Microsoft disclosed multiple Windows vulnerabilities affecting core system components
Microsoft published security advisories for several Windows vulnerabilities spanning core components including the DirectX Graphics Kernel, Windows Themes, Windows Desired State Configuration (DSC), and the Windows Search Service. The issues include denial-of-service flaws tracked as CVE-2022-21918, CVE-2024-30065, and CVE-2025-59190, as well as an information disclosure vulnerability, CVE-2022-30148, affecting DSC.
The disclosures indicate that widely used Windows subsystems remained exposed to different classes of security risk across multiple product areas, from graphics and theming to configuration management and search. Organizations relying on Windows endpoints and servers would need to review Microsoft’s Security Update Guide entries for the affected components and apply the relevant patches or mitigations to reduce the risk of service disruption or unintended data exposure.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
5 events from the most recent confirmed update back to the earliest known activity.
Microsoft publishes advisory for CVE-2025-59190
Microsoft published a Security Update Guide advisory for CVE-2025-59190, a Windows Search Service denial-of-service vulnerability.
Microsoft publishes advisory for CVE-2024-30065
Microsoft published a Security Update Guide advisory for CVE-2024-30065, a Windows Themes denial-of-service vulnerability.
Microsoft publishes advisory for CVE-2022-30155
Microsoft published a Security Update Guide advisory for CVE-2022-30155, a Windows Kernel denial-of-service vulnerability.
Microsoft publishes advisory for CVE-2022-30148
Microsoft published a Security Update Guide advisory for CVE-2022-30148, a Windows Desired State Configuration (DSC) information disclosure vulnerability.
Microsoft publishes advisory for CVE-2022-21918
Microsoft published a Security Update Guide advisory for CVE-2022-21918, a DirectX Graphics Kernel File denial-of-service vulnerability.
Sources
5 references tracked. Mallory keeps watching after this page renders.
CVE-2025-59190 - Security Update Guide - Microsoft - Windows Search Service Denial of Service Vulnerability
msrc.microsoft.com
Open sourceCVE-2024-30065 - Security Update Guide - Microsoft - Windows Themes Denial of Service Vulnerability
msrc.microsoft.com
Open sourceCVE-2022-30148 - Security Update Guide - Microsoft - Windows Desired State Configuration (DSC) Information Disclosure Vulnerability
msrc.microsoft.com
Open sourceCVE-2022-30155 - Security Update Guide - Microsoft - Windows Kernel Denial of Service Vulnerability
msrc.microsoft.com
Open sourceCVE-2022-21918 - Security Update Guide - Microsoft - DirectX Graphics Kernel File Denial of Service Vulnerability
portal.msrc.microsoft.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Microsoft Patched Multiple Windows Information Disclosure Flaws Across Kernel and Storage Components
Microsoft published security updates for a broad set of **information disclosure vulnerabilities** affecting Windows components including the **Windows Kernel**, **Secure Kernel Mode**, **Storage Port Driver**, **Kerberos**, **File Explorer**, **Push Notification**, and **Storage Spaces** features. The referenced advisories identify numerous CVEs, including `CVE-2025-21319`, `CVE-2025-21323`, `CVE-2025-21242`, `CVE-2025-32722`, `CVE-2025-49684`, `CVE-2025-48808`, `CVE-2025-48809`, `CVE-2025-48810`, `CVE-2025-26636`, `CVE-2025-55683`, `CVE-2025-59184`, `CVE-2025-59209`, `CVE-2026-32217`, and `CVE-2026-32218`, along with earlier related issues such as `CVE-2024-49082` and `CVE-2022-21877`. The disclosures show a recurring pattern of sensitive data exposure risks in core Windows subsystems, with repeated findings in kernel and storage-related code paths. While the individual entries provide limited public detail, the breadth of affected components indicates that enterprises should prioritize Microsoft security updates for systems running Windows workloads that rely on low-level kernel, storage, authentication, and user-interface services, as these flaws could allow attackers to obtain information that may aid further compromise.
May 25, 2026
Microsoft Discloses Multiple Windows Information Disclosure Vulnerabilities
Microsoft published security advisories for several Windows **information disclosure** flaws affecting core services and components, including the **Windows CSC Service** (`CVE-2025-21374`), **WLAN AutoConfig Service** (`CVE-2025-21257`), **Storage Management Provider** (`CVE-2025-33055`, `CVE-2025-33062`, `CVE-2025-55325`), and **Cryptographic Services** (`CVE-2025-58720`). The advisories indicate that sensitive information could be exposed through weaknesses in widely deployed Windows functionality spanning storage, networking, and cryptographic operations. The disclosures also align with Microsoft's earlier reporting on a similar **Windows iSCSI Target Service Information Disclosure Vulnerability** tracked as `CVE-2023-24945`, underscoring a recurring class of exposure issues across Windows services. While the referenced entries provide limited public technical detail, the breadth of affected components suggests defenders should prioritize Microsoft security updates and review systems that rely on these services for potential exposure to unintended data leakage.
May 25, 2026
Microsoft discloses multiple Windows elevation-of-privilege flaws across kernel and core components
Microsoft published security advisories for a series of **Windows elevation-of-privilege** vulnerabilities affecting the **Windows Kernel**, **File Explorer**, **Windows Management Service**, **Windows UI XAML Phone DatePickerFlyout**, **Windows Graphics Component**, **Windows Storage**, and the **DirectX Graphics Kernel**. The referenced flaws include `CVE-2026-26132`, `CVE-2025-62565`, `CVE-2025-54103`, `CVE-2025-54111`, `CVE-2025-55693`, `CVE-2024-38249`, `CVE-2025-62573`, `CVE-2024-38248`, and `CVE-2025-55678`. The disclosures indicate a broad patching effort spanning core operating system subsystems and user-facing Windows components, with repeated exposure in privileged areas such as the kernel and graphics stack. For defenders, the concentration of elevation-of-privilege issues across these components raises the risk that attackers could chain local access or code execution with privilege escalation to gain **SYSTEM-level** or otherwise expanded rights on affected Windows systems, making prompt validation and deployment of Microsoft updates a priority.
May 25, 2026