afd.sys

Microsoft has published a security update for CVE-2025-60719, an untrusted pointer dereference in the Windows Ancillary Function Driver for WinSock (afd.sys) that can be abused by a local, authenticated attacker to gain elevated privileges; administrators should treat this as a high-priority...

Microsoft has recorded CVE-2025-62213 as a use‑after‑free elevation‑of‑privilege in the Windows Ancillary Function Driver for WinSock (afd.sys), a kernel‑mode networking component, and administrators are urged to apply the vendor's security update immediately to close a local post‑compromise...

Microsoft’s security channels added CVE-2025-62217 to the public record on November 11, 2025: the flaw is a race condition in the Windows Ancillary Function Driver for WinSock (afd.sys) that can be abused by an authenticated local actor to elevate privileges on affected Windows hosts. Background...

Microsoft’s security channels added CVE-2025-58714 to the record this week: an elevation‑of‑privilege weakness in the Windows Ancillary Function Driver for WinSock (the afd.sys stack) that — if left unpatched on an affected host — lets a locally authorized attacker raise their process context to...

Microsoft’s advisory identifies a vulnerability in the Windows Ancillary Function Driver for WinSock (afd.sys) that can be triggered locally to escalate privileges — described on the vendor page as a buffer overflow in the WinSock ancillary driver — and administrators must treat this as a...

Microsoft’s Security Update Guide entry for CVE-2025-53718 describes a use‑after‑free (UAF) flaw in the Windows Ancillary Function Driver for WinSock (AFD.sys) that can be triggered by a locally authorized user to obtain elevated privileges on affected Windows hosts — a kernel‑level...

Microsoft’s Security Response Guide flags a null-pointer dereference in the Windows Ancillary Function Driver for WinSock (AFD.sys) that, when reached by a local, authorized user, can be weaponized into an elevation‑of‑privilege to SYSTEM — a high‑impact kernel vulnerability that demands...

A use‑after‑free vulnerability in the Windows Ancillary Function Driver for WinSock (AFD.sys) — tracked as CVE-2025-53147 — can allow an authorized local attacker to escalate privileges to a higher level on affected Windows systems by forcing the kernel driver to operate on freed memory...

Microsoft’s advisory confirms that a null pointer dereference in the Windows Ancillary Function Driver for WinSock (AFD.sys) can be triggered by a locally authorized attacker to elevate privileges to SYSTEM, creating a high-impact local elevation-of-privilege (EoP) risk for affected Windows...

A use‑after‑free vulnerability in the Windows Ancillary Function Driver for WinSock (AFD.sys), tracked as CVE-2025-53137, can be abused by an authorized local user to escalate privileges to SYSTEM on affected Windows hosts — a high‑impact kernel vulnerability that follows a string of similar AFD...

Title: What sysadmins need to know about the WinSock AFD race-condition EoP entry you sent (CVE-2025-53134) — situation, risk, and what to do now Executive summary You sent the MSRC URL for CVE-2025-53134 (Windows Ancillary Function Driver for WinSock — race condition / improper synchronization...

A recently published Microsoft advisory warns that CVE-2025-49762 — a race-condition flaw in the Windows Ancillary Function Driver for WinSock (AFD.sys) — can allow a locally authorized attacker to elevate privileges by exploiting concurrent execution using a shared resource with improper...

The cybersecurity landscape for Windows users is continually evolving, with both defenders and attackers persistently engaged in a race for dominance. One of the latest and most critical pieces of this ongoing battle is CVE-2025-32709—a newly disclosed use-after-free vulnerability in the Windows...

Memory test has come out clear. Not sure which software is creating BSOD. Any help would be greatly appreciated. The system is a DELL XPS.

Continue reading...

The BSOD also shows errors from other sources than afd.sys, but recently it has started after hibernate also. In most cases the BSOD happens when playing youtube videos for more than 10 minutes, and it starts with the audio sounding distorted and looping and then it crashes. The BSOD does not...

The BSOD also shows errors from other sources than afd.sys, but recently it has started after hibernate also. In most cases the BSOD happens when playing youtube videos for more than 10 minutes, and it starts with the audio sounding distorted and looping and then it crashes. The BSOD does not...

I keep getting BSOD on my Windows 7 Ultimate. This usually occurs when I play games, but will also randomly happen. The comp is 8 months old. The computer will also sometimes restart by itself. Processor: AMD FX(tm) 8150 Eight-Core Processor RAM: G-SKILL 8gb Graphics Card: HD 7970 Radeon...

More...

Fixes a "0x0000000A" Stop error that occurs when ETW tracing is used to collect information about the Afd.sys driver in Windows 7 or in Windows Server 2008 R2. More...