Articles from 2026
Browse all Windows news articles published in 2026
CVE-2026-25180: Windows Graphics Component Information Disclosure Vulnerability Analysis
Microsoft has documented CVE-2026-25180 as a critical information disclosure vulnerability in the Windows Graphics Component, specifically an out-of-bounds read that could allow unprivileged local...
CVE-2026-25179: Critical Windows AFD.sys Local Privilege Escalation Vulnerability Patched
Microsoft has patched a critical local privilege escalation vulnerability in the Windows Ancillary Function Driver for WinSock (AFD.sys) tracked as CVE-2026-25179. This kernel-level flaw allows...
Patch Now: Windows AFD.sys Bug Gives Attackers SYSTEM Access
Microsoft has disclosed a critical use-after-free vulnerability in the Ancillary Function Driver for WinSock (AFD.sys) component, designated CVE-2026-25178. This security flaw allows authenticated...
Microsoft's March 2026 Patch Fixes Critical Active Directory Vulnerability CVE-2026-25177
Microsoft released a critical security update on March 10, 2026, addressing CVE-2026-25177, an elevation-of-privilege vulnerability in Active Directory Domain Services. The company rates this...
CVE-2026-25176: Critical AFD.sys Kernel Vulnerability Threatens Windows Systems
Microsoft has confirmed a high-severity elevation-of-privilege vulnerability in the Windows Ancillary Function Driver for WinSock (AFD.sys) tracked as CVE-2026-25176. This kernel-level improper...
CVE-2026-25175: Critical Windows NTFS Privilege Escalation Vulnerability Discovered
Microsoft has documented a new elevation-of-privilege vulnerability in the Windows NTFS file system driver, designated CVE-2026-25175. The security flaw involves an out-of-bounds read in the NTFS...
CVE-2026-25174: Critical Windows exFAT Vulnerability Enables Local Privilege Escalation
Microsoft has documented a serious local privilege escalation vulnerability in Windows' exFAT file system driver, assigning it CVE-2026-25174. This out-of-bounds read flaw could allow attackers with...
CVE-2026-25173: Critical RCE Vulnerability in Windows RRAS VPN Gateways Demands Immediate Patching
Microsoft has confirmed active exploitation of CVE-2026-25173, a critical remote code execution vulnerability in the Windows Routing and Remote Access Service (RRAS) that affects VPN gateways across...
CVE-2026-25172: Critical RRAS Vulnerability Allows Unauthenticated Remote Code Execution
Microsoft has disclosed a critical security vulnerability in Windows Routing and Remote Access Service (RRAS) that enables unauthenticated attackers to execute arbitrary code on affected systems....
CVE-2026-25171 use-after-free bug in Windows Authentication lets attackers with access escalate privileges.
Microsoft has documented CVE-2026-25171 as a critical local elevation-of-privilege vulnerability in Windows Authentication Methods. This use-after-free flaw in authentication code represents a...
CVE-2026-25170: Windows Hyper-V Use-After-Free Vulnerability Enables Local Privilege Escalation
Microsoft documented CVE-2026-25170 on March 10, 2026, a critical use-after-free vulnerability in Windows Hyper-V that enables local privilege escalation. The Common Weakness Enumeration identifier...
Microsoft fixes local Windows Graphics Component bug that can crash systems via divide-by-zero flaw.
Microsoft's March 2026 security updates include CVE-2026-25169, a local denial-of-service vulnerability in the Windows Graphics Component that allows unprivileged attackers to crash affected systems....