| A critical RCE vulnerability in Microsoft Windows Server Update Services (WSUS), caused by unsafe deserialization of AuthorizationCookie data through BinaryFormatter in the EncryptionHelper.DecryptData() method. The vulnerability allows an unauthenticated attacker to achieve remote code execution with SYSTEM privileges by sending malicious encrypted cookies to the GetCookie() endpoint. |
