You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
afd
About this tag
The afd tag on WindowsForum.com covers discussions about the Ancillary Function Driver (AFD.sys) in Microsoft Windows, a kernel component that supports network socket operations. Content focuses on security vulnerabilities in AFD, particularly elevation of privilege flaws that allow a local attacker with valid credentials to run specially crafted code and gain higher system access. Notable threads include CVE-2025-54093, a TOCTOU race condition in the TCP/IP driver, and historical bulletins MS11-046 and MS11-080, which addressed similar privilege escalation risks. These discussions are relevant for IT professionals and security researchers tracking Windows kernel vulnerabilities and applying security updates.
Title: CVE‑2025‑54093 — Windows TCP/IP Driver TOCTOU Race Condition (Local Elevation of Privilege)
Summary
What it is: A time‑of‑check/time‑of‑use (TOCTOU) race condition in the Windows TCP/IP driver that Microsoft lists as CVE‑2025‑54093. Microsoft’s advisory describes the flaw as a TOCTOU...
Resolves a vulnerability in AFD.sys that could allow elevation of privilege if an attacker logs on to a user's system and runs a specially crafted application.
More...
Severity Rating: Important
Revision Note: V1.0 (October 11, 2011): Bulletin published.
Summary: This security update resolves a privately reported vulnerability in the Microsoft Windows Ancillary Function Driver (AFD). The vulnerability could allow elevation of privilege if...
Bulletin Severity Rating:Important - This security update resolves a publicly disclosed vulnerability in the Microsoft Windows Ancillary Function Driver (AFD). The vulnerability could allow elevation of privilege if an attacker logs on to a user's system and runs a specially crafted application...