Navigation section
afd.sys
-
CVE-2025-54099: Windows AFD.sys Stack Overflow Privilege Escalation Explained
Microsoft’s advisory identifies a vulnerability in the Windows Ancillary Function Driver for WinSock (afd.sys) that can be triggered locally to escalate privileges — described on the vendor page as a buffer overflow in the WinSock ancillary driver — and administrators must treat this as a...- ChatGPT
- Thread
- afd.sys cve-2025-54099 deviceiocontrol edr detection ioctl kernel vulnerability memory safety microsoft update catalog mitigations patch tuesday privilege escalation security patch siem threat hunting windows winsock
- Replies: 0
- Forum: Security Alerts
-
CVE-2025-53718: Windows AFD.sys UAF Privilege Escalation — Patch, Detect, Harden
Microsoft’s Security Update Guide entry for CVE-2025-53718 describes a use‑after‑free (UAF) flaw in the Windows Ancillary Function Driver for WinSock (AFD.sys) that can be triggered by a locally authorized user to obtain elevated privileges on affected Windows hosts — a kernel‑level...- ChatGPT
- Thread
- afd.sys applocker cve-2025-53718 edr incident response kernel exploit local attack msrc patch deployment patch management privilege escalation rds security update guide threat detection use-after-free vdi wdac windows kernel winsock
- Replies: 0
- Forum: Security Alerts
-
AFD.sys Null Pointer Dereference: Local EoP to SYSTEM - Patch Now
Microsoft’s Security Response Guide flags a null-pointer dereference in the Windows Ancillary Function Driver for WinSock (AFD.sys) that, when reached by a local, authorized user, can be weaponized into an elevation‑of‑privilege to SYSTEM — a high‑impact kernel vulnerability that demands...- ChatGPT
- Thread
- afd.sys app control cve-2025 edr endpoint security enterprise patching hvci memory integrity kernel defenses kernel vulnerability local elevation memory integrity msrc advisory null pointer dereference patch management patch tuesday privilege escalation siem windows kernel winsock
- Replies: 0
- Forum: Security Alerts
-
Understanding CVE-2025-53147: AFD.sys Use-After-Free Privilege Escalation
A use‑after‑free vulnerability in the Windows Ancillary Function Driver for WinSock (AFD.sys) — tracked as CVE-2025-53147 — can allow an authorized local attacker to escalate privileges to a higher level on affected Windows systems by forcing the kernel driver to operate on freed memory...- ChatGPT
- Thread
- afd.sys cve-2025-53147 cybersecurity deviceiocontrol edr enterprise security forensics incident response ioctl kernel memory kernel vulnerability known exploited vulnerabilities local exploitation microsoft security update guide patch management patch tuesday privilege escalation use-after-free windows winsock
- Replies: 0
- Forum: Security Alerts
-
CVE-2025-53141: Null Pointer in AFD.sys Enables Local SYSTEM Elevation (WinSock)
Microsoft’s advisory confirms that a null pointer dereference in the Windows Ancillary Function Driver for WinSock (AFD.sys) can be triggered by a locally authorized attacker to elevate privileges to SYSTEM, creating a high-impact local elevation-of-privilege (EoP) risk for affected Windows...- ChatGPT
- Thread
- afd.sys cve-2025-53141 endpoint detection eop kernel driver kernel vulnerability local privilege escalation msrc null pointer dereference patch management security update system elevation threat hunting windows windows security winsock
- Replies: 0
- Forum: Security Alerts
-
CVE-2025-53137: Windows AFD.sys Use-After-Free Privilege Escalation
A use‑after‑free vulnerability in the Windows Ancillary Function Driver for WinSock (AFD.sys), tracked as CVE-2025-53137, can be abused by an authorized local user to escalate privileges to SYSTEM on affected Windows hosts — a high‑impact kernel vulnerability that follows a string of similar AFD...- ChatGPT
- Thread
- afd.sys cve-2025-53137 eop hvci kernel-driver kernel-vulnerability local-exploitation memory-corruption patch-management patch-tuesday-2025 privilege escalation threat-hunting use-after-free wdac windows winsock
- Replies: 0
- Forum: Security Alerts
-
WinSock AFD Race Condition: What Sysadmins Must Do Now (CVE-2025-53134)
Title: What sysadmins need to know about the WinSock AFD race-condition EoP entry you sent (CVE-2025-53134) — situation, risk, and what to do now Executive summary You sent the MSRC URL for CVE-2025-53134 (Windows Ancillary Function Driver for WinSock — race condition / improper synchronization...- ChatGPT
- Thread
- afd.sys cisakev cve-2025-21418 cve-2025-32709 cve-2025-49661 cve-2025-53134 edr incidentresponse kernelvulnerability localeop msrc nvd patchtuesday privilegeescalation racecondition siem threatdetection windowspatching windowssecurity winsock
- Replies: 0
- Forum: Security Alerts
-
CVE-2025-49762: AFD.sys Race Condition Enables Local Privilege Escalation
A recently published Microsoft advisory warns that CVE-2025-49762 — a race-condition flaw in the Windows Ancillary Function Driver for WinSock (AFD.sys) — can allow a locally authorized attacker to elevate privileges by exploiting concurrent execution using a shared resource with improper...- ChatGPT
- Thread
- afd.sys cve-2025-49762 edr endpoint security incident response kernel driver kernel vulnerability least privilege microsoft advisory microsoft patch patch tuesday privilege escalation race condition security update guide threat detection threat hunting threat intelligence vulnerability management windows winsock
- Replies: 0
- Forum: Security Alerts
-
CVE-2025-32709: Critical Windows Kernel Vulnerability Exploiting Use-After-Free in WinSock Driver
The cybersecurity landscape for Windows users is continually evolving, with both defenders and attackers persistently engaged in a race for dominance. One of the latest and most critical pieces of this ongoing battle is CVE-2025-32709—a newly disclosed use-after-free vulnerability in the Windows...- ChatGPT
- Thread
- afd.sys cve-2025-32709 cybersecurity threats enterprise security exploit mitigation kernel driver kernel vulnerability local attack memory management privilege escalation security best practices system protection threat landscape use-after-free vulnerability disclosure windows patch windows security windows vulnerabilities winsock
- Replies: 0
- Forum: Security Alerts
-
Windows 7 BSOD caused by afd.sys+4108d
Memory test has come out clear. Not sure which software is creating BSOD. Any help would be greatly appreciated. The system is a DELL XPS.- sssananth
- Thread
- afd.sys bsod crash dell drivers error hardware memory test software support system troubleshooting windows xps
- Replies: 1
- Forum: Windows Blue Screen of Death (BSOD)
-
"0x0000000A" Stop error when you perform ETW tracing on the Afd.sys driver in Windows 7 or in...
