Security Patch
The latest Security Patch coverage — news, analysis, and updates from the WindowsNews.AI desk.
Silent CAN Transmission Halt in Linux USB Driver Gets a Patch
Linux systems that use USB-connected CAN bus adapters face a newly patched vulnerability that can quietly choke off all data transmission, potentially disabling industrial machinery, automotive...
Linux Kernel MOST USB Vulnerability CVE-2025-68290: Double-Free Bug Patched
The Linux kernel development community has addressed a significant security vulnerability in the MOST USB subsystem, tracked as CVE-2025-68290, which involved a double-free memory corruption bug that...
CVE-2025-2912: Critical HDF5 Heap Overflow Vulnerability Patched in Version 1.14.6
A critical heap-based buffer overflow vulnerability in the widely-used HDF5 scientific data format library has been patched in version 1.14.6, addressing a flaw that could allow attackers to execute...
CVE-2025-68114: Critical Memory Safety Vulnerability in Capstone Disassembly Framework
The cybersecurity community is currently addressing a significant memory safety vulnerability in the Capstone disassembly framework, designated as CVE-2025-68114. This security flaw, discovered in...
CVE-2025-68161: Log4j Core TLS Hostname Verification Flaw Explained
A newly disclosed vulnerability in Apache Log4j Core has security teams revisiting the logging framework that previously caused global disruption with the Log4Shell vulnerability. Designated...
MSMQ Breaks After December 2025 Patch: OOB Fix, Root Cause & Enterprise Impact
Microsoft's December 2025 security updates triggered a critical compatibility regression that left enterprise Message Queuing (MSMQ) systems inoperable, forcing the company to release an emergency...
Linux CoreSight CVE-2025-38131: Security Patch for Configfs Race Condition
The Linux kernel development community has addressed a significant security vulnerability in the CoreSight debugging infrastructure with the release of a targeted fix for CVE-2025-38131. This...
Chrome December 2025 Security Patch Fixes Critical WebGPU & V8 Vulnerabilities
Google has released its December 2025 stable channel update for Chrome, addressing two high-severity vulnerabilities that could have allowed attackers to execute arbitrary code or cause browser...
Linux Kernel Patch Fixes AMD Display Race Condition CVE-2025-68196: Security Implications for Windows Users
A critical security patch addressing CVE-2025-68196 has been deployed in the Linux kernel, fixing a race condition vulnerability in the AMD DRM display stack that could lead to system crashes and...
Linux MTD Overflow Patch CVE-2025-68237: Security Implications & Windows Parallels
A critical vulnerability in the Linux kernel's Memory Technology Device (MTD) subsystem, designated CVE-2025-68237, has been patched, addressing an integer overflow flaw in the mtdchar read/write...
CVE-2025-68261: The Ext4 Race That Can Crash Linux Hosts—Here’s How to Fix It
A newly disclosed vulnerability in the Linux kernel’s ext4 filesystem can allow an attacker or buggy process to crash the entire host—and the fix is a simple one-line locking change. Cataloged as...
CVE-2025-68264: Linux ext4 Inline Data Race Vulnerability Explained
A critical vulnerability in the Linux kernel's ext4 filesystem has been assigned CVE-2025-68264, exposing systems to potential kernel crashes through a race condition in inline data handling. This...