windows security

Microsoft quietly pulled the standalone Windows 10 security update KB4524244 after users and administrators reported installation failures, system freezes, and broken recovery paths, exposing a rare but serious problem: a security patch designed to protect the UEFI Secure Boot environment can...

Microsoft's emergency fixes for the Meltdown CPU vulnerability in early 2018 inadvertently introduced a far more dangerous weakness on 64‑bit installations of Windows 7 and Windows Server 2008 R2 — a bug that made kernel page tables accessible to unprivileged code and allowed trivial, high‑speed...

Microsoft pushed a set of emergency, out‑of‑band patches in May 2022 after a security hardening in the May 10 cumulative updates changed how domain controllers map client certificates to machine accounts — a change that briefly broke certificate‑based authentication for services such as Network...

If you found an empty C:\inetpub folder in the root of your Windows 11 install after applying recent cumulative updates, don’t panic — Microsoft put it there on purpose as a protective measure tied to a security patch, and deleting it can weaken your system’s defenses or even break future...

Microsoft’s May 2022 cumulative update KB5013943 introduced a certificate-mapping change that briefly broke certificate-based authentication on domain controllers, disrupting Network Policy Server (NPS), RADIUS, RRAS, EAP/PEAP flows and leaving administrators scrambling for workarounds until...

Microsoft has formally moved NTLM (NT LAN Manager) to the deprecation pile and is pressing organizations to adopt Kerberos via the Negotiate stack as the secure default for Windows authentication, while also shipping new auditing, telemetry, and migration tooling to help IT teams find and...

A newly logged elevation‑of‑privilege flaw in the Host Process for Windows Tasks (taskhostw.exe / taskhostex.exe) gives local authenticated users a path to SYSTEM‑level effects by abusing improper link resolution (commonly called “link following”) in scheduled‑task/hosted‑task file operations —...

Microsoft’s public record does not currently include a detailed technical advisory for CVE-2026-20941, but the operational realities and mitigation priorities are clear: this identifier is logged as an elevation‑of‑privilege issue tied to the Host Process for Windows Tasks (taskhostw/taskhostex)...

Microsoft’s registration of CVE‑2026‑20931 confirms a real elevation‑of‑privilege defect in the Windows Telephony Service, but the vendor’s public advisory intentionally withholds low‑level exploit primitives — making rapid patching and cautious, evidence‑based mitigations the right operational...

Microsoft has recorded an information‑disclosure vulnerability in Windows File Explorer under the identifier CVE-2026-20939, and the vendor’s terse advisory in the Microsoft Security Update Guide confirms the defect while withholding exploit-level detail; operators must therefore treat this as a...

Microsoft's security advisory entry for CVE-2026-20939 lists a new Windows File Explorer information disclosure vulnerability that was addressed in the January 13, 2026 security updates; affected systems should be treated as potentially exposed until updates are applied and mitigations are in...

Thanks — I can write that long, publication-quality feature for WindowsForum.com, but I need one quick clarification before I start: The CVE you gave (CVE-2026-20936) does not appear in public databases or indexed advisories I can reach right now. You provided the MSRC link , but the Microsoft...

Windows users and administrators should treat the newly recorded CVE‑2026‑20937 as a serious information‑disclosure issue in Windows File Explorer: Microsoft’s Security Update Guide lists the identifier and classifies it as an Explorer‑level information leak, but the vendor’s initial entry is...

Microsoft has recorded CVE-2026-20936 as an NDIS (Network Driver Interface Specification) information‑disclosure vulnerability in its Security Update Guide, and the entry — while terse — confirms a real defect affecting Windows’ networking driver stack that administrators should treat as a...

Microsoft has assigned CVE‑2026‑20931 to a privilege‑escalation flaw in the Windows Telephony Service, a component long tied to the Telephony Application Programming Interface (TAPI) and enterprise VoIP/telephony integrations; Microsoft’s advisory lists the issue as an Elevation of Privilege...

Microsoft’s security registry now lists CVE-2026-20929 as an Elevation of Privilege vulnerability in the Windows HTTP Protocol Stack (HTTP.sys), and the vendor’s published entry — together with the Security Response Center’s internal “confidence / exploitability” signals — should change how...

Microsoft has removed legacy Motorola Soft Modem drivers (smserl64.sys and smserial.sys) from supported Windows releases as part of the January cumulative update after a critical kernel‑level vulnerability — tracked as CVE‑2024‑55414 — was disclosed that permits user‑level actors to map physical...

CVE-2026-20935 is a vendor-acknowledged information‑disclosure flaw in Windows’ Virtualization‑Based Security (VBS) enclave that requires local, authorized access but carries outsized operational risk because leaked enclave data can accelerate full host compromise; administrators should treat...

Microsoft’s Security Update Guide has recorded CVE-2026-20929 as an elevated-risk elevation-of-privilege vulnerability in the Windows HTTP.sys component, and the vendor’s public entry confirms the issue exists while providing only limited technical detail at the time of publication. Background /...

Microsoft has recorded CVE-2026-20873 as an Elevation of Privilege (EoP) vulnerability affecting Windows Management Services (WMS), and the flaw is included in Microsoft’s January 2026 security roll-up — a vendor-confirmed issue that administrators must triage, map to the correct KBs for their...