Microsoft has issued a fix for CVE-2026-57973, a Windows Subsystem for Linux 2 vulnerability that could let a locally authorized attacker tamper with data through a race condition in the WSL2 environment. The affected WSL package range is version 5.0.0.0 through versions earlier than 2.7.10...
Microsoft has patched CVE-2026-57968, a high-severity local elevation-of-privilege flaw in Windows Subsystem for Linux 2, by shipping WSL version 2.7.8 and later. The advisory, published July 14, 2026, identifies a buffer over-read that can let an authorized attacker elevate privileges locally...