PT-2026-40153

Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description A use after free issue in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. Use after free is a memory corruption flaw that occurs when an application continu...

KB5087544: Windows 10 version 21H2 / Windows 10 Version 22H2 Security Update (May 2026)

The remote Windows host is missing security update 5087544. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Windows Message Queuing allows an unauthorized attacker to execute code over an adjacent network. CVE-2026-34329 - Heap-based buffer overflow in Windo...

KB5087541: Windows Server version 23H2 Security Update (May 2026)

The remote Windows host is missing security update 5087541. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network. CVE-2026-41096 - Stack-based buffer overflow in Windows Netlogon...

KB5087470: Windows Server 2012 Security Update (May 2026)

The remote Windows host is missing security update 5087470. It is, therefore, affected by multiple vulnerabilities - Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network. CVE-2026-41089 - Heap-based buffer overflow in Windows Win32K - GRFX...

KB5089549: Windows 11 Version 24H2 / Windows 11 Version 25H2 Security Update (May 2026)

The remote Windows host is missing security update 5089549 or hotpatch 5089466. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network. CVE-2026-41096 - Heap-based buffer overflow ...

Microsoft Win32k 资源管理错误漏洞

Microsoft Win32k is a system file used by Microsoft for multi-user management in Windows operating systems. There is a resource management vulnerability in Microsoft Win32K-GRFX. Attackers can exploit this vulnerability to gain higher privileges. The following products and versions are affected:...

KB5071546: Windows 10 version 21H2 / Windows 10 Version 22H2 Security Update (December 2025)

The remote Windows host is missing security update 5071546. It is, therefore, affected by multiple vulnerabilities - Untrusted pointer dereference in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network. CVE-2025-62549 - Out-of-bounds read ...

KB5071544: Windows 10 version 1809 / Windows Server 2019 Security Update (December 2025)

The remote Windows host is missing security update 5071544. It is, therefore, affected by multiple vulnerabilities - Untrusted pointer dereference in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network. CVE-2025-62549 - Out-of-bounds read ...

KB5071543: Windows 10 Version 1607 / Windows Server 2016 Security Update (December 2025)

The remote Windows host is missing security update 5071543. It is, therefore, affected by multiple vulnerabilities - Untrusted pointer dereference in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network. CVE-2025-62549 - Heap-based buffer...

CVE-2025-55228

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Win32K - GRFX allows an authorized attacker to execute code locally...

Windows Hyper-V Remote Code Execution Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Win32K - GRFX allows an authorized attacker to execute code locally...

Windows Graphics Component Remote Code Execution Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Win32K - GRFX allows an authorized attacker to execute code locally...

CVE-2025-53132

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Win32K - GRFX allows an authorized attacker to elevate privileges over a network...

CVE-2025-53132

Technical details for CVE-2025-53132 (Windows Win32K GRFX race condition privilege escalation) are not provided in the connected documents. Public specifics (affected versions, exploit details, or fixes) are not available here; monitor for updates from official advisories.

CVE-2025-50161

CVE-2025-50161 is a heap-based buffer overflow affecting Windows Win32K - GRFX. The vulnerability allows an authorized attacker to achieve local privilege escalation. Exploitation requires user interaction and low privileges before escalation. Microsoft has released security updates addressing vu...

PT-2025-32800

Name of the Vulnerable Software and Affected Versions: Windows versions affected versions not specified Description: A race condition exists due to improper synchronization when using shared resources within the Windows Win32K - GRFX component. This allows an authorized attacker to elevate...

CVE-2019-1468

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Win32k Graphics Remote Code Execution Vulnerability'...

Latest Microsoft Update Patches New Windows 0-Day Under Active Attack

With its latest and last Patch Tuesday for 2019, Microsoft is warning billions of its users of a new Windows zero-day vulnerability that attackers are actively exploiting in the wild in combination with a Chrome exploit to take remote control over vulnerable computers. Microsoft's December securi...

CVE-2019-1468

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Win32k Graphics Remote Code Execution Vulnerability'...

CVE-2019-1468

The connected CNVD entry corroborates CVE-2019-1468 as a Win32k/Windows font library RCE: improper handling of specially crafted embedded fonts enables remote code execution. Affected: Windows clients/servers with Win32k font handling vulnerability. Root cause: inadequate validation when processi...