| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| CVE-2025-50165 | Windows Graphics Component Remote Code Execution Vulnerability | Windows Server, Windows 11 | Critical | 01-09-2025 |
Technical Information
The attacker can exploit an untrusted pointer dereference and use of an uninitialized function pointer in the Windows Graphics Component, triggered when decoding a malicious JPEG image embedded in Office or third-party files, to achieve remote code execution without user interaction.
Patch release date: Aug 12, 2025
Further information on this vulnerability is available at : CVE-2025-50165
Affected Software
Windows Server 2025 (Server Core installation),Windows 11 Version 24H2 for ARM64-based Systems,
Windows 11 Version 24H2 for x64-based Systems,
Windows Server 2025