Microsoft published security advisories for a broad set of denial-of-service vulnerabilities affecting Windows components and related software, including IP Helper (CVE-2025-21231), Windows Virtual Trusted Platform Module (CVE-2025-21280), Windows Remote Desktop Services (CVE-2025-21330), DHCP Client Service (CVE-2025-21179), Windows Active Directory Domain Services API (CVE-2025-21351), Windows Hyper-V (CVE-2025-62567), Windows Kerberos (CVE-2022-41053), and Microsoft Defender (CVE-2023-36010). The disclosures indicate continued exposure of core enterprise infrastructure services to attacks that can disrupt availability without necessarily compromising data or system integrity.
Microsoft also issued an advisory for Prometheus remote read endpoint vulnerability CVE-2026-42154, describing a remotely exploitable flaw caused by a crafted snappy payload that can trigger uncontrolled resource consumption. Microsoft rated the issue CVSS 7.5 and said it requires no privileges and no user interaction, with impact focused on sustained or persistent service outages. Together, the advisories highlight availability risks spanning identity, networking, virtualization, endpoint protection, remote access, and monitoring systems commonly deployed in enterprise environments.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
17 events from the most recent confirmed update back to the earliest known activity.
The CVE-2026-42154 advisory was last updated after initial publication, reflecting a follow-up revision to Microsoft's Prometheus denial-of-service notice.
Microsoft disclosed CVE-2026-42154 affecting Prometheus, describing a remotely exploitable denial-of-service flaw in the remote read endpoint caused by a crafted snappy payload. The advisory rated the issue CVSS 7.5 and said no privileges or user interaction were required.
Microsoft added CVE-2025-62567 to the Security Update Guide as a Windows Hyper-V denial-of-service vulnerability.
Microsoft added CVE-2025-21350 to the Security Update Guide as a Windows Kerberos denial-of-service vulnerability. The advisory was published as part of Microsoft's February 2025 security updates.
Microsoft added CVE-2025-21254 to the Security Update Guide as an Internet Connection Sharing (ICS) denial-of-service vulnerability. The advisory was published as part of Microsoft's February 2025 security updates.
Microsoft published CVE-2025-21179 and CVE-2025-21351 in the Security Update Guide, describing denial-of-service vulnerabilities in DHCP Client Service and Windows Active Directory Domain Services API.
Microsoft added CVE-2025-21207 to the Security Update Guide as a Windows Connected Devices Platform Service (Cdpsvc) denial-of-service vulnerability. The advisory was published as part of Microsoft's January 2025 security updates.
Microsoft added CVE-2025-21313 to the Security Update Guide as a Windows Security Account Manager (SAM) denial-of-service vulnerability. The advisory was published as part of Microsoft's January 2025 security updates.
Microsoft added CVE-2025-21300 to the Security Update Guide as a Windows Universal Plug and Play (UPnP) Device Host denial-of-service vulnerability. The advisory was published as part of Microsoft's January 2025 security updates.
Microsoft added CVE-2025-21389 to the Security Update Guide as a Windows Universal Plug and Play (UPnP) Device Host denial-of-service vulnerability. The advisory was published as part of Microsoft's January 2025 security updates.
Microsoft added CVE-2025-21278 to the Security Update Guide as a Windows Remote Desktop Gateway (RD Gateway) denial-of-service vulnerability. The advisory was published as part of Microsoft's January 2025 security updates.
Microsoft added CVE-2025-21225 to the Security Update Guide as a Windows Remote Desktop Gateway (RD Gateway) denial-of-service vulnerability. The advisory was published as part of Microsoft's January 2025 security updates.
Microsoft added CVE-2025-21218 to the Security Update Guide as a Windows Kerberos denial-of-service vulnerability. The advisory was published as part of Microsoft's January 2025 security updates.
Microsoft added CVE-2025-21284 to the Security Update Guide as a Windows Virtual Trusted Platform Module denial-of-service vulnerability. The advisory was published as part of Microsoft's January 2025 security updates.
Microsoft published Security Update Guide entries for CVE-2025-21231, CVE-2025-21280, and CVE-2025-21330, covering denial-of-service vulnerabilities in IP Helper, Windows Virtual Trusted Platform Module, and Windows Remote Desktop Services.
Microsoft published security guidance for CVE-2023-36010, a Microsoft Defender denial-of-service vulnerability.
Microsoft added CVE-2022-41053 to its Security Update Guide as a Windows Kerberos denial-of-service vulnerability.
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
23 references tracked. Mallory keeps watching after this page renders.
msrc.microsoft.com
Open sourcemsrc.microsoft.com
Open sourcemsrc.microsoft.com
Open sourcemsrc.microsoft.com
Open sourcemsrc.microsoft.com
Open sourcemsrc.microsoft.com
Open sourceportal.msrc.microsoft.com
Open sourcemsrc.microsoft.com
Open sourceMap indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.