Microsoft Discloses Multiple Windows Information Disclosure Vulnerabilities
Microsoft published security advisories for several Windows information disclosure flaws affecting core services and components, including the Windows CSC Service (CVE-2025-21374), WLAN AutoConfig Service (CVE-2025-21257), Storage Management Provider (CVE-2025-33055, CVE-2025-33062, CVE-2025-55325), and Cryptographic Services (CVE-2025-58720). The advisories indicate that sensitive information could be exposed through weaknesses in widely deployed Windows functionality spanning storage, networking, and cryptographic operations.
The disclosures also align with Microsoft's earlier reporting on a similar Windows iSCSI Target Service Information Disclosure Vulnerability tracked as CVE-2023-24945, underscoring a recurring class of exposure issues across Windows services. While the referenced entries provide limited public technical detail, the breadth of affected components suggests defenders should prioritize Microsoft security updates and review systems that rely on these services for potential exposure to unintended data leakage.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
13 events from the most recent confirmed update back to the earliest known activity.
Microsoft publishes advisory for CVE-2025-59260
Microsoft released a Security Update Guide entry for CVE-2025-59260, an information disclosure vulnerability in the Microsoft Failover Cluster Virtual Driver. The advisory was published as part of the October 2025 Patch Tuesday disclosures.
Microsoft discloses CVE-2025-55325 and CVE-2025-58720
Microsoft published Security Update Guide entries for CVE-2025-55325, affecting the Windows Storage Management Provider, and CVE-2025-58720, affecting Windows Cryptographic Services; both are information disclosure vulnerabilities.
Microsoft publishes advisory for CVE-2025-33065
Microsoft released a Security Update Guide entry for CVE-2025-33065, a Windows Storage Management Provider information disclosure vulnerability. The advisory was published as part of the June 2025 Patch Tuesday disclosures.
Microsoft publishes advisory for CVE-2025-24065
Microsoft released a Security Update Guide entry for CVE-2025-24065, a Windows Storage Management Provider information disclosure vulnerability. The advisory was published as part of the June 2025 Patch Tuesday disclosures.
Microsoft publishes advisory for CVE-2025-32719
Microsoft released a Security Update Guide entry for CVE-2025-32719, a Windows Storage Management Provider information disclosure vulnerability. The advisory was published as part of the June 2025 Patch Tuesday disclosures.
Microsoft publishes CVE-2025-33055 and CVE-2025-33062 advisories
Microsoft released Security Update Guide entries for CVE-2025-33055 and CVE-2025-33062, both described as Windows Storage Management Provider information disclosure vulnerabilities.
Microsoft publishes advisory for CVE-2025-33061
Microsoft released a Security Update Guide entry for CVE-2025-33061, a Windows Storage Management Provider information disclosure vulnerability. The advisory was published alongside other June 2025 Patch Tuesday disclosures.
Microsoft publishes advisory for CVE-2025-21288
Microsoft released a Security Update Guide entry for CVE-2025-21288, a Windows COM Server information disclosure vulnerability. The advisory was published as part of the January 2025 Patch Tuesday disclosures.
Microsoft publishes advisory for CVE-2025-21301
Microsoft released a Security Update Guide entry for CVE-2025-21301, an information disclosure vulnerability in the Windows Geolocation Service. The advisory was published as part of the January 2025 Patch Tuesday disclosures.
Microsoft publishes advisory for CVE-2025-21336
Microsoft released a Security Update Guide entry for CVE-2025-21336, a Windows Cryptographic information disclosure vulnerability. The advisory was published as part of the January 2025 Patch Tuesday disclosures.
Microsoft publishes advisory for CVE-2025-21320
Microsoft released a Security Update Guide entry for CVE-2025-21320, a Windows Kernel Memory information disclosure vulnerability. The advisory was published as part of the January 2025 Patch Tuesday disclosures.
Microsoft discloses CVE-2025-21257 and CVE-2025-21374
Microsoft published Security Update Guide entries for two Windows information disclosure vulnerabilities: CVE-2025-21257 in the WLAN AutoConfig Service and CVE-2025-21374 in the CSC Service.
Microsoft publishes advisory for CVE-2023-24945
Microsoft published a Security Update Guide entry for CVE-2023-24945, an information disclosure vulnerability in the Windows iSCSI Target Service.
Sources
16 references tracked. Mallory keeps watching after this page renders.
