Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit

Microsoft on Tuesday released a mitigation for a BitLocker bypass vulnerability named YellowKey following its public disclosure last week. The zero-day flaw, now tracked as CVE-2026-45585 , carries a CVSS score of 6.8. It has been described as a BitLocker security feature bypass. "Microsoft is...

May 12, 2026—KB5087539(OS Build 26100.32860)

May 12, 2026—KB5087539OS Build 26100.32860 ​​​​​This cumulative update for Windows Server 2025 KB5087539, includes the latest security fixes and improvements, along with non-security updates from last month’s optional preview release. To learn more about differences between security updates,...

Microsoft Windows 安全漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. There are security vulnerabilities in Microsoft Windows. Attackers can exploit these vulnerabilities to execute code remotely. The following products and versions are affected: Windows 10 Version...

Microsoft Windows TCP/IP 安全漏洞

Microsoft Windows TCP/IP is a component provided by Microsoft Corporation that offers TCP/IP configuration functions for Windows. There are security vulnerabilities associated with Microsoft Windows TCP/IP. The following products and versions are affected: Windows 10 Version 1809 for 32-bit...

Microsoft Win32k 竞争条件问题漏洞

Microsoft Win32k is a system file used by Microsoft for multi-user management in Windows. There are competitive conditions vulnerabilities associated with Microsoft Win32k. The following products and versions are affected: Windows Server 2019 Server Core installation, Windows Server 2022, Windows...

Microsoft Windows Kernel 安全漏洞

The Microsoft Windows Kernel is the kernel of the Windows operating system developed by Microsoft Corporation. There are security vulnerabilities present in the Microsoft Windows Kernel. Attackers can exploit these vulnerabilities to gain higher privileges. The following products and versions are...

Microsoft Message Queuing 安全漏洞

Microsoft Message Queuing is a solution developed by Microsoft for implementing high-performance asynchronous and synchronous scenarios. There are security vulnerabilities associated with Microsoft Message Queuing. The following products and versions are affected: Windows 10 Version 1809 for 32-b...

Microsoft Lightweight Directory Access Protocol（LDAP） 代码问题漏洞

Microsoft Lightweight Directory Access Protocol LDAP is a directory service protocol developed by Microsoft Corporation. It operates at the layer above the TCP/IP stack. There are code-related vulnerabilities in the Microsoft Lightweight Directory Access Protocol LDAP. Attackers can exploit these...

Microsoft Windows Netlogon 安全漏洞

Microsoft Windows Netlogon is an important component of Windows from Microsoft Corporation. Its main functions include authentication between users and machines within a domain network, as well as copying databases for domain control backups. It also helps maintain relationships between domain...

Exploit for Improper Authentication in Microsoft

CVE-2026-24294 - Local NTLM Reflection LPE via SMB Arbitrary P...

April 14, 2026—KB5082063(OS Build 26100.32690)

April 14, 2026—KB5082063OS Build 26100.32690 ​​​​​This cumulative update for Windows Server 2025 KB5082063, includes the latest security fixes and improvements, along with non-security updates from last month’s optional preview release. To learn more about differences between security updates,...

Microsoft Windows Cryptographic Services 安全漏洞

Microsoft Windows Cryptographic Services are encryption services provided by Microsoft Corporation. There are security vulnerabilities in Microsoft Windows Cryptographic Services. Attackers can exploit these vulnerabilities to gain higher privileges. The following products and versions are...

Microsoft Windows Push Notifications 资源管理错误漏洞

Microsoft Windows Push Notifications is a push notification service provided by the American company Microsoft. It provides a reliable way to deliver new updates. There is a resource management vulnerability in Microsoft Windows Push Notifications. Attackers can exploit this vulnerability to gain...

Microsoft Windows 资源管理错误漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. There is a resource management vulnerability in Microsoft Windows. Attackers can exploit this vulnerability to gain higher privileges. The following products and versions are affected: Windows 10...

Microsoft Windows Kerberos 授权问题漏洞

Microsoft Windows Kerberos is a software developed by Microsoft for authentication in network clusters. As a network authentication protocol, Kerberos aims to provide robust authentication services for client/server applications through a key system. There are authorization vulnerabilities in...

Microsoft Windows WalletService 资源管理错误漏洞

Microsoft Windows WalletService is an application developed by Microsoft Corporation. It is the object used to host wallet clients. There is a resource management vulnerability in Microsoft Windows WalletService. Attackers can exploit this vulnerability to gain elevated privileges. The following...

Microsoft Hyper-V 数字错误漏洞

Microsoft Hyper-V is an application developed by Microsoft Corporation in the United States. It is a system management program that enables desktop virtualization. Microsoft Hyper-V has a numerical error vulnerability. Attackers can exploit this vulnerability to execute code. The following produc...

Microsoft Windows UPnP 访问控制错误漏洞

Microsoft Windows UPnP is a device proxy provided by Microsoft Corporation. It serves as a proxy that allows Windows network connections to recognize the IP address of ZoneDirector. Microsoft Windows UPnP has a vulnerability related to access control. Attackers can exploit this vulnerability to...

Microsoft Windows USB Print Driver 安全漏洞

Microsoft Windows USB Print Driver is a USB printer driver developed by Microsoft Corporation. There are security vulnerabilities in Microsoft Windows USB Print Driver. Attackers can exploit these vulnerabilities to gain higher privileges. The following products and versions are affected: Windows...

📄 Microsoft Windows Server 2025 jscript.dll Use-After-Free

The exploit targets a use-After-free vulnerability in the JScript engine component jscript.dll of Internet Explorer 11 on Windows Server 2025. ============================================================================================================================================= | Title :...