An elevation of privilege vulnerability exists in Microsoft Windows. The vulnerability is due to an error in the way windows kernel handles session objects in concurrent logins. Successful exploitation may lead to a malicious user gaining access to a victim user’s session.