Articles from 2025
Browse all Windows news articles published in 2025
Windows Firewall’s Memory Misfire: How CVE-2025-54094 Opens a Door to SYSTEM Privileges
A newly disclosed privilege escalation vulnerability in the Windows Defender Firewall Service allows attackers with a foothold on a system to seize complete control, elevating standard user...
CVE-2025-54093: Windows TCP/IP Race Condition Grants SYSTEM Access – Patch Now
Microsoft has disclosed a local elevation-of-privilege vulnerability in the Windows TCP/IP driver that gives authenticated attackers a clear path to SYSTEM-level control. Tracked as CVE-2025-54093...
Microsoft Issues Urgent Fix for Windows Defender Firewall Type-Confusion EoP (CVE-2025-54104)
Microsoft has confirmed a critical elevation-of-privilege vulnerability in the Windows Defender Firewall Service (MpsSvc) that could enable an attacker with local access to escalate to SYSTEM-level...
No-Reboot PSDirect Fix for Windows 11 Enterprise LTSC 2024 Arrives via Hotpatch KB5066360
Microsoft released a targeted security hotpatch, KB5066360, for Windows 11 Enterprise LTSC 2024 on September 9, 2025, addressing a critical vulnerability in PowerShell Direct (PSDirect) that could...
KB5065431 for Windows 11: Combined SSU/LCU, SMB Auditing, and MSI Repair Fixes
Microsoft’s Patch Tuesday for September 9, 2025 delivers a cumulative security update, KB5065431, for Windows 11 versions 22H2 and 23H2. The update bumps OS builds to 22621.5909 for the feature-off...
Microsoft Warns: New Windows Management Service UAF Bug Could Hand Attackers SYSTEM Control
Microsoft’s Security Response Center has published a critical security advisory for a use-after-free vulnerability in the Windows Management Service that could allow an authenticated local attacker...
Critical Hyper-V Privilege Escalation Flaw (CVE-2025-54098) Demands Immediate Patching
Microsoft has released a security update to fix a serious privilege escalation vulnerability in Windows Hyper-V, tracked as CVE-2025-54098, that could allow an attacker with local access to elevate...
CVE-2025-54091: Windows Hyper-V Integer Overflow Lets Attackers Gain SYSTEM on Hosts
A critical integer overflow vulnerability in Windows Hyper-V, tracked as CVE-2025-54091, allows authenticated local attackers to escalate privileges to SYSTEM level on the host machine, Microsoft has...
CVE-2025-53810: Urgent Windows Type-Confusion Bug Grants Attackers SYSTEM Access
A type-confusion flaw in a core Windows service, tracked as CVE-2025-53810, allows any authenticated local user to escalate privileges to SYSTEM, Microsoft’s Security Response Center confirmed in a...
Windows Hyper-V Race Condition Flaw (CVE-2025-54092) Enables Attackers to Seize Host Control
Microsoft has disclosed a dangerous race condition vulnerability in Windows Hyper-V that could allow a local attacker to seize SYSTEM-level privileges on the host. Tracked as CVE-2025-54092, the flaw...
Critical Windows LSASS Bug Exposes Domain Controllers to Authentication DoS Attacks
Microsoft’s latest security advisory for CVE-2025-53809 details a network-exploitable denial-of-service flaw in the Windows Local Security Authority Subsystem Service, the bedrock of authentication...
Microsoft Patches Type Confusion Flaw in Windows Defender Firewall That Risks System Compromise
Microsoft has released a security update to fix a critical elevation-of-privilege vulnerability in the Windows Defender Firewall Service that could allow an authenticated attacker to gain...