You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
windows wsim security
About this tag
The windows wsim security tag covers vulnerabilities and patching guidance for Windows System Image Manager (WSIM), a component of the Windows Assessment and Deployment Kit (ADK). Recent content focuses on CVE-2026-25166, a deserialization flaw in WSIM that allows local low-privilege attackers to achieve remote code execution by supplying crafted data. Microsoft has addressed this issue in its Security Update Guide, and discussions include patch deployment steps and risk mitigation for enterprise IT environments using WSIM for Windows image customization and deployment.
Microsoft has added CVE‑2026‑25166 to its Security Update Guide for the Windows Assessment and Deployment Kit (ADK), identifying a deserialization flaw in Windows System Image Manager (WSIM) that can lead to remote code execution — in practice, a local attacker with low‑privilege access can...