Microsoft Windows 11 Version 25H2 vulnerabilities

CVE-2026-20861 [HIGH] CWE-362 CVE-2026-20861: Concurrent execution using shared resource with improper synchronization ('race condition') in Windo Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.

CVE-2026-20867 [HIGH] CWE-362 CVE-2026-20867: Concurrent execution using shared resource with improper synchronization ('race condition') in Windo Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.

CVE-2026-20866 [HIGH] CWE-362 CVE-2026-20866: Concurrent execution using shared resource with improper synchronization ('race condition') in Windo Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.

CVE-2025-59187 [HIGH] CWE-20 CVE-2025-59187: Improper input validation in Windows Kernel allows an authorized attacker to elevate privileges loca Improper input validation in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2026-42829 [HIGH] CWE-284 CVE-2026-42829: Improper access control in Windows Administrator Protection allows an authorized attacker to bypass Improper access control in Windows Administrator Protection allows an authorized attacker to bypass a security feature locally.

CVE-2026-41092 [HIGH] CWE-284 CVE-2026-41092: Improper access control in Microsoft Kinect allows an authorized attacker to elevate privileges loca Improper access control in Microsoft Kinect allows an authorized attacker to elevate privileges locally.

CVE-2026-33828 [HIGH] CWE-501 CVE-2026-33828: Trust boundary violation in Windows Attestation allows an authorized attacker to elevate privileges Trust boundary violation in Windows Attestation allows an authorized attacker to elevate privileges locally.

CVE-2026-45637 [HIGH] CWE-416 CVE-2026-45637: Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges local Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

CVE-2026-45638 [HIGH] CWE-122 CVE-2026-45638: Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to ele Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

CVE-2026-45593 [HIGH] CWE-190 CVE-2026-45593: Use after free in Windows SDK allows an authorized attacker to elevate privileges locally. Use after free in Windows SDK allows an authorized attacker to elevate privileges locally.

CVE-2026-42983 [HIGH] CWE-416 CVE-2026-42983: Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges local Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

CVE-2026-26181 [HIGH] CWE-362 CVE-2026-26181: Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privilege Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.

CVE-2026-44802 [HIGH] CWE-416 CVE-2026-44802: Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges local Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

CVE-2026-42978 [HIGH] CWE-362 CVE-2026-42978: Concurrent execution using shared resource with improper synchronization ('race condition') in Windo Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

CVE-2026-42979 [HIGH] CWE-362 CVE-2026-42979: Concurrent execution using shared resource with improper synchronization ('race condition') in Windo Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

CVE-2026-42977 [HIGH] CWE-362 CVE-2026-42977: Concurrent execution using shared resource with improper synchronization ('race condition') in Windo Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

CVE-2026-42991 [HIGH] CWE-362 CVE-2026-42991: Concurrent execution using shared resource with improper synchronization ('race condition') in Windo Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

CVE-2026-45639 [HIGH] CWE-125 CVE-2026-45639: Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a net Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a network.

CVE-2026-42908 [HIGH] CWE-125 CVE-2026-42908: Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a net Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a network.

CVE-2025-24052 [HIGH] CWE-121 CVE-2025-24052: Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with supported Windows operating systems. This is an announcement of the upcoming removal of ltmdm64.sys driver. The driver has been removed in the October cumulative update. Fax modem hardware dependent on this specific driver will no longer work on Window