This vulnerability (CVE-2026-25187) arises from improper link resolution before file access ('link following') in the Winlogon process of Windows 10 Version 1607 (build 10.0.14393.0). An authorized local attacker can leverage this flaw to elevate their privileges on the affected system. The CVSS v3.1 base score is 7.8, reflecting local attack vector, low attack complexity, required privileges, no user interaction, and high impact on confidentiality, integrity, and availability. The vulnerability is classified under CWE-59 (Improper Link Resolution Before File Access). A patch is available from Microsoft to remediate this issue.

Successful exploitation allows an authorized local attacker to elevate privileges, potentially gaining higher system rights than intended. This can lead to full system compromise including unauthorized access to sensitive data, modification of system files, and disruption of system availability. The vulnerability affects Windows 10 Version 1607 (build 10.0.14393.0). No known exploits have been reported in the wild so far.

A patch is available to address this vulnerability. It is recommended to apply the official Microsoft update for Windows 10 Version 1607 as soon as possible to remediate the issue. Since this is a local privilege escalation vulnerability, limiting local user access and applying the patch will mitigate the risk effectively.