Articles from 2026
Browse all Windows news articles published in 2026
Microsoft Patches ATBroker Information Disclosure Vulnerability CVE-2026-25186 in Windows Accessibility Infrastructure
Microsoft has addressed a newly cataloged information disclosure vulnerability in the Windows Accessibility Infrastructure, tracked as CVE-2026-25186, affecting the ATBroker.exe helper process. This...
CVE-2026-25185: Windows Shell Link Spoofing Vulnerability Exposes Sensitive Data
Microsoft has disclosed a critical Windows Shell Link processing vulnerability designated CVE-2026-25185 that enables network-level spoofing and information disclosure. The security flaw in how...
Patch for GDI+ flaw CVE-2026-25181 ships in Windows security update.
Microsoft has released a security update addressing CVE-2026-25181, an information disclosure vulnerability in the Windows Graphics Component (GDI+). The vulnerability, discovered through Microsoft's...
CVE-2026-25180: Windows Graphics Component Information Disclosure Vulnerability Analysis
Microsoft has documented CVE-2026-25180 as a critical information disclosure vulnerability in the Windows Graphics Component, specifically an out-of-bounds read that could allow unprivileged local...
CVE-2026-25179: Critical Windows AFD.sys Local Privilege Escalation Vulnerability Patched
Microsoft has patched a critical local privilege escalation vulnerability in the Windows Ancillary Function Driver for WinSock (AFD.sys) tracked as CVE-2026-25179. This kernel-level flaw allows...
Patch Now: Windows AFD.sys Bug Gives Attackers SYSTEM Access
Microsoft has disclosed a critical use-after-free vulnerability in the Ancillary Function Driver for WinSock (AFD.sys) component, designated CVE-2026-25178. This security flaw allows authenticated...
Microsoft's March 2026 Patch Fixes Critical Active Directory Vulnerability CVE-2026-25177
Microsoft released a critical security update on March 10, 2026, addressing CVE-2026-25177, an elevation-of-privilege vulnerability in Active Directory Domain Services. The company rates this...
CVE-2026-25176: Critical AFD.sys Kernel Vulnerability Threatens Windows Systems
Microsoft has confirmed a high-severity elevation-of-privilege vulnerability in the Windows Ancillary Function Driver for WinSock (AFD.sys) tracked as CVE-2026-25176. This kernel-level improper...
CVE-2026-25175: Critical Windows NTFS Privilege Escalation Vulnerability Discovered
Microsoft has documented a new elevation-of-privilege vulnerability in the Windows NTFS file system driver, designated CVE-2026-25175. The security flaw involves an out-of-bounds read in the NTFS...
CVE-2026-25174: Critical Windows exFAT Vulnerability Enables Local Privilege Escalation
Microsoft has documented a serious local privilege escalation vulnerability in Windows' exFAT file system driver, assigning it CVE-2026-25174. This out-of-bounds read flaw could allow attackers with...
CVE-2026-25173: Critical RCE Vulnerability in Windows RRAS VPN Gateways Demands Immediate Patching
Microsoft has confirmed active exploitation of CVE-2026-25173, a critical remote code execution vulnerability in the Windows Routing and Remote Access Service (RRAS) that affects VPN gateways across...
CVE-2026-25172: Critical RRAS Vulnerability Allows Unauthenticated Remote Code Execution
Microsoft has disclosed a critical security vulnerability in Windows Routing and Remote Access Service (RRAS) that enables unauthenticated attackers to execute arbitrary code on affected systems....