CVE-2026-21519

CISA KEV

Published February 10, 2026 · Updated April 3, 2026

high

What This Means

**CVE-2026-21519: Windows Desktop Window Manager Privilege Escalation** An authenticated attacker can exploit a type confusion flaw in Microsoft's Desktop Window Manager to escalate privileges to SYSTEM on affected Windows systems. This requires local access but no user interaction beyond initial compromise. Patch immediately with the latest Windows updates from Microsoft; prioritize systems where non-administrative users have local logon rights or where insider threat is a concern.

Official Description+

Microsoft Desktop Windows Manager contains a type confusion vulnerability that could allow an authorized attacker to elevate privileges locally.

Affected Products

Vendor	Product
Microsoft	Windows

Patch Status

Patch by 2026-03-03

Recommended Actions

Check if your systems use any of the affected products listed above.
Apply vendor patches immediately if available.
This vulnerability is in CISA's Known Exploited Vulnerabilities catalog — prioritize remediation.
Monitor vendor advisories for updates and additional mitigations.
Review logs for indicators of compromise related to CVE-2026-21519.

Related Coverage

Vvulnerability

CVE-2026-21519: Type Confusion in Windows Desktop Window Manager Enables Local Privilege Escalation to SYSTEM

CVE-2026-21519 is a type confusion vulnerability in Microsoft's Desktop Window Manager that allows an authenticated local attacker to escalate privileges to SYSTEM on affected Windows systems. CISA has added the flaw to its Known Exploited Vulnerabilities catalog with a federal patch deadline of March 3, 2026, confirming active exploitation. Organizations should apply the latest Microsoft Windows cumulative updates immediately, prioritizing systems where standard users hold local logon rights.

CISA KEV·52d ago·3 min read