Msrc Windows Server 2016 vulnerabilities

CVE-2026-20834 [MEDIUM] CWE-36 Windows Spoofing Vulnerability Windows Spoofing Vulnerability Description: Absolute path traversal in Windows Shell allows an unauthorized attacker to perform spoofing with a physical attack. Windows Shell: Windows Shell Microsoft: Microsoft Customer Action Required: Yes Impact: Spoofing Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5

CVE-2026-20818 [MEDIUM] CWE-532 Windows Kernel Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability Description: Insertion of sensitive information into log file in Windows Kernel allows an unauthorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Kernel memory read - unintentional re

CVE-2026-20823 [MEDIUM] CWE-200 Windows File Explorer Information Disclosure Vulnerability Windows File Explorer Information Disclosure Vulnerability Description: Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally. FAQ: According to the CVSS metrics, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L),but lead to no loss of availability (A:N) and integrity (

CVE-2026-21265 [MEDIUM] CWE-1329 Secure Boot Certificate Expiration Security Feature Bypass Vulnerability Secure Boot Certificate Expiration Security Feature Bypass Vulnerability Description: Windows Secure Boot stores Microsoft certificates in the UEFI KEK and DB. These original certificates are approaching expiration, and devices containing affected certificate versions must update them to maintain Secure Boot functionality and avoid compromising security by losing security fixes related to W

CVE-2026-20833 [MEDIUM] CWE-327 Windows Kerberos Information Disclosure Vulnerability Windows Kerberos Information Disclosure Vulnerability Description: Use of a broken or risky cryptographic algorithm in Windows Kerberos allows an authorized attacker to disclose information locally. FAQ: Are there other steps that need to be done to protect from exploitation of this vulnerability? Yes, please see How to manage Kerberos protocol changes related to CVE-2026-20833 for more information about how

CVE-2026-20936 [MEDIUM] CWE-125 Windows NDIS Information Disclosure Vulnerability Windows NDIS Information Disclosure Vulnerability Description: Out-of-bounds read in Windows NDIS allows an authorized attacker to disclose information with a physical attack. FAQ: What type of information could be disclosed by this vulnerability? Exploiting this vulnerability could allow the disclosure of certain kernel memory content. Windows NDIS: Windows NDIS Microsoft: Microsoft Customer Action Required:

CVE-2026-20827 [MEDIUM] CWE-200 Tablet Windows User Interface (TWINUI) Subsystem Information Disclosure Vulnerability Tablet Windows User Interface (TWINUI) Subsystem Information Disclosure Vulnerability Description: Exposure of sensitive information to an unauthorized actor in Tablet Windows User Interface (TWINUI) Subsystem allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could

CVE-2025-59517 [HIGH] CWE-284 Windows Storage VSP Driver Elevation of Privilege Vulnerability Windows Storage VSP Driver Elevation of Privilege Vulnerability Description: Improper access control in Windows Storage VSP Driver allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows Storage VSP Driv

CVE-2025-62571 [HIGH] CWE-20 Windows Installer Elevation of Privilege Vulnerability Windows Installer Elevation of Privilege Vulnerability Description: Improper input validation in Windows Installer allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows Installer: Windows Installer Microsoft: M

CVE-2025-62455 [HIGH] CWE-20 Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability Description: Improper input validation in Windows Message Queuing allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows Messag

CVE-2025-62474 [HIGH] CWE-284 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability Windows Remote Access Connection Manager Elevation of Privilege Vulnerability Description: Improper access control in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SY

CVE-2025-62466 [HIGH] CWE-476 Windows Client-Side Caching Elevation of Privilege Vulnerability Windows Client-Side Caching Elevation of Privilege Vulnerability Description: Null pointer dereference in Windows Client-Side Caching (CSC) Service allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Window

CVE-2025-62472 [HIGH] CWE-908 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability Windows Remote Access Connection Manager Elevation of Privilege Vulnerability Description: Use of uninitialized resource in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could g

CVE-2025-64680 [HIGH] CWE-122 Windows DWM Core Library Elevation of Privilege Vulnerability Windows DWM Core Library Elevation of Privilege Vulnerability Description: Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows DWM Core Library: W

CVE-2025-62549 [HIGH] CWE-822 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Description: Untrusted pointer dereference in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. FAQ: According to the CVSS metric, the attack vector is network (AV:N), user interaction is required (UI:R), and privileges required are no

CVE-2025-62573 [HIGH] CWE-416 DirectX Graphics Kernel Elevation of Privilege Vulnerability DirectX Graphics Kernel Elevation of Privilege Vulnerability Description: Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. FAQ: What privileges could b

CVE-2025-62565 [HIGH] CWE-416 Windows File Explorer Elevation of Privilege Vulnerability Windows File Explorer Elevation of Privilege Vulnerability Description: Use after free in Windows Shell allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. FAQ: According to the CVSS metric, user interaction is r

CVE-2025-62470 [HIGH] CWE-122 Windows Common Log File System Driver Elevation of Privilege Vulnerability Windows Common Log File System Driver Elevation of Privilege Vulnerability Description: Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM p

CVE-2025-64679 [HIGH] CWE-122 Windows DWM Core Library Elevation of Privilege Vulnerability Windows DWM Core Library Elevation of Privilege Vulnerability Description: Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows DWM Core Library: W

CVE-2025-64661 [HIGH] CWE-362 Windows Shell Elevation of Privilege Vulnerability Windows Shell Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Shell allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker