Microsoft published security updates for a cluster of Windows Digital Media and Windows Media elevation-of-privilege vulnerabilities, including CVE-2025-21226, CVE-2025-21228, CVE-2025-21229, CVE-2025-21255, CVE-2025-21256, CVE-2025-21260, CVE-2025-21265, CVE-2025-21324, CVE-2025-21327, and CVE-2025-32716. The issues were listed in Microsoft’s Security Update Guide as local privilege escalation bugs affecting Windows media-related components.
The bulk of the advisories identify Windows Digital Media Elevation of Privilege Vulnerability entries, while CVE-2025-32716 is tracked as a Windows Media Elevation of Privilege Vulnerability, indicating a broader set of media-handling components were affected. Microsoft provided update-guide entries for each CVE, signaling that organizations should prioritize applying the relevant Windows security updates to reduce the risk of attackers gaining elevated privileges on vulnerable systems.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
5 events from the most recent confirmed update back to the earliest known activity.
Microsoft added a Security Update Guide entry for CVE-2025-32716, described as a Windows Media Elevation of Privilege vulnerability. The advisory was published on June 10, 2025.
Microsoft published a Security Update Guide entry for CVE-2025-21310, a Windows Digital Media Elevation of Privilege vulnerability, as part of the January 14, 2025 Patch Tuesday release.
Microsoft published a Security Update Guide entry for CVE-2025-21258, a Windows Digital Media Elevation of Privilege vulnerability, as part of the January 14, 2025 Patch Tuesday release.
Microsoft published a Security Update Guide entry for CVE-2025-21232, a Windows Digital Media Elevation of Privilege vulnerability, as part of the January 14, 2025 Patch Tuesday release.
Microsoft released Security Update Guide entries for multiple Windows Digital Media Elevation of Privilege vulnerabilities, including CVE-2025-21226, CVE-2025-21228, CVE-2025-21229, CVE-2025-21255, CVE-2025-21256, CVE-2025-21260, CVE-2025-21265, CVE-2025-21324, and CVE-2025-21327. The references indicate these advisories were published as part of the January 14, 2025 update cycle.
17 references tracked. Mallory keeps watching after this page renders.
msrc.microsoft.com
Open sourcemsrc.microsoft.com
Open sourcemsrc.microsoft.com
Open sourcemsrc.microsoft.com
Open sourcemsrc.microsoft.com
Open sourcemsrc.microsoft.com
Open sourcemsrc.microsoft.com
Open sourcemsrc.microsoft.com
Open sourceMap indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.