On July 20th, Microsoft published that they have knowledge of a vulnerably that could allow any Windows 10 or 11 user to gain admin privileges. This would potentially allow any user to create new user accounts with full user rights, install programs, and view, change or delete data. This vulnerability is very dangerous should an attacker obtain a user’s credentials.
Microsoft has released a patches for this vulnerability yet. Microsoft also posted manual workarounds HERE.
We encourage you to urge users to be hyper-aware of phishing attempts and to report anything suspicious to their IT team or management.