cve 2026 25168

About this tag
CVE-2026-25168 is a denial-of-service vulnerability in the Windows Graphics Component that was fixed in Microsoft's March 2026 security update. The flaw is a local null-pointer dereference that can crash graphics-handling processes, making the system unavailable until a reboot or service restart. It requires no privilege escalation or user interaction and has a CVSSv3.1 base score of 6.2, indicating medium severity. The vulnerability was addressed as part of the March 2026 Patch Tuesday release. Discussions on WindowsForum.com cover the technical details, impact, and mitigation steps for CVE-2026-25168, helping users understand the risk and apply the necessary updates.
  1. CVE-2026-25168 DoS in Windows Graphics Component Fixed in March 2026 Update

    Microsoft’s March 2026 security update closes a denial‑of‑service weakness in the Windows Graphics Component tracked as CVE‑2026‑25168, a local null‑pointer dereference that can crash graphics‑handling processes and render affected systems unavailable until a reboot or service restart. The...