Live
Microsoft Rushes Patch for BFS Kernel Bug CVE-2025-53142 That Hands Attackers SYSTEM Access·MSFT +0.1%CVE-2025-53141: Microsoft Fixes AFD.sys Null Pointer Bug Enabling Local SYSTEM Escalation·NVDA +3.0%Patch Now: CVE-2025-53140 Kernel Transaction Manager Use-After-Free Enables Local Privilege Escalation on Windows·GOOGL +1.2%CVE-2025-53138: Windows Server RRAS Vulnerability Leaks Sensitive Memory·AMZN +2.9%CVE-2025-53137: Microsoft’s AFD.sys Patch Stops Local Attackers from Hijacking SYSTEM·MSFT +0.1%Actively Exploited Windows AFD.sys Flaw Earns CISA KEV Status Amid Patching Confusion·NVDA +3.0%Microsoft Patches Critical DirectX Kernel Race Condition Exploit (CVE-2025-53135) Threatening Windows Systems·GOOGL +1.2%CVE-2025-26636: Windows Kernel Info Leak Exploits Processor Optimizations to Steal Secrets·AMZN +2.9%Microsoft Rushes Patch for BFS Kernel Bug CVE-2025-53142 That Hands Attackers SYSTEM Access·MSFT +0.1%CVE-2025-53141: Microsoft Fixes AFD.sys Null Pointer Bug Enabling Local SYSTEM Escalation·NVDA +3.0%Patch Now: CVE-2025-53140 Kernel Transaction Manager Use-After-Free Enables Local Privilege Escalation on Windows·GOOGL +1.2%CVE-2025-53138: Windows Server RRAS Vulnerability Leaks Sensitive Memory·AMZN +2.9%CVE-2025-53137: Microsoft’s AFD.sys Patch Stops Local Attackers from Hijacking SYSTEM·MSFT +0.1%Actively Exploited Windows AFD.sys Flaw Earns CISA KEV Status Amid Patching Confusion·NVDA +3.0%Microsoft Patches Critical DirectX Kernel Race Condition Exploit (CVE-2025-53135) Threatening Windows Systems·GOOGL +1.2%CVE-2025-26636: Windows Kernel Info Leak Exploits Processor Optimizations to Steal Secrets·AMZN +2.9%

Security Alerts

The latest Security Alerts coverage — news, analysis, and updates from the WindowsNews.AI desk.

12 stories in view AI assisted desk updated 10:55 AM
Latest Most Read Breaking
Sort
Bfs Vulnerability · Cve-2025-53142

Microsoft Rushes Patch for BFS Kernel Bug CVE-2025-53142 That Hands Attackers SYSTEM Access

Microsoft has issued a security advisory for CVE-2025-53142, a use-after-free vulnerability in the Windows Brokering File System (BFS) that allows an authenticated local attacker to escalate...

Advertisement
Afd.sys · Cve-2025-53137

CVE-2025-53137: Microsoft’s AFD.sys Patch Stops Local Attackers from Hijacking SYSTEM

A use-after-free vulnerability in the Windows Ancillary Function Driver for WinSock (AFD.sys), tracked as CVE-2025-53137, hands any local attacker with a toehold on a machine a direct path to SYSTEM...

SE Security Desk·46w ago
Afd.sys · Cisa

Actively Exploited Windows AFD.sys Flaw Earns CISA KEV Status Amid Patching Confusion

Microsoft’s February 2025 Patch Tuesday delivered a fix for CVE-2025-21418, a heap-based buffer overflow in the Windows Ancillary Function Driver (afd.sys), but sysadmins are grappling with a...

SE Security Desk·46w ago
Cve-2025-53135 · Directx

Microsoft Patches Critical DirectX Kernel Race Condition Exploit (CVE-2025-53135) Threatening Windows Systems

Microsoft has released a security update for a local privilege escalation vulnerability in the Windows DirectX Graphics Kernel, tracked as CVE-2025-53135. The flaw, residing in the dxgkrnl driver,...

SE Security Desk·46w ago
Cve-2025-53136 · Edr

CVE-2025-26636: Windows Kernel Info Leak Exploits Processor Optimizations to Steal Secrets

Microsoft's April 2025 Patch Tuesday quietly shipped a fix for CVE-2025-26636, a Windows NT kernel information disclosure that lets local attackers extract sensitive memory simply by triggering code...

SE Security Desk·46w ago
Cve · Cve-2024-49095

Patch Now: Critical Windows PrintWorkflowUserSvc Flaws Allow Attackers to Gain SYSTEM Privileges

Microsoft's December 2024 Patch Tuesday included a fix for CVE-2024-49095, a high-severity elevation of privilege vulnerability in the Windows PrintWorkflowUserSvc service that could give attackers...

SE Security Desk·46w ago
Cve-2025-53132 · Edr Detection

New Win32k GRFX Race Condition Lets Attackers Hijack Windows Systems — Patch Now

A race-condition vulnerability in the Windows Win32k GRFX kernel component, assigned CVE-2025-53132, enables local attackers to escalate privileges to SYSTEM and take full control of an unpatched...

SE Security Desk·46w ago
Cve-2025-53131 · Edr

Urgent Microsoft Patch Closes Remote Code Execution Hole in Windows Media: CVE-2025-53131

Microsoft has shipped a critical security update to plug a heap-based buffer overflow in Windows Media components that could hand remote attackers the ability to execute arbitrary code on unpatched...

SE Security Desk·46w ago
Cve-2025-50177 · Firewall

CVE-2025-50177: Critical Use-After-Free Bug in Microsoft Message Queuing Could Allow Remote Code Execution

{ "title": "CVE-2025-50177: Critical Use-After-Free Bug in Microsoft Message Queuing Could Allow Remote Code Execution", "content": "Microsoft has dropped a bombshell on Windows administrators: a...

SE Security Desk·46w ago