windows security

Microsoft’s March 2026 patch batch includes a newly catalogued Windows Graphics Device Interface (GDI) vulnerability tracked as CVE‑2026‑25190, a high‑severity code‑execution issue that Microsoft and third‑party trackers describe as a GDI “Remote Code Execution” class problem—yet the technical...

Microsoft’s vulnerability catalog now lists CVE-2026-25189, a confirmed use‑after‑free defect in the Windows Desktop Window Manager (DWM) Core Library that permits an authorized local user to escalate privileges on affected systems. The vendor‑level metadata assigns a High impact profile (CVSS...

Microsoft's March 10, 2026 security update closes a high‑severity heap‑based buffer‑overflow in the Windows Telephony Service that Microsoft has catalogued as CVE‑2026‑25188 and which could allow an adjacent‑network attacker to elevate privileges on vulnerable systems. (msrc.microsoft.com)...

Microsoft has released fixes for a newly catalogued information-disclosure flaw in the Windows Accessibility Infrastructure — tracked as CVE-2026-25186 — that affects the ATBroker.exe helper process. The vulnerability allows a local, authenticated attacker to disclose sensitive information from...

Microsoft’s security advisory for CVE-2026-25185 names a new Windows Shell Link Processing Spoofing Vulnerability that can expose sensitive information and enable network-level spoofing—an important but medium-severity flaw that administrators should not ignore. (msrc.microsoft.com) Background...

Microsoft’s security telemetry recorded a new GDI+ vulnerability, tracked as CVE‑2026‑25181, which Microsoft classifies as an information disclosure issue in the Windows Graphics Component (GDI+); the vendor has published an update guide entry and a patch for affected systems on March 10, 2026...

Microsoft has recorded CVE‑2026‑25180 as an information disclosure defect in the Windows Graphics Component — an out‑of‑bounds read that can permit an unprivileged, local actor to leak sensitive memory from affected systems — and administrators should treat the advisory as actionable: verify...

Microsoft has recorded CVE-2026-25179 as a newly disclosed elevation-of-privilege vulnerability in the Windows Ancillary Function Driver for WinSock (AFD.sys), and system owners should treat it as an Important local privilege escalation that requires immediate inventorying and patching across...

A new use‑after‑free vulnerability (CVE‑2026‑25178) has been published in Microsoft’s “Ancillary Function Driver for WinSock” (AFD.sys) that allows an authorized local user to elevate privileges, and the vendor has listed the issue in its Security Update Guide. (msrc.microsoft.com) Summary —...

Microsoft today confirmed a high‑severity elevation‑of‑privilege flaw in the Windows Ancillary Function Driver for WinSock (AFD.sys) tracked as CVE‑2026‑25176, a kernel‑level improper access control defect that — if left unpatched — allows a locally authorized, low‑privileged user to elevate to...

Microsoft’s security catalog lists CVE-2026-25175 as a newly recorded elevation-of-privilege vulnerability in the Windows NTFS file system: an out-of-bounds read in the NTFS driver that, when triggered by a local, low-privileged account, can be converted into a SYSTEM-level compromise...

Microsoft has cataloged a new local elevation-of-privilege (EoP) vulnerability in the Windows Extensible File Allocation Table (exFAT) implementation — tracked as CVE-2026-25174 — an out‑of‑bounds read that Microsoft says can allow an authorized local attacker to escalate privileges to a higher...

Microsoft has published an advisory for CVE-2026-25172 — a high‑severity remote code execution flaw in the Windows Routing and Remote Access Service (RRAS) — that Microsoft and multiple independent trackers say is caused by an integer overflow / wraparound in RRAS and can be triggered remotely...

Microsoft has recorded CVE-2026-25171 as a local elevation-of-privilege (EoP) bug in Windows Authentication Methods — a use‑after‑free in authentication code that, if triggered by an already authorized local actor, can elevate privileges on an affected host; Microsoft’s advisory entry and...

Microsoft and independent trackers recorded CVE-2026-25170 on March 10, 2026 — a use‑after‑free (CWE‑416) vulnerability in Windows Hyper‑V that Microsoft classifies as an elevation‑of‑privilege flaw allowing an authorized local actor with low privileges to obtain higher privileges on the host...

Microsoft's March 2026 security bulletin added another entry to a long-running problem class: a divide-by-zero weakness in the Windows Graphics Component that can be triggered by an unprivileged local actor to cause a denial of service. The vulnerability, tracked as CVE-2026-25169, is classified...

Microsoft’s March 2026 security update closes a denial‑of‑service weakness in the Windows Graphics Component tracked as CVE‑2026‑25168, a local null‑pointer dereference that can crash graphics‑handling processes and render affected systems unavailable until a reboot or service restart. The...

Microsoft has published details for CVE-2026-25167, a use‑after‑free elevation‑of‑privilege flaw in the Microsoft Brokering File System (BFS) that can allow a locally‑accessible attacker to escalate to SYSTEM‑level privileges on unpatched machines; Microsoft lists the vulnerability in the March...

Microsoft’s security trackers and independent feeds today record CVE-2026-25165 as an elevation-of-privilege vulnerability in the Windows Performance Counters subsystem — a null-pointer dereference that, when triggered by an authenticated local user, can be weaponized to escalate to system-level...

Microsoft released a security update on March 10, 2026 that addresses CVE‑2026‑24297, a Windows Kerberos "Security Feature Bypass" vulnerability caused by a race condition in the Kerberos implementation; Microsoft classifies the flaw as Important and has published a patch as part of the March...