cve-2026-45598

CVE-2026-45598 is an Important-rated elevation-of-privilege vulnerability in the Windows Ancillary Function Driver for WinSock (AFD.sys), disclosed by Microsoft on June 9, 2026. This local privilege escalation flaw allows an authorized attacker to raise privileges on affected Windows systems. AFD.sys is a core component that enables network communication for Windows applications, making bugs in this layer particularly dangerous as they can turn local access into full system compromise. Discussions on WindowsForum focus on understanding the risk, applying the official fix, and the broader implications for Windows security. Administrators are advised to prioritize this update as part of Patch Tuesday deployments.