Windows 10 Version 22H2
Monthly
Local privilege escalation in Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) across Windows 10, 11, and Server 2012 R2-2025 allows authenticated attackers with low privileges to gain SYSTEM-level access via use-after-free memory corruption. Microsoft released patches addressing versions from Windows 10 1607 through Windows 11 26H1 and Server 2012 R2 through Server 2025. CVSS 7.0 rating reflects high attack complexity; no public exploit identified at time of analysis. EPSS data not prov
Local privilege escalation via use-after-free memory corruption in Windows Universal Plug and Play (UPnP) Device Host affects all supported Windows versions from Server 2012 through Windows 11 26H1. Authenticated local attackers with low privileges can exploit this CWE-416 flaw to gain SYSTEM-level access with low attack complexity (CVSS:3.1 AV:L/AC:L/PR:L). Vendor-released patches are available across all affected Windows 10, Windows 11, and Windows Server product lines. No public exploit code
Use-after-free in Windows TDI Translation Driver (tdx.sys) allows local privilege escalation to SYSTEM by authenticated low-privileged users on Windows 10/11 and Server 2012-2025. Microsoft has released security updates addressing this CWE-416 memory corruption flaw across all supported Windows versions. CVSS 7.0 reflects high attack complexity but full system compromise if successfully exploited. No public exploit identified at time of analysis, though the vulnerability's local attack vector an
Windows Hello biometric authentication can be bypassed by high-privileged local attackers through improper input validation, allowing unauthorized access to authentication mechanisms. This affects Windows 10 versions 21H2 and 22H2, and Windows 11 versions 22H3 through 26H1. The vulnerability requires administrative or SYSTEM-level privileges to exploit and does not enable remote exploitation, but represents a significant risk in multi-user or compromised-admin scenarios where biometric security is the primary defense mechanism.
Heap-based buffer overflow in the Windows Kernel enables local privilege escalation to SYSTEM on Windows 10 (versions 1607 through 22H2), Windows 11 (versions 22H3 through 26H1), and Windows Server (2012 through 2025). Authenticated local attackers with low privileges can exploit this memory corruption vulnerability to gain complete system control. Microsoft has released patches addressing 21 affected product versions. No public exploit identified at time of analysis, though the local attack vec
Windows Boot Manager contains an uninitialized resource vulnerability (CWE-908) that allows unauthorized attackers to bypass security features through physical access to affected systems. The vulnerability affects Windows 10 (versions 1607, 1809, 21H2, 22H2), Windows 11 (versions 22H3, 23H2, 24H2, 25H2, 26H1), and Windows Server 2016/2019/2022/2025. While the CVSS score of 4.6 reflects the physical attack vector requirement and information disclosure impact, the authentication bypass nature comb
Windows Server Update Service (WSUS) race condition enables local privilege escalation to SYSTEM on Windows 10, 11, and Server 2012-2025. Authenticated users with low-level privileges can exploit improper synchronization in concurrent execution paths to gain full system control. Attack complexity is high (AC:H), requiring precise timing to win the race window. Vendor-released patches available for all affected versions. No public exploit identified at time of analysis, though the high CVSS 7.0 s
Local privilege escalation in Windows Push Notifications across Windows 10/11 and Server 2016-2025 allows low-privileged authenticated users to gain SYSTEM-level access via race condition exploitation. The vulnerability affects all currently supported Windows versions with confirmed vendor patches available. Attack complexity is low with no user interaction required, enabling straightforward exploitation once local access is obtained. The scope change (S:C) indicates the attacker can impact reso
Type confusion in Windows OLE (Object Linking and Embedding) enables authenticated local attackers to escalate privileges across all supported Windows 10, 11, and Server versions (2012-2025). The memory corruption flaw allows low-privileged users to execute code with elevated permissions through incompatible type handling. Vendor-released patches are available for all affected versions. No public exploit identified at time of analysis, though the low attack complexity (AC:L) and lack of user interaction (UI:N) make this accessible to attackers with basic local access.
