CVE-2026-21223 Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
Posted: Fri Jan 16, 2026 8:00 am
Microsoft Edge Elevation Service exposes a privileged COM interface that inadequately validates the privileges of the calling process. A standard (non‑administrator) local user can invoke the IElevatorEdge interface method LaunchUpdateCmdElevatedAndWait, causing the service to execute privileged update commands as LocalSystem. This allows a non‑administrator to enable or disable Windows Virtualization‑Based Security (VBS) by modifying protected system registry keys under HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard. Disabling VBS weakens critical platform protections such as Credential Guard, Hypervisor‑protected Code Integrity (HVCI), and the Secure Kernel, resulting in a security feature bypass.
Source: https://msrc.microsoft.com/update-guide ... 2026-21223
Source: https://msrc.microsoft.com/update-guide ... 2026-21223