Google Project Zero team has ethically disclosed details of an unpatched Windows 8.1 vulnerability reported to Microsoft in September. Microsoft still hasnt issued a patch for the Windows 8.1 flaw that could be exploited by an attacker to elevate his privileges on a target machine to gain administrator access. The flaw affects the NtApphelpCacheControl system call that is used by Windows. It is not a bug in UAC, it is just using UAC auto elevation for demonstration purposes.”]
Source: https://securityaffairs.co/wordpress/31738/security/google-discloses-windows-8-1-flaw.html