Microsoft Releases Critical Security Updates for CVE-2026-45932 Vulnerability

Microsoft has released security updates to address CVE-2026-45932, a critical vulnerability affecting multiple Windows products. The vulnerability could allow an attacker to execute arbitrary code with elevated privileges on affected systems.

Vulnerability Details

CVE-2026-45932 is a critical remote code execution vulnerability in the Windows Graphics Component. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system.

The vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker could exploit this vulnerability by convincing a user to open a specially crafted image file.

Severity and CVSS Score

This vulnerability carries a CVSS base score of 8.8, classified as High severity. The vulnerability has a complexity of Low, requiring no user interaction for exploitation, and a scope of Changed, meaning exploitation could affect other components on the system.

Affected Products

The following Microsoft products are affected by this vulnerability:

• Windows 10 Version 21H2 and later
• Windows 11 Version 22H2 and later
• Windows Server 2022
• Windows Server 2019
• Windows Server 2016
• Microsoft Office 2021
• Microsoft 365 Apps for Enterprise

Security Updates

Microsoft has released security updates for all affected products on June 11, 2026. The updates are available through:

• Windows Update
• Microsoft Update
• Windows Server Update Services (WSUS)
• Microsoft Endpoint Configuration Manager
• Microsoft Update Catalog

Mitigation Steps

For systems that cannot be patched immediately, Microsoft recommends the following mitigations:

1. Enable Enhanced Mitigations:

   • Set the "Image file execution options" registry key to block execution from untrusted locations
   • Enable Windows Defender Exploit Guard
   • Configure Attack Surface Reduction (ASR) rules

2. File Blocking: Block the processing of image files from untrusted sources using application control solutions.

3. Network Segmentation: Isolate critical systems from untrusted networks to limit potential attack vectors.

4. User Account Control: Ensure User Account Control (UAC) is set to its highest level to limit privileges even if exploitation occurs.

Detection and Monitoring

Organizations should monitor for the following indicators of potential exploitation:

• Unusual image file processing in Windows logs
• Unexpected processes spawned from image handling applications
• Network connections from suspicious IP addresses

Microsoft has added detection capabilities to Microsoft Defender for Endpoint to identify attempts to exploit this vulnerability.

Timeline

• Discovery: January 15, 2026
• Reported to Microsoft: January 18, 2026
• Fix Shipped: June 11, 2026
• Public Disclosure: June 12, 2026

Additional Resources

For more detailed information, refer to the following resources:

• Microsoft Security Advisory CVE-2026-45932
• MSRC Blog Post
• Windows Security Update Guide
• Microsoft Security Response Center

Organizations experiencing issues with the updates should contact Microsoft Support through the Microsoft Support Portal.