Windows Error Reporting Flaw Allows Attackers to Elevate Privileges

A newly documented Windows vulnerability, CVE-2026-20817, affects the Windows Error Reporting Service (WER), allowing local privilege escalation by enabling attackers to launch helper processes without proper authorization. Microsoft’s mitigation involves disabling the vulnerable launch feature via a flag, and users are advised to patch promptly and monitor for suspicious process creation related to WerFault.exe or WerMgr.exe.