CVE-2025-50168
published 2025-08-12CVE-2025-50168: Access of resource using incompatible type ('type confusion') in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
PriorityP347high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.79%
51.4th percentile
Access of resource using incompatible type ('type confusion') in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
Affected
24 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_11_22h2 | < 10.0.22621.5768 | 10.0.22621.5768 |
| microsoft | windows_11_23h2 | < 10.0.22631.5768 | 10.0.22631.5768 |
| microsoft | windows_11_24h2 | < 10.0.26100.4851 | 10.0.26100.4851 |
| microsoft | windows_11_version_22h2 | >= 10.0.22621.0 < 10.0.22621.5768 | 10.0.22621.5768 |
| microsoft | windows_11_version_22h3 | >= 10.0.22631.0 < 10.0.22631.5768 | 10.0.22631.5768 |
| microsoft | windows_11_version_23h2 | >= 10.0.22631.0 < 10.0.22631.5768 | 10.0.22631.5768 |
| microsoft | windows_11_version_24h2 | >= 10.0.26100.0 < 10.0.26100.4946 | 10.0.26100.4946 |
| microsoft | windows_server_2022_23h2 | < 10.0.25398.1791 | 10.0.25398.1791 |
| microsoft | windows_server_2025 | < 10.0.26100.4851 | 10.0.26100.4851 |
| microsoft | windows_server_2025 | >= 10.0.26100.0 < 10.0.26100.4946 | 10.0.26100.4946 |
| msrc | azl3_kernel_6.6.57.1-7_on_azure_linux_3.0 | — | — |
| msrc | azl3_kernel_6.6.64.2-1_on_azure_linux_3.0 | — | — |
| msrc | cbl2_kernel_5.15.167.1-2_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_kernel_5.15.173.1-1_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |
| msrc | windows_11_version_22h2_for_arm64-based_systems | — | — |
| msrc | windows_11_version_22h2_for_x64-based_systems | — | — |
| msrc | windows_11_version_23h2_for_arm64-based_systems | — | — |
| msrc | windows_11_version_23h2_for_x64-based_systems | — | — |
| msrc | windows_11_version_24h2_for_arm64-based_systems | — | — |
| msrc | windows_11_version_24h2_for_x64-based_systems | — | — |
| msrc | windows_server_2022_23h2_edition | — | — |
| msrc | windows_server_2025 | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vendor_msrc7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Microsoft
Win32k Elevation of Privilege Vulnerability
vendor_msrc·2025-08-12·CVSS 7.8
CVE-2025-50168 [HIGH] CWE-843 Win32k Elevation of Privilege Vulnerability
Win32k Elevation of Privilege Vulnerability
Description: Access of resource using incompatible type ('type confusion') in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability?
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.
Windows Win32K - ICOMP: Windows Win32K - ICOMP
Microsoft: Microsoft
Customer Action Required: Yes
Impact: Elevation of Privilege
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5063875
Reference: https://support.microsoft.com/help/5063875
Reference: https://catalog.update.
Microsoft
net/sun3_82586: fix potential memory leak in sun3_82586_send_packet()
vendor_msrc·2024-11-12·CVSS 5.5
CVE-2024-50168 [MEDIUM] net/sun3_82586: fix potential memory leak in sun3_82586_send_packet()
net/sun3_82586: fix potential memory leak in sun3_82586_send_packet()
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
Linux: Linux
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
Reference:
GHSA
GHSA-xfmm-x85m-hhmr: Access of resource using incompatible type ('type confusion') in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally
ghsa_unreviewed·2025-08-12
CVE-2025-50168 [HIGH] CWE-122 GHSA-xfmm-x85m-hhmr: Access of resource using incompatible type ('type confusion') in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally
Access of resource using incompatible type ('type confusion') in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
No detection rules found.
No public exploits indexed.
Bleepingcomputer
Microsoft August 2025 Patch Tuesday fixes one zero-day, 107 flaws
blogs_bleepingcomputer·2025-08-12·CVSS 7.2
[HIGH] Microsoft August 2025 Patch Tuesday fixes one zero-day, 107 flaws
## Microsoft August 2025 Patch Tuesday fixes one zero-day, 107 flaws
## Lawrence Abrams
44 Elevation of Privilege Vulnerabilities
35 Remote Code Execution Vulnerabilities
18 Information Disclosure Vulnerabilities
4 Denial of Service Vulnerabilities
9 Spoofing Vulnerabilities
When BleepingComputer reports on the Patch Tuesday security updates, we only count those released on Patch Tuesday. Therefore, the number of flaws does not include Mariner, Azure, and Microsoft Edge bugs fixed earlier this month.
