[UPDATE] [high] Microsoft Windows and Windows Server: Multiple vulnerabilities
An attacker can exploit multiple vulnerabilities in Microsoft Windows and Windows Server to escalate privileges, execute arbitrary code, conduct a denial of service attack, bypass security measures, disclose information, and present false information.
CSIRTS triage
- What
- Multiple vulnerabilities in Microsoft Windows and Windows Server can be exploited for various attacks.
- Who is affected
- Users and administrators of Microsoft Windows and Windows Server.
- Urgency
- Remediation is urgent due to the high severity of the vulnerabilities.
- Action
- Users should apply the latest security updates to mitigate these vulnerabilities.
AI-assisted analysis generated from the source advisory — verify against the original.
⚡ Watch Windows and Windows Server
Get an email when a new Windows and Windows Server advisory drops — max one per day, one-click unsubscribe.
Details
Original advisory: https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0661
Exploitation outlook
EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.
- Low exploitation riskCVE-2026-261280.45% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 36% of all scored CVEs.
- Moderate exploitation riskCVE-2026-242913.2% 30-day exploitation probability. Patch within normal cadence, watch for KEV listing. Riskier than 87% of all scored CVEs.
- Low exploitation riskCVE-2026-236560.30% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 21% of all scored CVEs.
- Low exploitation riskCVE-2026-236670.30% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 22% of all scored CVEs.
- Moderate exploitation riskCVE-2026-236683.6% 30-day exploitation probability. Patch within normal cadence, watch for KEV listing. Riskier than 88% of all scored CVEs.
- Low exploitation riskCVE-2026-236690.91% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 56% of all scored CVEs.
- Low exploitation riskCVE-2026-236710.21% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 11% of all scored CVEs.
- Low exploitation riskCVE-2026-236720.35% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 27% of all scored CVEs.
- Low exploitation riskCVE-2026-236730.38% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 30% of all scored CVEs.
- Moderate exploitation riskCVE-2026-236741.2% 30-day exploitation probability. Patch within normal cadence, watch for KEV listing. Riskier than 64% of all scored CVEs.
Referenced CVEs
Recent advisories for Microsoft Windows and
A cluster of recent advisories against the same product widens the attack surface — attackers routinely chain freshly published CVEs on one product, so review these together.
- critical[UPDATE] [critical] Microsoft Windows products: Multiple vulnerabilitiescert-bund · 2026-07-09
- mediumCVE-2026-42915: Microsoft Windows VMSwitch Denial of Service Vulnerabilitymsrc · 2026-06-09
- criticalexploitedCVE-2008-4250: Microsoft Windows Buffer Overflow Vulnerabilitycisa-kev · 2026-05-20
- criticalexploitedCVE-2026-32202: Microsoft Windows Protection Mechanism Failure Vulnerabilitycisa-kev · 2026-04-28
- criticalexploitedCVE-2025-60710: Microsoft Windows Link Following Vulnerabilitycisa-kev · 2026-04-13
- criticalexploitedCVE-2023-36424: Microsoft Windows Out-of-Bounds Read Vulnerabilitycisa-kev · 2026-04-13
More from CERT-Bund (BSI) Security Advisories
- medium[NEW] [medium] DENX U-Boot: Multiple vulnerabilities allow execution of arbitrary code and DoS2026-07-10
- medium[NEW] [medium] Samsung Android: Multiple vulnerabilities2026-07-10
- medium[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities allow denial of service2026-07-10
- medium[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities allow unspecified attack2026-07-10
- medium[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities allow denial of service2026-07-10