TheWindowsUpdate.com

Missing authorization in Remote Desktop Server allows an unauthorized attacker to perform spoofing over a network. Continue reading CVE-2025-50171 Remote Desktop Spoofing Vulnerability→

Access of resource using incompatible type (‘type confusion’) in Windows Push Notifications allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-53725 Windows Push Notifications Apps Elevation of Privilege Vulnerability→

Improper handling of insufficient permissions or privileges in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-50170 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability→

Numeric truncation error in Windows Hyper-V allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-53723 Windows Hyper-V Elevation of Privilege Vulnerability→

Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows SMB allows an unauthorized attacker to execute code over a network. Continue reading CVE-2025-50169 Windows SMB Remote Code Execution Vulnerability→

Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-53721 Windows Connected Devices Platform Service Elevation of Privilege Vulnerability→

Access of resource using incompatible type (‘type confusion’) in Windows Win32K – ICOMP allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-50168 Win32k Elevation of Privilege Vulnerability→

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to disclose information over a network. Continue reading CVE-2025-53719 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability→