CVE-2025-55224
published 2025-09-09CVE-2025-55224: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to execute…
high7.8CVSS 3.1
AVLACHPRLUINSCCHIHAH
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to execute code locally.
Affected
33 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10_1809 | < 10.0.17763.7792 | 10.0.17763.7792 |
| microsoft | windows_10_21h2 | < 10.0.19044.6332 | 10.0.19044.6332 |
| microsoft | windows_10_22h2 | < 10.0.19045.6332 | 10.0.19045.6332 |
| microsoft | windows_10_version_1809 | >= 10.0.17763.0 < 10.0.17763.7792 | 10.0.17763.7792 |
| microsoft | windows_10_version_21h2 | >= 10.0.19044.0 < 10.0.19044.6332 | 10.0.19044.6332 |
| microsoft | windows_10_version_22h2 | >= 10.0.19045.0 < 10.0.19045.6332 | 10.0.19045.6332 |
| microsoft | windows_11_22h2 | < 10.0.22621.5909 | 10.0.22621.5909 |
| microsoft | windows_11_23h2 | < 10.0.22631.5909 | 10.0.22631.5909 |
| microsoft | windows_11_24h2 | < 10.0.26100.6508 | 10.0.26100.6508 |
| microsoft | windows_11_version_22h2 | >= 10.0.22621.0 < 10.0.22621.5909 | 10.0.22621.5909 |
| microsoft | windows_11_version_22h3 | >= 10.0.22631.0 < 10.0.22631.5909 | 10.0.22631.5909 |
| microsoft | windows_11_version_23h2 | >= 10.0.22631.0 < 10.0.22631.5909 | 10.0.22631.5909 |
| microsoft | windows_11_version_24h2 | >= 10.0.26100.0 < 10.0.26100.6584 | 10.0.26100.6584 |
| microsoft | windows_server_2019 | < 10.0.17763.7792 | 10.0.17763.7792 |
| microsoft | windows_server_2019 | >= 10.0.17763.0 < 10.0.17763.7792 | 10.0.17763.7792 |
| microsoft | windows_server_2022 | < 10.0.20348.4106 | 10.0.20348.4106 |
| microsoft | windows_server_2022 | >= 10.0.20348.0 < 10.0.20348.4171 | 10.0.20348.4171 |
| microsoft | windows_server_2022_23h2 | < 10.0.25398.1849 | 10.0.25398.1849 |
| microsoft | windows_server_2025 | < 10.0.26100.6508 | 10.0.26100.6508 |
| microsoft | windows_server_2025 | >= 10.0.26100.0 < 10.0.26100.6584 | 10.0.26100.6584 |
| msrc | windows_10_version_1809_for_x64-based_systems | — | — |
| msrc | windows_10_version_21h2_for_x64-based_systems | — | — |
| msrc | windows_10_version_22h2_for_x64-based_systems | — | — |
| msrc | windows_11_version_22h2_for_arm64-based_systems | — | — |
| msrc | windows_11_version_22h2_for_x64-based_systems | — | — |
GHSA
GHSA-w56w-pr39-4m9h: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to
ghsa_unreviewed·2025-09-09
CVE-2025-55224 [HIGH] CWE-362 GHSA-w56w-pr39-4m9h: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to execute code locally.
Microsoft
Windows Hyper-V Remote Code Execution Vulnerability
vendor_msrc·2025-09-09·CVSS 7.8
CVE-2025-55224 [HIGH] CWE-362 Windows Hyper-V Remote Code Execution Vulnerability
Windows Hyper-V Remote Code Execution Vulnerability
Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to execute code locally.
FAQ: According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?
In this case, a successful attack could be performed from a low privilege Hyper-V guest. The attacker could traverse the guest's security boundary to execute code on the Hyper-V host execution environment.
FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?
The word Remote in the title refers to the location of the attacker. This
No detection rules found.
No public exploits indexed.
Bleepingcomputer
Microsoft September 2025 Patch Tuesday fixes 81 flaws, two zero-days
blogs_bleepingcomputer·2025-09-09·CVSS 8.8
[HIGH] Microsoft September 2025 Patch Tuesday fixes 81 flaws, two zero-days
## Microsoft September 2025 Patch Tuesday fixes 81 flaws, two zero-days
## Lawrence Abrams
41 Elevation of Privilege Vulnerabilities
2 Security Feature Bypass Vulnerabilities
22 Remote Code Execution Vulnerabilities
16 Information Disclosure Vulnerabilities
3 Denial of Service Vulnerabilities
1 Spoofing Vulnerabilities
When BleepingComputer reports on the Patch Tuesday security updates, we only count those released on Patch Tuesday.
