Msrc Windows 11 Version 23H2 vulnerabilities

CVE-2026-25188 [HIGH] CWE-122 Windows Telephony Service Elevation of Privilege Vulnerability Windows Telephony Service Elevation of Privilege Vulnerability Description: Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to elevate privileges over an adjacent network. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. FAQ:

CVE-2026-25173 [HIGH] CWE-190 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Description: Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. FAQ: How could an attacker exploit this vulnerability? An attacker authenticated on the domain could exploit this vulnerability by tricking

CVE-2026-24292 [HIGH] CWE-416 Windows Connected Devices Platform Service Elevation of Privilege Vulnerability Windows Connected Devices Platform Service Elevation of Privilege Vulnerability Description: Use after free in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYST

CVE-2026-25187 [HIGH] CWE-59 Winlogon Elevation of Privilege Vulnerability Winlogon Elevation of Privilege Vulnerability Description: Improper link resolution before file access ('link following') in Winlogon allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Winlogon: Winlogon Microsoft: Microsoft

CVE-2026-25190 [HIGH] CWE-426 GDI Remote Code Execution Vulnerability GDI Remote Code Execution Vulnerability Description: Untrusted search path in Windows GDI allows an unauthorized attacker to execute code locally. FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Executio

CVE-2026-23674 [HIGH] CWE-41 MapUrlToZone Security Feature Bypass Vulnerability MapUrlToZone Security Feature Bypass Vulnerability Description: Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network. FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? An attacker who successfully exploited the vulnerability could bypass the MapURLToZone method. FAQ: The Security

CVE-2026-25178 [HIGH] CWE-416 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Description: Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could g

CVE-2026-25165 [HIGH] CWE-476 Performance Counters for Windows Elevation of Privilege Vulnerability Performance Counters for Windows Elevation of Privilege Vulnerability Description: Null pointer dereference in Windows Performance Counters allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows P

CVE-2026-25172 [HIGH] CWE-190 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Description: Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. FAQ: How could an attacker exploit this vulnerability? An attacker authenticated on the domain could exploit this vulnerability by tricking

CVE-2026-25177 [HIGH] CWE-641 Active Directory Domain Services Elevation of Privilege Vulnerability Active Directory Domain Services Elevation of Privilege Vulnerability Description: Improper restriction of names for files and other resources in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerab

CVE-2026-23669 [HIGH] CWE-416 RPC Runtime Library Remote Code Execution Vulnerability RPC Runtime Library Remote Code Execution Vulnerability Description: Use after free in RPC Runtime allows an authorized attacker to execute code over a network. FAQ: How could an attacker exploit this vulnerability? An attacker could exploit this vulnerability by sending specially crafted network responses to a system running the Windows Print Spooler service. These malformed responses may cause the service t

CVE-2026-25185 [MEDIUM] CWE-200 Windows Shell Link Processing Spoofing Vulnerability Windows Shell Link Processing Spoofing Vulnerability Description: Exposure of sensitive information to an unauthorized actor in Windows Shell Link Processing allows an unauthorized attacker to perform spoofing over a network. FAQ: According to the CVSS metrics, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L),but lead to no loss of availability (A:N) and integrity

CVE-2026-25169 [MEDIUM] CWE-369 Windows Graphics Component Denial of Service Vulnerability Windows Graphics Component Denial of Service Vulnerability Description: Divide by zero in Microsoft Graphics Component allows an unauthorized attacker to deny service locally. Microsoft Graphics Component: Microsoft Graphics Component Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Les

CVE-2026-25180 [MEDIUM] CWE-125 Windows Graphics Component Information Disclosure Vulnerability Windows Graphics Component Information Disclosure Vulnerability Description: Out-of-bounds read in Microsoft Graphics Component allows an unauthorized attacker to disclose information locally. FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? A user would need to be tricked into opening a folder that contains a specially crafted file.

CVE-2026-25168 [MEDIUM] CWE-476 Windows Graphics Component Denial of Service Vulnerability Windows Graphics Component Denial of Service Vulnerability Description: Null pointer dereference in Microsoft Graphics Component allows an unauthorized attacker to deny service locally. Microsoft Graphics Component: Microsoft Graphics Component Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploi

CVE-2026-25186 [MEDIUM] CWE-200 Windows Accessibility Infrastructure (ATBroker.exe) Information Disclosure Vulnerability Windows Accessibility Infrastructure (ATBroker.exe) Information Disclosure Vulnerability Description: Exposure of sensitive information to an unauthorized actor in Windows Accessibility Infrastructure (ATBroker.exe) allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? The type of information th

CVE-2026-21248 [HIGH] CWE-122 Windows Hyper-V Remote Code Execution Vulnerability Windows Hyper-V Remote Code Execution Vulnerability Description: Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally. FAQ: According to the CVSS metric, user interaction is required (UI:R) and privileges required is Low (PR:L). What does that mean for this vulnerability? The file must be stored in a location that allows an attacker write access, enabling the file to

CVE-2026-21255 [HIGH] CWE-284 Windows Hyper-V Security Feature Bypass Vulnerability Windows Hyper-V Security Feature Bypass Vulnerability Description: Improper access control in Windows Hyper-V allows an authorized attacker to bypass a security feature locally. FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? An attacker who successfully exploited this vulnerability could bypass the Virtualization-based Security feature. FAQ: How could an att

CVE-2026-21508 [HIGH] CWE-287 Windows Storage Elevation of Privilege Vulnerability Windows Storage Elevation of Privilege Vulnerability Description: Improper authentication in Windows Storage allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliabil

CVE-2026-20846 [HIGH] CWE-126 GDI+ Denial of Service Vulnerability GDI+ Denial of Service Vulnerability Description: Buffer over-read in Windows GDI+ allows an unauthorized attacker to deny service over a network. Windows GDI+: Windows GDI+ Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB507