2 months ago 1 min read

CVE-2026-25176: Critical AFD.sys Kernel Vulnerability Threatens Windows Systems

Microsoft has confirmed a high-severity elevation-of-privilege vulnerability in the Windows Ancillary Function Driver for WinSock (AFD.sys) tracked as CVE-2026-25176. This kernel-level improper...

afd sys elevation of privilege kernel vulnerability

Windows News Team

2 months ago 1 min read

CVE-2026-25175: Critical Windows NTFS Privilege Escalation Vulnerability Discovered

Microsoft has documented a new elevation-of-privilege vulnerability in the Windows NTFS file system driver, designated CVE-2026-25175. The security flaw involves an out-of-bounds read in the NTFS...

kernel vulnerability ntfs privilege escalation

Windows News Team

2 months ago 1 min read

CVE-2026-25174: Critical Windows exFAT Vulnerability Enables Local Privilege Escalation

Microsoft has documented a serious local privilege escalation vulnerability in Windows' exFAT file system driver, assigning it CVE-2026-25174. This out-of-bounds read flaw could allow attackers with...

cve 2026 25174 exfat vulnerability local privilege escalation

Windows News Team

2 months ago 1 min read

CVE-2026-25172: Critical RRAS Vulnerability Allows Unauthenticated Remote Code Execution

Microsoft has disclosed a critical security vulnerability in Windows Routing and Remote Access Service (RRAS) that enables unauthenticated attackers to execute arbitrary code on affected systems....

remote code execution rras vulnerability vulnerability trackers

Windows News Team

2 months ago 1 min read

CVE-2026-25171: Windows Authentication Use-After-Free Vulnerability Enables Local Privilege Escalation

Microsoft has documented CVE-2026-25171 as a critical local elevation-of-privilege vulnerability in Windows Authentication Methods. This use-after-free flaw in authentication code represents a...

cve 2026 25171 local privilege escalation use-after-free

Windows News Team

2 months ago 1 min read

CVE-2026-25170: Windows Hyper-V Use-After-Free Vulnerability Enables Local Privilege Escalation

Microsoft documented CVE-2026-25170 on March 10, 2026, a critical use-after-free vulnerability in Windows Hyper-V that enables local privilege escalation. The Common Weakness Enumeration identifier...

hyper-v memory corruption privilege escalation

Windows News Team

2 months ago 1 min read

CVE-2026-25169: Local Divide-by-Zero DoS Vulnerability in Windows Graphics Component

Microsoft's March 2026 security updates include CVE-2026-25169, a local denial-of-service vulnerability in the Windows Graphics Component that allows unprivileged attackers to crash affected systems....

cve 2026 25169 denial of service graphics component

Windows News Team

2 months ago 1 min read

Microsoft Patches Windows Graphics Component DoS Vulnerability CVE-2026-25168 in March 2026 Update

Microsoft's March 2026 security update addresses a critical denial-of-service vulnerability in the Windows Graphics Component, tracked as CVE-2026-25168. This local null-pointer dereference flaw...

cve 2026 25168 graphics component patch tuesday

Windows News Team

2 months ago 1 min read

Microsoft Patches Critical BFS Driver Vulnerability CVE-2026-25167: Local Privilege Escalation Risk

Microsoft has disclosed CVE-2026-25167, a high-severity use-after-free vulnerability in the Microsoft Brokering File System (BFS) driver that enables local privilege escalation. The flaw, rated 7.8...

bfs driver kernel vulnerability use-after-free

Windows News Team

2 months ago 1 min read

CVE-2026-25165: Critical Windows Performance Counters Vulnerability Allows Local Privilege Escalation

Microsoft has disclosed CVE-2026-25165, a critical elevation-of-privilege vulnerability in the Windows Performance Counters subsystem. This null-pointer dereference flaw allows attackers with local...

cve 2026 25165 local privilege escalation patch tuesday

Windows News Team

2 months ago 1 min read

Microsoft Patches Critical Kerberos Security Bypass CVE-2026-24297 in March 2026 Update

Microsoft released a security update on March 10, 2026 addressing CVE-2026-24297, a Windows Kerberos security feature bypass vulnerability rated as important. This patch resolves a race condition in...

cve 2026 24297 kerberos patch tuesday 2026

Windows News Team

2 months ago 1 min read

Microsoft Patches Critical Windows Device Association Service Race Condition in March 2026 Patch Tuesday

Microsoft's March 10, 2026 Patch Tuesday security update addresses a critical vulnerability in the Windows Device Association Service that could allow local privilege escalation. Tracked as...

device association service patch tuesday privilege escalation

Windows News Team