DLL side-loading vulnerability in Microsoft signed autoelevate CompMgmtLauncher.exe - unfortunately the manifest on this file changed in Windows 10 1703 so it can no longer be used to bypass UAC. The side loading doesn't trigger in 1507-1607, this maybe exploitable in some situations but is being discarded as a dead end. There is one more of these that we've found but have been unable to exploit. This one is only useful to sideload malware in a signed executable and not for UAC.
This website was very useful to find exactly when the manifest changed, definitely worth a visit if you do any Microsoft vulnerability research and need to check system binary versions and changes. Thanks @raptor for pointing me towards this earlier today & @Rairii for suggestions - https://winbindex.m417z.com/
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!