To learn more about the non-security updates released today, you can review our dedicated articles on the Windows 11 KB5063878 & KB5063875 cumulative updates and the Windows 10 KB5063709 cumulative update .
## One publicly disclosed zero-day fixed
This month's Patch Tuesday fixes one
Qualys
Microsoft and Adobe Patch Tuesday, August 2025 Security Update Review | Qualys
blogs_qualys·2025-08-12
Microsoft and Adobe Patch Tuesday, August 2025 Security Update Review | Qualys
#### Table of Contents
- Microsoft Patch Tuesday for August 2025
- Adobe Patches for August 2025
- Zero-day Vulnerability Patched in August Patch Tuesday Edition
- Critical Severity Vulnerabilities Patched in August Patch Tuesday Edition
- Other Microsoft Vulnerability Highlights
- Microsoft Release Summary
- Discover and Prioritize Vulnerabilities inVulnerability Management, Detection & Response (VMDR)
- Rapid Response withPatch Management (PM)
- Microsoft July 2025 Patch Tuesday Mitigations
- Qualys Monthly Webinar Series
It’s the second Tuesday of August, and Microsoft has rolled out its latest security updates. Microsoft’s August 2025 Patch Tuesday has arrived, bringing a fresh wave of security fixes to help organizations stay ahead of evolving threats. Here’s a quick breakdown of wh
Talos
Microsoft Patch Tuesday for August 2025 — Snort rules and prominent vulnerabilities
blogs_talos·2025-08-12·CVSS 7.8
[HIGH] Microsoft Patch Tuesday for August 2025 — Snort rules and prominent vulnerabilities
## Microsoft Patch Tuesday for August 2025 — Snort rules and prominent vulnerabilities
Microsoft has released its monthly security update for August 2025, which includes 111 vulnerabilities affecting a range of products, including 13 that Microsoft marked as “critical”.
In this month's release, Microsoft observed none of the included vulnerabilities being actively exploited in the wild. Out of 13 "critical" entries, 9 are remote code execution (RCE) vulnerabilities in Microsoft Windows services and applications including the Windows kernel, Microsoft Message Queuing (MSMQ), Windows Hyper-V, Microsoft Office and GDI+.
CVE-2025-50176 is an RCE vulnerability in DirectX Graphics Kernel given a CVSS 3.1 score of 7.8, where access of resource using incompatible type ('type confusion') in Grap
Talos
Microsoft Patch Tuesday for August 2025 — Snort rules and prominent vulnerabilities
blogs_talos·2025-08-12·CVSS 7.8
[HIGH] Microsoft Patch Tuesday for August 2025 — Snort rules and prominent vulnerabilities
Microsoft has released its monthly security update for August 2025, which includes 111 vulnerabilities affecting a range of products, including 13 that Microsoft marked as “critical”.
In this month's release, Microsoft observed none of the included vulnerabilities being actively exploited in the wild. Out of 13 "critical" entries, 9 are remote code execution (RCE) vulnerabilities in Microsoft Windows services and applications including the Windows kernel, Microsoft Message Queuing (MSMQ), Windows Hyper-V, Microsoft Office and GDI+.
CVE-2025-50176 is an RCE vulnerability in DirectX Graphics Kernel given a CVSS 3.1 score of 7.8, where access of resource using incompatible type ('type confusion') in Graphics Kernel allows an authorized attacker to execute code locally. Microsoft has noted t
Qualys
Microsoft and Adobe Patch Tuesday, August 2025 Security Update Review
blogs_qualys·2025-08-12
Microsoft and Adobe Patch Tuesday, August 2025 Security Update Review
## Table of Contents
Microsoft Patch Tuesday for August 2025
Adobe Patches for August 2025
Zero-day Vulnerability Patched in August Patch Tuesday Edition
Critical Severity Vulnerabilities Patched in August Patch Tuesday Edition
Other Microsoft Vulnerability Highlights
Microsoft Release Summary
Discover and Prioritize Vulnerabilities inVulnerability Management, Detection & Response (VMDR)
Rapid Response withPatch Management (PM)
Microsoft July 2025 Patch Tuesday Mitigations
Qualys Monthly Webinar Series
It’s the second Tuesday of August, and Microsoft has rolled out its latest security updates. Microsoft’s August 2025 Patch Tuesday has arrived, bringing a fresh wave of security fixes to help organizations stay ahead of evolving threats. Here’s a quick breakdown of what you need t
2025-08-12
Published