From bleepingcomputer.com
Slovak internet security firm ESET released security fixes to address a high severity local privilege escalation vulnerability affecting multiple products on systems running Windows 10 and later or Windows Server 2016 and above.
The flaw (CVE-2021-37852) was reported by Michael DePlante of Trend Micro’s Zero Day Initiative, and it enables attackers to escalate privileges to NT AUTHORITY\SYSTEM account rights (the highest level of privileges on a Windows system) using the Windows Antimalware Scan Interface (AMSI).