CVE-2025-58720 - Security Update Guide - Microsoft - Windows Cryptographic Services Information Disclosure Vulnerability
msrc.microsoft.com
Open sourceCVE-2025-59260 - Security Update Guide - Microsoft - Microsoft Failover Cluster Virtual Driver Information Disclosure Vulnerability
msrc.microsoft.com
Open sourceCVE-2025-55325 - Security Update Guide - Microsoft - Windows Storage Management Provider Information Disclosure Vulnerability
msrc.microsoft.com
Open sourceCVE-2025-33061 - Security Update Guide - Microsoft - Windows Storage Management Provider Information Disclosure Vulnerability
msrc.microsoft.com
Open sourceCVE-2025-21288 - Security Update Guide - Microsoft - Windows COM Server Information Disclosure Vulnerability
msrc.microsoft.com
Open sourceCVE-2025-21301 - Security Update Guide - Microsoft - Windows Geolocation Service Information Disclosure Vulnerability
msrc.microsoft.com
Open sourceCVE-2025-21374 - Security Update Guide - Microsoft - Windows CSC Service Information Disclosure Vulnerability
msrc.microsoft.com
Open sourceCVE-2023-24945 - Security Update Guide - Microsoft - Windows iSCSI Target Service Information Disclosure Vulnerability
portal.msrc.microsoft.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Microsoft Patched Multiple Windows Information Disclosure Flaws Across Kernel and Storage Components
Microsoft published security updates for a broad set of **information disclosure vulnerabilities** affecting Windows components including the **Windows Kernel**, **Secure Kernel Mode**, **Storage Port Driver**, **Kerberos**, **File Explorer**, **Push Notification**, and **Storage Spaces** features. The referenced advisories identify numerous CVEs, including `CVE-2025-21319`, `CVE-2025-21323`, `CVE-2025-21242`, `CVE-2025-32722`, `CVE-2025-49684`, `CVE-2025-48808`, `CVE-2025-48809`, `CVE-2025-48810`, `CVE-2025-26636`, `CVE-2025-55683`, `CVE-2025-59184`, `CVE-2025-59209`, `CVE-2026-32217`, and `CVE-2026-32218`, along with earlier related issues such as `CVE-2024-49082` and `CVE-2022-21877`. The disclosures show a recurring pattern of sensitive data exposure risks in core Windows subsystems, with repeated findings in kernel and storage-related code paths. While the individual entries provide limited public detail, the breadth of affected components indicates that enterprises should prioritize Microsoft security updates for systems running Windows workloads that rely on low-level kernel, storage, authentication, and user-interface services, as these flaws could allow attackers to obtain information that may aid further compromise.
May 25, 2026
Microsoft Patched Multiple Windows Information Disclosure Flaws Across Core Components
Microsoft published security advisories for several **Windows information disclosure vulnerabilities** affecting components including the **COM Server**, **DWM Core Library**, **Windows Management Services**, **Windows Imaging Component**, and **DHCP Server Service**. The issues were tracked as `CVE-2026-20806`, `CVE-2025-33052`, `CVE-2025-59204`, `CVE-2025-53799`, `CVE-2025-21272`, and `CVE-2023-36012`, showing a broad spread of disclosure risks across both client and server-side Windows functionality. Among the disclosed flaws, Microsoft provided the most detail for `CVE-2026-20806`, describing it as a **type confusion** bug in the Windows COM Server that could let a local attacker with **low privileges** read sensitive data, including potentially **User Mode Service Memory**, without user interaction. Microsoft rated that issue **Important** with a **CVSS 3.1 score of 5.5**, said exploitation was considered unlikely, reported no public disclosure or observed exploitation at publication, and stated that an official fix was available; the remaining advisories were listed as information disclosure vulnerabilities with limited public technical detail.
May 25, 2026
Microsoft disclosed multiple Windows vulnerabilities affecting core system components
Microsoft published security advisories for several Windows vulnerabilities spanning core components including the DirectX Graphics Kernel, Windows Themes, Windows Desired State Configuration (DSC), and the Windows Search Service. The issues include denial-of-service flaws tracked as `CVE-2022-21918`, `CVE-2024-30065`, and `CVE-2025-59190`, as well as an information disclosure vulnerability, `CVE-2022-30148`, affecting DSC. The disclosures indicate that widely used Windows subsystems remained exposed to different classes of security risk across multiple product areas, from graphics and theming to configuration management and search. Organizations relying on Windows endpoints and servers would need to review Microsoft’s Security Update Guide entries for the affected components and apply the relevant patches or mitigations to reduce the risk of service disruption or unintended data exposure.
May 25, 2026