FAQ
What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.
MSRC compact vulnerability detail
CVE-2026-20941 · Host Process for Windows Tasks Elevation of Privilege Vulnerability
Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally.
Signals
Host Process for Windows Tasks
Elevation of Privilege
Exploited: No
Publicly disclosed: No
Exploitability: Exploitation Less Likely
CWE
Patch Diff
Loading module diff metadata...
Resolved binary override
Use this when the MSRC module name cannot be mapped automatically or the resolved binary looks wrong.
Description
Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally.
FAQ / Articles
Workaround
The following workaround might be helpful in your situation. In all cases, Microsoft strongly recommends that you install the updates for this vulnerability as soon as possible: Customers running Windows Server 2025 who have Desktop Experience installed are affected by this vulnerability. To protect yourself you can disable the following task in Task Scheduler: \Microsoft\Windows\WindowsAI\Recall\PolicyConfiguration You should reenable the task once you have installed the fix. Important: Do NOT undo the workaround until after you have installed the update.
Host Process for Windows Tasks Elevation of Privilege Vulnerability
Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally.