Tag Archives: WinKernel

February Microsoft Patch Tuesday

Leave a reply

February Microsoft Patch Tuesday

February Microsoft Patch Tuesday. A total of 55 vulnerabilities, half as many as in January. There are as many as six (❗️) vulnerabilities being exploited in the wild:

🔻 SFB – Windows Shell (CVE-2026-21510)
🔻 SFB – Microsoft Word (CVE-2026-21514)
🔻 SFB – MSHTML Framework (CVE-2026-21513)
🔻 EoP – Windows Remote Desktop Services (CVE-2026-21533)
🔻 EoP – Desktop Window Manager (CVE-2026-21519)
🔻 DoS – Windows Remote Access Connection Manager (CVE-2026-21525)

There is also one vulnerability with a public exploit:

🔸 DoS – libjpeg (CVE-2023-2804)

Among the remaining vulnerabilities, the following stand out:

🔹 RCE – Windows Notepad App (CVE-2026-20841)
🔹 Spoofing – Outlook (CVE-2026-21511)
🔹 EoP – Windows Kernel (CVE-2026-21231, CVE-2026-21239, CVE-2026-21245), Windows AFD.sys (CVE-2026-21236, CVE-2026-21238, CVE-2026-21241)

🗒 Full Vulristics report

На русском

November Microsoft Patch Tuesday

Leave a reply

November Microsoft Patch Tuesday

November Microsoft Patch Tuesday. A total of 65 vulnerabilities. I’m not comparing this with the October report because I’ve decided to cover only MSPT-day vulnerabilities. The thing is, Microsoft has started massively adding Linux-product vulnerabilities to their official website, and these clutter the “extended” MSPT reports. 🤷‍♂️

There is one vulnerability with evidence of in-the-wild exploitation:

🔻 EoP – Windows Kernel (CVE-2025-62215)

No vulnerabilities have publicly available exploits yet. Notable ones include:

🔹 RCE – GDI+ (CVE-2025-60724), Microsoft Office (CVE-2025-62199), Microsoft Office (CVE-2025-62205, CVE-2025-62216), Agentic AI and Visual Studio Code (CVE-2025-62222), Visual Studio (CVE-2025-62214)
🔹 EoP – Windows Client-Side Caching (CVE-2025-60705), Windows Ancillary Function Driver for WinSock (CVE-2025-60719, CVE-2025-62213, CVE-2025-62217), Microsoft SQL Server (CVE-2025-59499)

🗒 Full Vulristics report

На русском