Microsoft has released an out-of-band security update addressing two high-severity elevation-of-privilege (EoP) bugs. Both flaws exist in a service called Windows Remote Access, which provides remote-access capabilities to client applications on computers running Windows.
Of note, both flaws were originally disclosed Aug. 11, during Microsoft’s regularly scheduled Patch Tuesday updates, where the tech giant patched 120 vulnerabilities overall. During those updates, fixes for the two flaws were issued for Windows 10, Windows 7, Windows Server 2008, 2012, 2016, and 2019; as well as Windows Server (versions 1903, 1909 and 2004). Wednesday’s unscheduled updates fix the vulnerabilities in Windows 8.1 and Windows Server 2012.