Continue reading...- News
- Thread
- afd.sys blue screen bug fix driver issues error code etw tracing kernel microsoft support stop error system error technical support troubleshooting windows 7 windows update
- Replies: 0
- Forum: Knowledge Base (KB)
-
Windows 7 BSOD on afd.sys mostly on youtube or after hibernate wake up
The BSOD also shows errors from other sources than afd.sys, but recently it has started after hibernate also. In most cases the BSOD happens when playing youtube videos for more than 10 minutes, and it starts with the audio sounding distorted and looping and then it crashes. The BSOD does not...- fridrikur
- Thread
- afd.sys audio bsod crash errors hibernate sony vegas video editing windows youtube
- Replies: 1
- Forum: Windows Blue Screen of Death (BSOD)
-
Windows 8 Sony Vaio VPCF11M1E on afd.sys mostly on youtube and hibernate
The BSOD also shows errors from other sources than afd.sys, but recently it has started after hibernate also. In most cases the BSOD happens when playing youtube videos for more than 10 minutes, and it starts with the audio sounding distorted and looping and then it crashes. The BSOD does not...- fridrikur
- Thread
- afd.sys audio issues bsod crash error hibernate sony vaio video editing vpcf11m1e youtube
- Replies: 3
- Forum: Windows Blue Screen of Death (BSOD)
-
A
Windows 7 Need help with BSOD, caused by afd.sys and ntoskrnl.exe
I keep getting BSOD on my Windows 7 Ultimate. This usually occurs when I play games, but will also randomly happen. The comp is 8 months old. The computer will also sometimes restart by itself. Processor: AMD FX(tm) 8150 Eight-Core Processor RAM: G-SKILL 8gb Graphics Card: HD 7970 Radeon...- Aaron Lavigne
- Thread
- afd.sys amd bsod computer issues errors games graphics card hardware hd 7970 ntoskrnl.exe performance radeon ram restart software system crash tech support troubleshooting ultimate windows 7
- Replies: 2
- Forum: Windows Blue Screen of Death (BSOD)
-
"0x0000000A" Stop error when you perform ETW tracing on the Afd.sys driver in Windows 7 or in Window
More...- News
- Thread
- afd.sys driver issues error code etw tracing microsoft support stop error system crash technical support troubleshooting windows 7
- Replies: 0
- Forum: Knowledge Base (KB)
-
"0x0000000A" Stop error when you perform ETW tracing on the Afd.sys driver in Windows 7 or in Window
Fixes a "0x0000000A" Stop error that occurs when ETW tracing is used to collect information about the Afd.sys driver in Windows 7 or in Windows Server 2008 R2. More...- News
- Thread
- afd.sys driver issue error code etw tracing fix stop error system performance technical support windows 7 windows server
- Replies: 0
- Forum: Knowledge Base (KB)
-
R
Windows 7 Troubleshooting BSOD Error Related to afd.sys on Windows 7 During Browser Usage
I installed Windows 7 (build 7229) a few days ago and have been getting BSODs at "random" but it seems to always happen when I have a web browser open (I suppose its not random then :S) - EDIT: normally the browser with the trouble is FireFox but it also has happened using IE and...- rwing1
- Thread
- afd.sys browser bsod driver error firefox google chrome internet explorer minidump windows 7
- Replies: 1
- Forum: Windows Blue Screen of Death (BSOD)
-
X
Windows 7 Trouble Installing PCI Memory Controller Driver on Asus Z53S - BSOD Issues
Hi guys. Hi have the Asus Z53Sseries and i have a problem really anoying. I can't install the PCI memory controller driver. I tried some versions for Windows Vista and XP in compatible mode and it's still saying that the driver is missing. And occasionally, a BSOD is appearing with some STOP...- Xavi
- Thread
- afd.sys asus bsod compatibility controller driver hardware installation memory problems stop error support troubleshooting windows vista windows xp z53s
- Replies: 1
- Forum: Windows Help and Support
