Msrc Windows 10 Version 1809 For 32-Bit Systems vulnerabilities

CVE-2026-23667 [HIGH] CWE-416 Broadcast DVR Elevation of Privilege Vulnerability Broadcast DVR Elevation of Privilege Vulnerability Description: Use after free in Broadcast DVR allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could elevate from a low integrity level up to a medium integrity level. FAQ: According to the CVSS me

CVE-2026-25189 [HIGH] CWE-416 Windows DWM Core Library Elevation of Privilege Vulnerability Windows DWM Core Library Elevation of Privilege Vulnerability Description: Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows DWM Core Library: Windows DWM C

CVE-2026-24282 [MEDIUM] CWE-125 Push message Routing Service Elevation of Privilege Vulnerability Push message Routing Service Elevation of Privilege Vulnerability Description: Out-of-bounds read in Push Message Routing Service allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? An attacker who successfully exploited this vulnerability could potentially read portions of heap memory. Push Message Routing Service

CVE-2026-24297 [MEDIUM] CWE-362 Windows Kerberos Security Feature Bypass Vulnerability Windows Kerberos Security Feature Bypass Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Kerberos allows an unauthorized attacker to bypass a security feature over a network. FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? When the group policy is being reapplied, Windows Kerb

CVE-2026-20810 [HIGH] CWE-590 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Description: Free of memory not on the heap in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulne

CVE-2026-20853 [HIGH] CWE-362 Windows WalletService Elevation of Privilege Vulnerability Windows WalletService Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows WalletService allows an unauthorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerab

CVE-2025-62218 [HIGH] CWE-362 Microsoft Wireless Provisioning System Elevation of Privilege Vulnerability Microsoft Wireless Provisioning System Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Wireless Provisioning System allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attack

CVE-2025-59515 [HIGH] CWE-416 Windows Broadcast DVR User Service Elevation of Privilege Vulnerability Windows Broadcast DVR User Service Elevation of Privilege Vulnerability Description: Use after free in Windows Broadcast DVR User Service allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race

CVE-2025-60717 [HIGH] CWE-416 Windows Broadcast DVR User Service Elevation of Privilege Vulnerability Windows Broadcast DVR User Service Elevation of Privilege Vulnerability Description: Use after free in Windows Broadcast DVR User Service allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privil

CVE-2025-62219 [HIGH] CWE-415 Microsoft Wireless Provisioning System Elevation of Privilege Vulnerability Microsoft Wireless Provisioning System Elevation of Privilege Vulnerability Description: Double free in Microsoft Wireless Provisioning System allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

CVE-2025-53768 [HIGH] CWE-416 Xbox IStorageService Elevation of Privilege Vulnerability Xbox IStorageService Elevation of Privilege Vulnerability Description: Use after free in Xbox allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Xbox: Xbox Microsoft: Microsoft Customer Action Required: Yes Im

CVE-2025-48799 [HIGH] CWE-59 Windows Update Service Elevation of Privilege Vulnerability Windows Update Service Elevation of Privilege Vulnerability Description: Improper link resolution before file access ('link following') in Windows Update Service allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could create, modify, or delet

CVE-2025-49685 [HIGH] CWE-416 Windows Search Service Elevation of Privilege Vulnerability Windows Search Service Elevation of Privilege Vulnerability Description: Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally. FAQ: How could an attacker exploit this vulnerability? To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the

CVE-2024-36350 [MEDIUM] AMD: CVE-2024-36350 Transient Scheduler Attack in Store Queue AMD: CVE-2024-36350 Transient Scheduler Attack in Store Queue Description: The vulnerability assigned to this CVE is in certain processor models offered by AMD. The mitigation for this vulnerability requires a Windows update. This CVE is being documented in the Security Update Guide to announce that the latest builds of Windows enable the mitigation and provide protection against the vulnerability. Please see

CVE-2024-36357 [MEDIUM] AMD: CVE-2024-36357 Transient Scheduler Attack in L1 Data Queue AMD: CVE-2024-36357 Transient Scheduler Attack in L1 Data Queue Description: The vulnerability assigned to this CVE is in certain processor models offered by AMD. The mitigation for this vulnerability requires a Windows update. This CVE is being documented in the Security Update Guide to announce that the latest builds of Windows enable the mitigation and provide protection against the vulnerability. Please

CVE-2025-32707 [HIGH] CWE-125 NTFS Elevation of Privilege Vulnerability NTFS Elevation of Privilege Vulnerability Description: Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack vector is local (AV:L) while user interaction is required (UI:R). What does that mean for this vulnerability? An attacker can trick a local user on a vulnerable system into mounting a specially crafted VHD that would then trigg

CVE-2025-26640 [HIGH] CWE-416 Windows Digital Media Elevation of Privilege Vulnerability Windows Digital Media Elevation of Privilege Vulnerability Description: Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker with low integrity level privileges who successfully exploited this vulnerability could gain medium integrity level privilege

CVE-2025-27730 [HIGH] CWE-416 Windows Digital Media Elevation of Privilege Vulnerability Windows Digital Media Elevation of Privilege Vulnerability Description: Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could elevate from a low integrity level up to a medium integrity level. Windo

CVE-2025-27483 [HIGH] CWE-125 NTFS Elevation of Privilege Vulnerability NTFS Elevation of Privilege Vulnerability Description: Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally. FAQ: Are the updates for Windows 10 for x64-based Systems and Windows 10 for 32-bit Systems currently available? Yes. As of April 9, 2025, the security update (5055547) for Windows 10 for x64-based Systems and Windows 10 for 32-bit Systems are available. Customers running

CVE-2025-27741 [HIGH] CWE-125 NTFS Elevation of Privilege Vulnerability NTFS Elevation of Privilege Vulnerability Description: Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally. FAQ: Are the updates for Windows 10 for x64-based Systems and Windows 10 for 32-bit Systems currently available? Yes. As of April 9, 2025, the security update (5055547) for Windows 10 for x64-based Systems and Windows 10 for 32-bit Systems are available. Customers running