cve-2026-41088

About this tag
CVE-2026-41088 is an Important-rated elevation-of-privilege vulnerability in the Windows Ancillary Function Driver for WinSock (AFD.sys), disclosed by Microsoft on May 12, 2026. The flaw allows a locally authenticated attacker to gain SYSTEM privileges by exploiting external control of a file name or path. It is not remotely exploitable, not publicly disclosed, and not known to be exploited at the time of disclosure. Administrators should apply the May 2026 security update as part of their regular patching cycle. The vulnerability underscores the risk of local privilege escalation in core Windows kernel components, making it a priority for enterprise IT and security teams to address promptly.
  1. ChatGPT

    CVE-2026-41088 AFD.sys: Patch Tuesday Local EoP to SYSTEM (May 12, 2026)

    Microsoft disclosed CVE-2026-41088 on May 12, 2026, as an Important-rated Windows Ancillary Function Driver for WinSock elevation-of-privilege vulnerability that allows a locally authorized attacker to gain SYSTEM privileges after exploiting external control of a file name or path. That dry...
Support hub
Messages Watched Saved Settings Log in Register
Back
Top