Msrc Windows 10 Version 21H2 For 32-Bit Systems vulnerabilities

CVE-2026-26132 [HIGH] CWE-416 Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability Description: Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could gain administrator privileges. Windows Kernel: Windows Kernel Microsoft: Microsoft Customer

CVE-2026-23667 [HIGH] CWE-416 Broadcast DVR Elevation of Privilege Vulnerability Broadcast DVR Elevation of Privilege Vulnerability Description: Use after free in Broadcast DVR allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could elevate from a low integrity level up to a medium integrity level. FAQ: According to the CVSS me

CVE-2026-25189 [HIGH] CWE-416 Windows DWM Core Library Elevation of Privilege Vulnerability Windows DWM Core Library Elevation of Privilege Vulnerability Description: Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows DWM Core Library: Windows DWM C

CVE-2026-24293 [HIGH] CWE-476 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Description: Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerabili

CVE-2026-24282 [MEDIUM] CWE-125 Push message Routing Service Elevation of Privilege Vulnerability Push message Routing Service Elevation of Privilege Vulnerability Description: Out-of-bounds read in Push Message Routing Service allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? An attacker who successfully exploited this vulnerability could potentially read portions of heap memory. Push Message Routing Service

CVE-2026-24288 [MEDIUM] CWE-122 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Windows Mobile Broadband Driver Remote Code Execution Vulnerability Description: Heap-based buffer overflow in Windows Mobile Broadband allows an unauthorized attacker to execute code with a physical attack. FAQ: According to the CVSS metric, the attack vector is physical (AV:P). What does that mean for this vulnerability? A physical attack vector means the attacker must have direct physical acc

CVE-2026-24297 [MEDIUM] CWE-362 Windows Kerberos Security Feature Bypass Vulnerability Windows Kerberos Security Feature Bypass Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Kerberos allows an unauthorized attacker to bypass a security feature over a network. FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? When the group policy is being reapplied, Windows Kerb

CVE-2026-21237 [HIGH] CWE-362 Windows Subsystem for Linux Elevation of Privilege Vulnerability Windows Subsystem for Linux Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? For an attacker to explo

CVE-2026-20810 [HIGH] CWE-590 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Description: Free of memory not on the heap in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulne

CVE-2026-20842 [HIGH] CWE-416 Microsoft DWM Core Library Elevation of Privilege Vulnerability Microsoft DWM Core Library Elevation of Privilege Vulnerability Description: Use after free in Windows DWM allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? For an attacker to exploit this vulnerability, they would need to have knowledge of a specific operation that triggers

CVE-2026-20871 [HIGH] CWE-416 Desktop Window Manager Elevation of Privilege Vulnerability Desktop Window Manager Elevation of Privilege Vulnerability Description: Use after free in Desktop Windows Manager allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Desktop Window Manager: Desktop Window Manag

CVE-2026-20817 [HIGH] CWE-280 Windows Error Reporting Service Elevation of Privilege Vulnerability Windows Error Reporting Service Elevation of Privilege Vulnerability Description: Improper handling of insufficient permissions or privileges in Windows Error Reporting allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain S

CVE-2026-20853 [HIGH] CWE-362 Windows WalletService Elevation of Privilege Vulnerability Windows WalletService Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows WalletService allows an unauthorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerab

CVE-2025-64670 [MEDIUM] CWE-200 Windows DirectX Information Disclosure Vulnerability Windows DirectX Information Disclosure Vulnerability Description: Exposure of sensitive information to an unauthorized actor in Microsoft Graphics Component allows an authorized attacker to disclose information over a network. FAQ: What type of information could be disclosed by this vulnerability? Exploiting this vulnerability could allow the disclosure of certain memory address within kernel space. Knowing th

CVE-2025-62218 [HIGH] CWE-362 Microsoft Wireless Provisioning System Elevation of Privilege Vulnerability Microsoft Wireless Provisioning System Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Wireless Provisioning System allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attack

CVE-2025-59515 [HIGH] CWE-416 Windows Broadcast DVR User Service Elevation of Privilege Vulnerability Windows Broadcast DVR User Service Elevation of Privilege Vulnerability Description: Use after free in Windows Broadcast DVR User Service allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race

CVE-2025-60717 [HIGH] CWE-416 Windows Broadcast DVR User Service Elevation of Privilege Vulnerability Windows Broadcast DVR User Service Elevation of Privilege Vulnerability Description: Use after free in Windows Broadcast DVR User Service allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privil

CVE-2025-62219 [HIGH] CWE-415 Microsoft Wireless Provisioning System Elevation of Privilege Vulnerability Microsoft Wireless Provisioning System Elevation of Privilege Vulnerability Description: Double free in Microsoft Wireless Provisioning System allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

CVE-2025-53768 [HIGH] CWE-416 Xbox IStorageService Elevation of Privilege Vulnerability Xbox IStorageService Elevation of Privilege Vulnerability Description: Use after free in Xbox allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Xbox: Xbox Microsoft: Microsoft Customer Action Required: Yes Im

CVE-2025-55340 [HIGH] CWE-287 Windows Remote Desktop Protocol Security Feature Bypass Windows Remote Desktop Protocol Security Feature Bypass Description: Improper authentication in Windows Remote Desktop Protocol allows an authorized attacker to bypass a security feature locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires multiple conditions to be met. The attacker