Articles from December 2025
Browse all Windows news articles published in December 2025
CVE-2025-38643: Linux Wireless Lock Bug Impacts Azure Linux and More
CVE-2025-38643 is a recently disclosed Linux kernel vulnerability in the wireless subsystem — a missing lock in cfg80211_check_and_end_cac — and whil
CVE-2025-38659: GFS2 in Azure Linux Kernels Detection and Patch Guide
The Linux kernel Global File System 2 (GFS2) just earned a new CVE — CVE‑2025‑38659 — for a defect described upstream as “No more self recovery,” and Microsoft’s initial public position names the Azur
CVE-2025-38626 F2FS Exposure in Azure Linux and WSL Verification Guide
The Linux kernel vulnerability CVE-2025-38626 — a correctness fix in the F2FS (Flash‑Friendly File System) driver that ensures foreground garbage collection is triggered earlier when mounted with mode
Keras Tar Extraction CVE-2025-12638: Patch in 3.12.0
Keras’s popular helper function for downloading and unpacking model assets, keras.utils.get_file, contains a dangerous extraction shortcut: when asked to extract tar archives it relied on Python’s tar
CVE-2025-66221 Windows DoS in Werkzeug safe_join fixed in 3.1.4
The Werkzeug safe_join vulnerability tracked as CVE-2025-66221 lets Windows-only special device names (for example, CON, AUX, NUL, COMx, LPTx) slip past path validation and be treated like ordinary fi
CVE-2025-64506 Libpng 1.6.51 Patch Fixes Heap Buffer Over-read in Write API
A heap buffer over-read has been disclosed in the libpng library’s simplified write API: CVE-2025-64506 affects libpng versions 1.6.0 through 1.6.50 and is patched in libpng 1.6.51; the flaw stems fro
wolfSSL TLS 1.3 DoS Fix: CVE-2025-11936 in v5.8.4
wolfSSL has patched a denial‑of‑service weakness in its TLS 1.3 handshake code after researchers discovered that a specially crafted ClientHello containing duplicate KeyShareEntry values for the same
Libpng CVE-2025-64505 Patch 1.6.51 to Prevent PNG Palette Heap Read
A recently disclosed vulnerability in the widely used LIBPNG library — tracked as CVE‑2025‑64505 — allows a crafted PNG file with malformed palette indices to provoke a heap buffer over‑read in libpng
TLS 1.2 Digest Downgrade Bug CVE-2025-12889 Fixed in wolfSSL 5.8.4
A newly recorded flaw in TLS 1.2 implementations lets a client deliberately choose a weaker message digest than the server requested during client-certificate authentication — a subtle but real violat
Azure Local and Arc Unite Sovereign Cloud with Edge AI
Microsoft’s latest push to bring AI, resiliency, and sovereignty together in a single, unified cloud story is more than incremental product updates — it’s a
CVE-2025-11932: WolfSSL TLS 1.3 PSK Binder Timing Fix in 5.8.4
The TLS 1.3 pre-shared key (PSK) binder verification in wolfSSL contained a timing side‑channel: a non‑constant‑time comparison allowed tiny timing differences during binder verification that could, i
CUPS CVE-2025-58436 Slow Client DoS and Patch Guidance
A single, slow client can stall the Common UNIX Printing System (CUPS) daemon (cupsd) and render an entire print service unusable — a denial‑of‑service vulnerability tracked as CVE‑2025‑58436 that was