&#8217; ability to participate in competitions like <a href=\"https:\/\/www.darkreading.com\/edge-articles\/how-pwn2own-made-bug-hunting-a-real-sport\" target=\"_blank\" rel=\"noopener\">Pwn2Own<\/a>, where vulnerabilities would be publicly disclosed after the competition,&#8221; he notes.<\/p>\n<p>And because researchers sometimes focus on specific areas and technologies, that also can have an impact on the number of vulnerabilities discovered in a particular category, McGuffin says. &#8220;As an example, one vulnerability in the <a href=\"https:\/\/www.darkreading.com\/vulnerabilities-threats\/cybercriminals-are-increasingly-exploiting-vulnerabilities-in-windows-print-spooler\" target=\"_blank\" rel=\"noopener\">[Windows] print spooler service<\/a> prompted several other researchers to dig deeper, and we&#8217;re up to over a dozen RCE and PrivEsc vulns in the spooler now,&#8221; he says.<\/p>\n<p>Read More <a href=\"https:\/\/www.darkreading.com\/application-security\/number-of-elevation-of-privilege-bugs-in-microsoft-products-increased-again-in-2021\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>But there was a substantial drop in the overall number of critical vulnerabilities that the company disclosed last year, new analysis shows.Read More <a href=\"https:\/\/www.darkreading.com\/application-security\/number-of-elevation-of-privilege-bugs-in-microsoft-products-increased-again-in-2021\">HERE<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[151],"tags":[],"class_list":["post-46814","post","type-post","status-publish","format-standard","hentry","category-darkreading-ti"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Microsoft Elevation-of-Privilege Vulnerabilities Spiked Again in 2021 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/microsoft-elevation-of-privilege-vulnerabilities-spiked-again-in-2021\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Microsoft Elevation-of-Privilege Vulnerabilities Spiked Again in 2021 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/microsoft-elevation-of-privilege-vulnerabilities-spiked-again-in-2021\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2022-05-24T21:43:54+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt6e322d1d4dfd5b2c\/628d42460f114c7f1add4fba\/windows_Alberto_Garcia_Guillen_shutterstock.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-elevation-of-privilege-vulnerabilities-spiked-again-in-2021\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-elevation-of-privilege-vulnerabilities-spiked-again-in-2021\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Microsoft Elevation-of-Privilege Vulnerabilities Spiked Again in 2021\",\"datePublished\":\"2022-05-24T21:43:54+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-elevation-of-privilege-vulnerabilities-spiked-again-in-2021\\\/\"},\"wordCount\":899,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-elevation-of-privilege-vulnerabilities-spiked-again-in-2021\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt6e322d1d4dfd5b2c\\\/628d42460f114c7f1add4fba\\\/windows_Alberto_Garcia_Guillen_shutterstock.jpg\",\"articleSection\":[\"DarkReading |TI\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-elevation-of-privilege-vulnerabilities-spiked-again-in-2021\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-elevation-of-privilege-vulnerabilities-spiked-again-in-2021\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-elevation-of-privilege-vulnerabilities-spiked-again-in-2021\\\/\",\"name\":\"Microsoft Elevation-of-Privilege Vulnerabilities Spiked Again in 2021 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-elevation-of-privilege-vulnerabilities-spiked-again-in-2021\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-elevation-of-privilege-vulnerabilities-spiked-again-in-2021\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt6e322d1d4dfd5b2c\\\/628d42460f114c7f1add4fba\\\/windows_Alberto_Garcia_Guillen_shutterstock.jpg\",\"datePublished\":\"2022-05-24T21:43:54+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-elevation-of-privilege-vulnerabilities-spiked-again-in-2021\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-elevation-of-privilege-vulnerabilities-spiked-again-in-2021\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-elevation-of-privilege-vulnerabilities-spiked-again-in-2021\\\/#primaryimage\",\"url\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt6e322d1d4dfd5b2c\\\/628d42460f114c7f1add4fba\\\/windows_Alberto_Garcia_Guillen_shutterstock.jpg\",\"contentUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt6e322d1d4dfd5b2c\\\/628d42460f114c7f1add4fba\\\/windows_Alberto_Garcia_Guillen_shutterstock.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-elevation-of-privilege-vulnerabilities-spiked-again-in-2021\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Microsoft Elevation-of-Privilege Vulnerabilities Spiked Again in 2021\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Microsoft Elevation-of-Privilege Vulnerabilities Spiked Again in 2021 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/microsoft-elevation-of-privilege-vulnerabilities-spiked-again-in-2021\/","og_locale":"en_US","og_type":"article","og_title":"Microsoft Elevation-of-Privilege Vulnerabilities Spiked Again in 2021 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/microsoft-elevation-of-privilege-vulnerabilities-spiked-again-in-2021\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2022-05-24T21:43:54+00:00","og_image":[{"url":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt6e322d1d4dfd5b2c\/628d42460f114c7f1add4fba\/windows_Alberto_Garcia_Guillen_shutterstock.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-elevation-of-privilege-vulnerabilities-spiked-again-in-2021\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-elevation-of-privilege-vulnerabilities-spiked-again-in-2021\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Microsoft Elevation-of-Privilege Vulnerabilities Spiked Again in 2021","datePublished":"2022-05-24T21:43:54+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-elevation-of-privilege-vulnerabilities-spiked-again-in-2021\/"},"wordCount":899,"commentCount":0,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-elevation-of-privilege-vulnerabilities-spiked-again-in-2021\/#primaryimage"},"thumbnailUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt6e322d1d4dfd5b2c\/628d42460f114c7f1add4fba\/windows_Alberto_Garcia_Guillen_shutterstock.jpg","articleSection":["DarkReading |TI"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.threatshub.org\/blog\/microsoft-elevation-of-privilege-vulnerabilities-spiked-again-in-2021\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-elevation-of-privilege-vulnerabilities-spiked-again-in-2021\/","url":"https:\/\/www.threatshub.org\/blog\/microsoft-elevation-of-privilege-vulnerabilities-spiked-again-in-2021\/","name":"Microsoft Elevation-of-Privilege Vulnerabilities Spiked Again in 2021 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-elevation-of-privilege-vulnerabilities-spiked-again-in-2021\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-elevation-of-privilege-vulnerabilities-spiked-again-in-2021\/#primaryimage"},"thumbnailUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt6e322d1d4dfd5b2c\/628d42460f114c7f1add4fba\/windows_Alberto_Garcia_Guillen_shutterstock.jpg","datePublished":"2022-05-24T21:43:54+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-elevation-of-privilege-vulnerabilities-spiked-again-in-2021\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/microsoft-elevation-of-privilege-vulnerabilities-spiked-again-in-2021\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-elevation-of-privilege-vulnerabilities-spiked-again-in-2021\/#primaryimage","url":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt6e322d1d4dfd5b2c\/628d42460f114c7f1add4fba\/windows_Alberto_Garcia_Guillen_shutterstock.jpg","contentUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt6e322d1d4dfd5b2c\/628d42460f114c7f1add4fba\/windows_Alberto_Garcia_Guillen_shutterstock.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-elevation-of-privilege-vulnerabilities-spiked-again-in-2021\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Microsoft Elevation-of-Privilege Vulnerabilities Spiked Again in 2021"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/46814","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=46814"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/46814\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=46814"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=46814"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=46814"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}