Microsoft has released a new version of the Windows 10 Update Assistant in order to fix a local privilege escalation vulnerability. While there is no imminent threat, the only way to fix this vulnerability is to uninstall the program or download the latest version.
The Windows 10 Update Assistant is a Microsoft program that helps you download and upgrade to the latest version of Windows 10. On older versions of Windows, it may also intermittently show you small alerts that prompt you to install the latest Windows 10 feature update.
In previous versions of the Windows 10 Update Assistant for version 1903, a vulnerability existed that could allow attackers to elevate their permissions and execute commands they should not normally be able to.
The Windows 10 Update Assistant vulnerability
With the October 2019 Patch Tuesday security fixes, Microsoft released a security bulletin for a local privilege escalation vulnerability (CVE-2019-1378) in Windows 10 Update Assistant that was discovered by security researcher Jimmy Bayne.
A day later, on October 9th, Microsoft released an updated Windows 10 Update Assistant that fixes the vulnerability.
What you should do to fix the vulnerability
WUA is either installed on a computer manually by downloading the program from Microsoft or it is installed as part of the KB4023814 update.
To check if it is installed, you can either check if the KB4023814 update is installed or see if there is an uninstall entry for WUA in the Apps & features control panel as shown below.
In order to fix this vulnerability, users need to either remove the Windows 10 Update Assistant or download the latest version from Microsoft,which now contains and updated and fixed version, and install it.
For most people, it is easier to just remove the program and install the latest version when you are attempting to upgrade to a new version of Windows 10 and are having problems.
If the Windows 10 Update Assistant entry is listed in the Uninstall Programs, you can uninstall it from there.
Regardless of how it was installed, you can always remove the Windows 10 Update Assistant by opening a command prompt and then typing the following command and pressing Enter on your keyboard.
After pressing enter, you will be shown a UAC prompt asking if you want to allow this app to make changes. You should click on the Yes button at this prompt.
When running the command, it will not display any output, and just bring you back to another prompt. You can now close the command prompt windows.
To confirm that the Windows 10 Update Assistant has been removed, you can check if the C:\Windows10upgrade or C:\Windows\Updateassistant folders exist. If they do not, then it has been completely removed.
If either of those two folders still exist, you can now delete them.
If you cannot remove those folders for some reason, you can launch Task Manager and end the UpdateAssistant.exe and the Windows10UpgraderApp.exe processes if they are running. Once terminated, you can now try to delete the folders again.
Now that the Windows 10 Update Assistant has been removed, Windows will no longer be affected by the vulnerability.
Original Article from Bleepingcomputer.com