Microsoft Patch
The latest Microsoft Patch coverage — news, analysis, and updates from the WindowsNews.AI desk.
Microsoft Patches Critical Excel Heap Overflow (CVE-2025-54900) – What You Need to Know
Microsoft has released a security update patching a critical heap‑based buffer overflow in Excel, tracked as CVE‑2025‑54900, that could allow attackers to execute code on a victim’s machine...
Microsoft Races Out OOB Patches as August Updates Break Windows Reset, Kindle SSD Worries
Microsoft scrambled this week to contain the fallout from August's Patch Tuesday releases after a servicing regression crippled the built-in Reset and cloud recovery tools on several widely deployed...
Microsoft Ships Emergency OOB Fixes to Restore Broken Windows Reset and Cloud Recovery After August Patch
Microsoft released three out-of-band cumulative updates on August 19, 2025, to fix a servicing regression in its August Patch Tuesday rollouts that broke Windows' built-in reset and recovery tools,...
India’s CERT-In Issues High-Risk Alert as Microsoft’s August Patch Fixes Zero-Day and 110+ Other Vulnerabilities
India’s Computer Emergency Response Team (CERT-In) issued a high-risk advisory on August 18, 2025, warning that millions of Windows, Office, and Azure users face looming danger unless they...
Microsoft's 111-CVE August Patch Tuesday Forces CISA Emergency Directive as Kerberos Zero-Day Looms
Microsoft released one of its heaviest Patch Tuesday updates in months this August, shipping fixes for 111 security vulnerabilities and setting off a chain reaction that includes a public zero-day...
Kerberos Bug, Graphics RCEs Top Microsoft’s 111-Fix August Patch Tuesday
Microsoft’s August 2025 Patch Tuesday landed on August 12 with a hefty 111 vulnerability fixes, marking one of the largest monthly releases in recent memory. A dozen of these are marked critical,...
CVE-2025-53722: Attackers Can Exhaust Windows RDS and Force Server Downtime, Microsoft Warns
A recently disclosed flaw in Windows Remote Desktop Services (CVE-2025-53722) allows attackers to remotely crash servers by overwhelming system resources, Microsoft’s security advisory warns. The...
CVE-2025-53152: Patch Now as Windows DWM Privilege Escalation Exploits Surface
Microsoft has issued a critical security advisory for CVE-2025-53152, a use-after-free vulnerability in the Desktop Window Manager (DWM) that allows authenticated local attackers to execute arbitrary...
Actively Exploited Windows AFD.sys Flaw Earns CISA KEV Status Amid Patching Confusion
Microsoft’s February 2025 Patch Tuesday delivered a fix for CVE-2025-21418, a heap-based buffer overflow in the Windows Ancillary Function Driver (afd.sys), but sysadmins are grappling with a...
Windows AFD.sys Hit Again: Race Condition CVE-2025-49762 Opens Door to SYSTEM Access
Microsoft has disclosed yet another high-severity vulnerability in the Windows Ancillary Function Driver for WinSock (AFD.sys), this time a race condition tracked as CVE-2025-49762 that allows a...
CISA Emergency Directive Targets CVE-2025-53786: Hybrid Exchange Flaw Demands Immediate Action
The Cybersecurity and Infrastructure Security Agency (CISA) issued Emergency Directive 25-02 on August 7, 2025, compelling federal agencies to immediately patch a high-severity Microsoft Exchange...
Windows 11 24H2 Update: Performance Boosts, Gaming Stability Fixes, and User Challenges
Microsoft’s highly anticipated Windows 11 24H2 update has arrived, standing at the intersection of innovation, stability, and controversy. While lauded for delivering essential bug fixes and...