Opinions, tips, and news orbiting Microsoft
Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Continue reading CVE-2026-44820 Microsoft Excel Remote Code Execution Vulnerability
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally. Continue reading CVE-2026-42907 Windows Shell Information Disclosure Vulnerability
Exposure of sensitive information to an unauthorized actor in Windows Hyper-V allows an authorized attacker to disclose information locally. Continue reading CVE-2026-42972 Windows Hyper-V Information Disclosure Vulnerability
Updated an acknowledgement. This is an informational change only. Continue reading CVE-2026-42905 Windows DWM Core Library Elevation of Privilege Vulnerability
Incorrect calculation of buffer size in Windows TCP/IP allows an authorized attacker to deny service over an adjacent network. Continue reading CVE-2026-42915 Windows TCP/IP Denial of Service Vulnerability
Information published. Continue reading CVE-2026-42903 Windows Kerberos Denial of Service Vulnerability
Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows Telephony Service allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-42912 Windows Telephony Service Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization (‘race condition’) in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-42836 Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability