Positive Technologies Research Team has discovered a privilege escalation vulnerability in Windows Message Queuing service (MSMQ). The IOCTL handler in mqac.sys does not properly validate buffer data associated with the Irp object, which allows local users to crash the system or execute arbitrary code with SYSTEM privileges.
8ffd0feedce3b0229ddad304c6664e17c7f172827df31047e4e31a0d9b51cb9a