Use After Free Vulnerability in Windows LDAP by Microsoft
CVE-2025-26663
Key Information:
- Vendor
- Microsoft
- Status
- Vendor
- CVE Published:
- 8 April 2025
Badges
Summary
A use after free vulnerability exists in the Windows Lightweight Directory Access Protocol (LDAP) component that could allow an unauthorized attacker to execute arbitrary code remotely. This flaw stems from improper handling of memory, which can be exploited by an attacker sending specially crafted requests to the affected system. This vulnerability poses a significant risk, potentially allowing attackers to gain control over the affected system and execute malicious commands.
Affected Version(s)
Windows 10 Version 1507 32-bit Systems 10.0.10240.0 < 10.0.10240.20978
Windows 10 Version 1607 32-bit Systems 10.0.14393.0 < 10.0.14393.7970
Windows 10 Version 1809 32-bit Systems 10.0.17763.0 < 10.0.17763.7137
Get notified when SecurityVulnerability.io launches alerting 🔔
Well keep you posted 📧
News Articles
Microsoft’s April 2025 bumper Patch Tuesday corrects 124 bugs | Com...
Microsoft is correcting 124 vulnerabilities in its March Patch Tuesday, one of which is being actively exploited in the wild, and 11 of which are ‘critical’.
1 week ago
Patch Tuesday, April 2025 Edition
Microsoft today released updates to plug at least 121 security holes in its Windows operating systems and software, including one vulnerability that is already being exploited in the wild. Eleven of those flaws earned Microsoft's most-dire "critical" rating, meaning malware…
1 week ago
References
CVSS V3.1
Timeline
- 👾
Exploit known to exist
- 📰
First article discovered by Krebs on Security
Vulnerability published
Vulnerability Reserved