Microsoft Security Response Center Blog Alerts

CVE-2025-26652 Windows Standards-Based Storage Management Service Denial of Service Vulnerability

Posted on Tuesday April 08, 2025

Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.

 

CVE-2025-26651 Windows Local Session Manager (LSM) Denial of Service Vulnerability

Posted on Tuesday April 08, 2025

Exposed dangerous method or function in Windows Local Session Manager (LSM) allows an authorized attacker to deny service over a network.

 

CVE-2025-26647 Windows Kerberos Elevation of Privilege Vulnerability

Posted on Tuesday April 08, 2025

Improper input validation in Windows Kerberos allows an unauthorized attacker to elevate privileges over a network.

 

CVE-2025-26649 Windows Secure Channel Elevation of Privilege Vulnerability

Posted on Tuesday April 08, 2025

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Secure Channel allows an authorized attacker to elevate privileges locally.

 

CVE-2025-26648 Windows Kernel Elevation of Privilege Vulnerability

Posted on Tuesday April 08, 2025

Sensitive data storage in improperly locked memory in Windows Kernel allows an authorized attacker to elevate privileges locally.

 

CVE-2025-26644 Windows Hello Spoofing Vulnerability

Posted on Tuesday April 08, 2025

Automated recognition mechanism with inadequate detection or handling of adversarial input perturbations in Windows Hello allows an unauthorized attacker to perform spoofing locally.

 

Page:   1...353637383940414243...172

Celebrating 35+ Years

Managed Computer Support Services

Contact Us

Support Ends for Windows 10 22H2, Windows Server 2012 R2, Exchange 2013, Office 2016