SB20260414163 - Multiple vulnerabilities in Microsoft Windows Ancillary Function Driver for WinSock

Description

This security bulletin contains information about 8 secuirty vulnerabilities.

1) Use-after-free (CVE-ID: CVE-2026-32073)

The vulnerability allows a local user to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in Windows Ancillary Function Driver for WinSock. A local user can win a race condition and gain elevated privileges on the target system.

2) Use-after-free (CVE-ID: CVE-2026-33100)

The vulnerability allows a local user to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in Windows Ancillary Function Driver for WinSock. A local user can win a race condition and gain elevated privileges on the target system.

3) Use-after-free (CVE-ID: CVE-2026-33099)

The vulnerability allows a local user to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in Windows Ancillary Function Driver for WinSock. A local user can win a race condition and gain elevated privileges on the target system.

4) Use-after-free (CVE-ID: CVE-2026-27922)

The vulnerability allows a local user to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in Windows Ancillary Function Driver for WinSock. A local user can win a race condition and gain elevated privileges on the target system.

5) Use-after-free (CVE-ID: CVE-2026-26182)

The vulnerability allows a local user to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in Windows Ancillary Function Driver for WinSock. A local user can win a race condition and gain elevated privileges on the target system.

6) Use-after-free (CVE-ID: CVE-2026-26177)

The vulnerability allows a local user to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in Windows Ancillary Function Driver for WinSock. A local user can win a race condition and gain elevated privileges on the target system.

7) Race condition (CVE-ID: CVE-2026-26173)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition in Windows Ancillary Function Driver for WinSock. A local user can exploit the race and escalate privileges on the system.

8) Race condition (CVE-ID: CVE-2026-26168)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition in Windows Ancillary Function Driver for WinSock. A local user can exploit the race and escalate privileges on the system.

Remediation

Install update from vendor's website.

References

• https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32073
• https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33100
• https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33099
• https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27922
• https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26182
• https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26177
• https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26173
• https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26168