Therefore, the number of flaws does not include three Azure, one Dynamics 365 FastTrack Implementation Assets, two Mariner, five Microsoft Edge, and 1 Xbox vulnerabilities fixed earlier this month.
To learn more about the non-security updates released today, you can review our dedicated articles on the Windows 11 KB5065426 & KB5065431 cumulative updat
Qualys
Microsoft and Adobe Patch Tuesday, September 2025 Security Update Review
blogs_qualys·2025-09-09
Microsoft and Adobe Patch Tuesday, September 2025 Security Update Review
## Table of Contents
Microsoft Patch Tuesday for September 2025
Adobe Patches for September 2025
Zero-day Vulnerabilities Patched in September Patch Tuesday Edition
Critical Severity Vulnerabilities Patched in September Patch Tuesday Edition
Other Microsoft Vulnerability Highlights
Microsoft Release Summary
Discover and Prioritize Vulnerabilities inVulnerability Management, Detection & Response (VMDR)
Rapid Response with TruRisk Eliminate
Automating Risk Elimination and Accelerating Response: Meet Agent Sara
EVALUATE Vendor-Suggested Mitigation withPolicy Audit
Qualys Monthly Webinar Series
It’s the second Tuesday of September, and Microsoft has rolled out its latest security updates. Microsoft’s September 2025 Patch Tuesday has arrived, bringing a fresh wave of security fixes
Qualys
Microsoft and Adobe Patch Tuesday, September 2025 Security Update Review | Qualys
blogs_qualys·2025-09-09
Microsoft and Adobe Patch Tuesday, September 2025 Security Update Review | Qualys
#### Table of Contents
- Microsoft Patch Tuesday for September 2025
- Adobe Patches for September 2025
- Zero-day Vulnerabilities Patched in September Patch Tuesday Edition
- Critical Severity Vulnerabilities Patched in September Patch Tuesday Edition
- Other Microsoft Vulnerability Highlights
- Microsoft Release Summary
- Discover and Prioritize Vulnerabilities inVulnerability Management, Detection & Response (VMDR)
- Rapid Response with TruRisk Eliminate
- Automating Risk Elimination and Accelerating Response: Meet Agent Sara
- EVALUATE Vendor-Suggested Mitigation withPolicy Audit
- Qualys Monthly Webinar Series
It’s the second Tuesday of September, and Microsoft has rolled out its latest security updates. Microsoft’s September 2025 Patch Tuesday has arrived, bringing a fresh wave of s
Tenable
September 2025 Microsoft Patch Tuesday | Tenable®
blogs_tenable·2025-09-09
September 2025 Microsoft Patch Tuesday | Tenable®
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Crowdstrike
September 2025 Patch Tuesday: Updates and Analysis
blogs_crowdstrike·CVSS 7.5
CVE-2026-20929 [HIGH] September 2025 Patch Tuesday: Updates and Analysis
STARDUST CHOLLIMA Likely Compromises Axios npm Package Apr 01, 2026
Falcon for IT Supports Windows Secure Boot Certificate Lifecycle Management Apr 01, 2026
Detecting CVE-2026-20929: Kerberos Authentication Relay via CNAME Abuse Mar 31, 2026
How Charlotte AI AgentWorks Fuels Security's Agentic Ecosystem Mar 25, 2026
STARDUST CHOLLIMA Likely Compromises Axios npm Package Apr 01, 2026
Falcon for IT Supports Windows Secure Boot Certificate Lifecycle Management Apr 01, 2026
Detecting CVE-2026-20929: Kerberos Authentication Relay via CNAME Abuse Mar 31, 2026
How Charlotte AI AgentWorks Fuels Security's Agentic Ecosystem Mar 25, 2026
Video Highlights the 4 Key Steps to Successful Incident Response Dec 02, 2019
Helping Non-Security Stakeholders Understand ATT&CK in 10 Minutes or Less [VI
2025-09-09
Published