Six newly discovered Windows vulnerabilities, including one rated as critical, could crash systems, allow attackers to run malicious code, or expose sensitive data. The flaws were uncovered by Check Point Research and privately reported to Microsoft under a responsible disclosure process.
One of the most notable discoveries involves what is likely the first publicly disclosed bug in a Rust-based Windows kernel component. Rust is often chosen for its ability to prevent memory errors that have historically led to security flaws
In this case, the issue did not allow code execution but instead triggered a full system crash. The crash forces a restart, potentially disrupting many users at once if exploited across an enterprise network.
Microsoft issued fixes for the vulnerability, and others, during the August Patch Tuesday rollout on August 12.
Windows memory corruption
Two other vulnerabilities, classified as memory corruption issues, can enable arbitrary code execution. One of these was given a critical severity rating. Attackers could use a specially crafted file to trigger the flaw when it is opened or processed, giving them the ability to run malicious programs on the affected system. With such access, an attacker could install remote control tools, steal data, or disrupt operations.
The remaining three vulnerabilities also involve memory corruption, but with an information disclosure impact. These flaws could expose data from the system’s memory to an attacker.
While this often requires local access, one of these, tracked as CVE-2025-47984, can leak information over a network. This raises the risk that attackers could extract sensitive details without ever touching the targeted machine directly.
SEE ALSO: Threat actors move to smaller more persistent attacks
Check Point Research reports that while some of these vulnerabilities are harder to exploit than others, all should be addressed quickly. Leaving any unpatched creates unnecessary exposure for individuals and organizations.
Microsoft users should apply the August updates immediately to protect their devices. Check Point says its customers benefit from an additional safeguard, as detection for these vulnerabilities was already in place before the public patch release.
What do you think about the latest vulnerabilities uncovered in Windows? Let us know in the comments.
Image credit: TeodorLazarev / Shutterstock
