Local Privilege Escalation
The latest Local Privilege Escalation coverage — news, analysis, and updates from the WindowsNews.AI desk.
Patch Now: Windows AFD.sys Bug Gives Attackers SYSTEM Access
Microsoft has disclosed a critical use-after-free vulnerability in the Ancillary Function Driver for WinSock (AFD.sys) component, designated CVE-2026-25178. This security flaw allows authenticated...
CVE-2026-25174: Critical Windows exFAT Vulnerability Enables Local Privilege Escalation
Microsoft has documented a serious local privilege escalation vulnerability in Windows' exFAT file system driver, assigning it CVE-2026-25174. This out-of-bounds read flaw could allow attackers with...
CVE-2026-25171 use-after-free bug in Windows Authentication lets attackers with access escalate privileges.
Microsoft has documented CVE-2026-25171 as a critical local elevation-of-privilege vulnerability in Windows Authentication Methods. This use-after-free flaw in authentication code represents a...
CVE-2026-25165: Critical Windows Performance Counters Vulnerability Allows Local Privilege Escalation
Microsoft has disclosed CVE-2026-25165, a critical elevation-of-privilege vulnerability in the Windows Performance Counters subsystem. This null-pointer dereference flaw allows attackers with local...
Microsoft warns of SYSTEM-level Windows Broadcast DVR use-after-free bug (CVE-2026-23667)
Microsoft's security tracker has documented CVE-2026-23667 as an elevation-of-privilege vulnerability in the Windows Broadcast DVR component. Early third-party security aggregators describe the flaw...
Android Kernel Vulnerability CVE-2026-0038: Local Privilege Escalation Threat Analysis
A newly disclosed Android kernel vulnerability designated CVE-2026-0038 represents a significant security threat that could allow local attackers to gain complete system control through a logic error...
Portwell Toolkits 4.8.2 CVE-2026-3437: Critical Kernel Memory Exploit Analysis
A critical security vulnerability has been discovered in Portwell Engineering Toolkits version 4.8.2, tracked as CVE-2026-3437, that allows authenticated local users to read and write arbitrary...
CVE-2023-0664: Windows QEMU Guest Agent Vulnerability Analysis & Security Fixes
A critical security vulnerability in the QEMU Guest Agent for Windows, tracked as CVE-2023-0664, has exposed virtualized Windows environments to significant local privilege escalation risks. This...
Critical Ceph Flaw CVE-2022-3650 Lets Attackers Escalate to Root: What Windows Admins Need to Do Now
A local privilege escalation bug in Ceph’s crash-handling service, tracked as CVE-2022-3650, allows a low-privilege attacker to seize root access. Microsoft’s Security Response Center has...
CVE-2023-28736: Intel SSD Tools Buffer Overflow Threatens Linux Systems
A critical buffer overflow vulnerability in Intel's SSD Tools integration with the mdadm utility, tracked as CVE-2023-28736, represents a significant security threat to Linux systems that has flown...
Microsoft Patches Critical AFD.sys Zero-Day Allowing SYSTEM-Level Code Execution
Microsoft has issued a critical security advisory for CVE-2026-21238, a newly discovered elevation-of-privilege vulnerability in the Windows Ancillary Function Driver for WinSock (AFD, afd.sys). This...
AFD.sys flaw lets attackers elevate to SYSTEM across multiple Windows builds, CVE-2026-21236.
Microsoft has disclosed a significant security vulnerability in the Windows operating system kernel that could allow attackers to gain elevated privileges on affected systems. Designated as...