Local privilege escalation in Windows Sensor Data Service affects all supported Windows 10, Windows 11, and Windows Server versions through untrusted pointer dereference (CWE-822). Authenticated local attackers with low-privilege accounts can exploit this vulnerability with low complexity to gain SYSTEM-level privileges, achieving full compromise of confidentiality, integrity, and availability. Vendor-released patches are available across all affected product lines. No public exploit identified
Local privilege escalation in Windows Remote Desktop Licensing Service affects all supported Windows 10, Windows 11, and Windows Server versions (2012-2025) via missing authentication on a critical function. Authenticated local attackers with low privileges can exploit this CWE-306 authentication bypass to gain SYSTEM-level access with high impact to confidentiality, integrity, and availability (CVSS 7.8). Patch available per vendor; no public exploit identified at time of analysis. The wide foo
Microsoft Local Security Authority Subsystem Service (LSASS) information disclosure vulnerability allows authenticated network attackers to read sensitive memory contents via a bounds check bypass in the LSASS process. The vulnerability affects Windows 10 (versions 1607, 1809, 21H2, 22H2), Windows 11 (versions 22H3, 23H2, 24H2, 25H2, 26H1), Windows Server 2016, 2019, 2022, and 2025. No public exploit code or active exploitation has been reported; vendor-released patches are available across all affected versions.
Windows Remote Desktop spoofing vulnerability allows remote unauthenticated attackers to bypass security warnings and trick users into accepting malicious RDP connections, potentially exposing sensitive session data. Affects all supported Windows 10, 11, and Server versions from 2012 through 2025. Vendor-released patches are available. No public exploit identified at time of analysis, though the low attack complexity (AC:L) and network attack vector (AV:N) indicate exploitation would be straight
Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows authorized local attackers to bypass security features, affecting Windows 10 (versions 1607, 1809, 21H2, 22H2), Windows 11 (versions 22H3 through 26H1), and Windows Server 2016-2025. With a CVSS score of 5.7 and high privilege requirement (PR:H), the vulnerability requires administrative or high-privilege account access but presents significant confidentiality and integrity risk to isolated security domai
Privilege escalation in Windows Management Services (all supported Windows 10/11 and Server versions) allows authenticated local attackers with low privileges to gain high-level system access via race condition exploitation. Vendor-released patches are available for all affected versions. CVSS score of 7.8 reflects high complexity attack requiring precise timing but enabling full system compromise with changed scope. No public exploit identified at time of analysis, though the race condition cla
Local privilege escalation in Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) across Windows 10, 11, and Server 2012 R2-2025 allows authenticated attackers with low privileges to gain SYSTEM-level access via use-after-free memory corruption. Microsoft released patches addressing versions from Windows 10 1607 through Windows 11 26H1 and Server 2012 R2 through Server 2025. CVSS 7.0 rating reflects high attack complexity; no public exploit identified at time of analysis. EPSS data not prov
Local privilege escalation via use-after-free memory corruption in Windows Universal Plug and Play (UPnP) Device Host affects all supported Windows versions from Server 2012 through Windows 11 26H1. Authenticated local attackers with low privileges can exploit this CWE-416 flaw to gain SYSTEM-level access with low attack complexity (CVSS:3.1 AV:L/AC:L/PR:L). Vendor-released patches are available across all affected Windows 10, Windows 11, and Windows Server product lines. No public exploit code
Use-after-free in Windows TDI Translation Driver (tdx.sys) allows local privilege escalation to SYSTEM by authenticated low-privileged users on Windows 10/11 and Server 2012-2025. Microsoft has released security updates addressing this CWE-416 memory corruption flaw across all supported Windows versions. CVSS 7.0 reflects high attack complexity but full system compromise if successfully exploited. No public exploit identified at time of analysis, though the vulnerability's local attack vector an
Windows Hello biometric authentication can be bypassed by high-privileged local attackers through improper input validation, allowing unauthorized access to authentication mechanisms. This affects Windows 10 versions 21H2 and 22H2, and Windows 11 versions 22H3 through 26H1. The vulnerability requires administrative or SYSTEM-level privileges to exploit and does not enable remote exploitation, but represents a significant risk in multi-user or compromised-admin scenarios where biometric security is the primary defense mechanism.
