Microsoft has identified a critical security vulnerability affecting multiple products that could allow remote code execution. The vulnerability has been assigned CVE-2026-23361 and is being actively exploited in the wild.
Microsoft has issued security guidance for CVE-2026-23361, a critical vulnerability affecting multiple products. The vulnerability could allow an attacker to execute arbitrary code with elevated privileges.
Affected Products:
- Windows 10 (version 21H2 and later)
- Windows 11 (all versions)
- Windows Server 2022
- Azure Stack HCI
- Microsoft Edge (Chromium-based)
CVSS Score: 9.8 (Critical)
The vulnerability exists in the way Microsoft Windows handles objects in memory. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, the attacker could take control of the affected system.
Microsoft has released security updates to address this vulnerability. Organizations should apply these updates immediately.
Mitigation Steps:
- Apply the latest security updates for affected products
- Enable the Windows Update for Business service for automatic deployment
- Implement the principle of least privilege for user accounts
- Deploy network-level protections using Microsoft Defender for Endpoint
Timeline:
- Vulnerability discovered: October 2025
- Exploited in the wild: December 2025
- Security updates released: January 2026
- Next scheduled security update: February 2026
Microsoft has provided detailed guidance in their Security Update Guide. Additional information is available in the Microsoft Security Response Center blog.
Organizations experiencing issues with the updates should contact Microsoft Support through the Microsoft Support portal.
This is a critical vulnerability. All organizations should prioritize applying these security updates as soon as possible.
Comments
Please log in or register to join the discussion