Heap-based buffer overflow in the Windows Kernel enables local privilege escalation to SYSTEM on Windows 10 (versions 1607 through 22H2), Windows 11 (versions 22H3 through 26H1), and Windows Server (2012 through 2025). Authenticated local attackers with low privileges can exploit this memory corruption vulnerability to gain complete system control. Microsoft has released patches addressing 21 affected product versions. No public exploit identified at time of analysis, though the local attack vec
Windows Boot Manager contains an uninitialized resource vulnerability (CWE-908) that allows unauthorized attackers to bypass security features through physical access to affected systems. The vulnerability affects Windows 10 (versions 1607, 1809, 21H2, 22H2), Windows 11 (versions 22H3, 23H2, 24H2, 25H2, 26H1), and Windows Server 2016/2019/2022/2025. While the CVSS score of 4.6 reflects the physical attack vector requirement and information disclosure impact, the authentication bypass nature comb
Windows Server Update Service (WSUS) race condition enables local privilege escalation to SYSTEM on Windows 10, 11, and Server 2012-2025. Authenticated users with low-level privileges can exploit improper synchronization in concurrent execution paths to gain full system control. Attack complexity is high (AC:H), requiring precise timing to win the race window. Vendor-released patches available for all affected versions. No public exploit identified at time of analysis, though the high CVSS 7.0 s
Local privilege escalation in Windows Push Notifications across Windows 10/11 and Server 2016-2025 allows low-privileged authenticated users to gain SYSTEM-level access via race condition exploitation. The vulnerability affects all currently supported Windows versions with confirmed vendor patches available. Attack complexity is low with no user interaction required, enabling straightforward exploitation once local access is obtained. The scope change (S:C) indicates the attacker can impact reso
Type confusion in Windows OLE (Object Linking and Embedding) enables authenticated local attackers to escalate privileges across all supported Windows 10, 11, and Server versions (2012-2025). The memory corruption flaw allows low-privileged users to execute code with elevated permissions through incompatible type handling. Vendor-released patches are available for all affected versions. No public exploit identified at time of analysis, though the low attack complexity (AC:L) and lack of user interaction (UI:N) make this accessible to attackers with basic local access.
Local privilege escalation in Windows Sensor Data Service affects all supported Windows 10, Windows 11, and Windows Server versions through untrusted pointer dereference (CWE-822). Authenticated local attackers with low-privilege accounts can exploit this vulnerability with low complexity to gain SYSTEM-level privileges, achieving full compromise of confidentiality, integrity, and availability. Vendor-released patches are available across all affected product lines. No public exploit identified
Local privilege escalation in Windows Remote Desktop Licensing Service affects all supported Windows 10, Windows 11, and Windows Server versions (2012-2025) via missing authentication on a critical function. Authenticated local attackers with low privileges can exploit this CWE-306 authentication bypass to gain SYSTEM-level access with high impact to confidentiality, integrity, and availability (CVSS 7.8). Patch available per vendor; no public exploit identified at time of analysis. The wide foo
Microsoft Local Security Authority Subsystem Service (LSASS) information disclosure vulnerability allows authenticated network attackers to read sensitive memory contents via a bounds check bypass in the LSASS process. The vulnerability affects Windows 10 (versions 1607, 1809, 21H2, 22H2), Windows 11 (versions 22H3, 23H2, 24H2, 25H2, 26H1), Windows Server 2016, 2019, 2022, and 2025. No public exploit code or active exploitation has been reported; vendor-released patches are available across all affected versions.
Windows Remote Desktop spoofing vulnerability allows remote unauthenticated attackers to bypass security warnings and trick users into accepting malicious RDP connections, potentially exposing sensitive session data. Affects all supported Windows 10, 11, and Server versions from 2012 through 2025. Vendor-released patches are available. No public exploit identified at time of analysis, though the low attack complexity (AC:L) and network attack vector (AV:N) indicate exploitation would be straight
Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows authorized local attackers to bypass security features, affecting Windows 10 (versions 1607, 1809, 21H2, 22H2), Windows 11 (versions 22H3 through 26H1), and Windows Server 2016-2025. With a CVSS score of 5.7 and high privilege requirement (PR:H), the vulnerability requires administrative or high-privilege account access but presents significant confidentiality and integrity risk to isolated security domai
Privilege escalation in Windows Management Services (all supported Windows 10/11 and Server versions) allows authenticated local attackers with low privileges to gain high-level system access via race condition exploitation. Vendor-released patches are available for all affected versions. CVSS score of 7.8 reflects high complexity attack requiring precise timing but enabling full system compromise with changed scope. No public exploit identified at time of analysis, though the race condition cla