Microsoft: >> Windows 11 24h2 Security Vulnerabilities
Microsoft is aware of a security feature bypass vulnerability in Windows publicly referred to as "YellowKey". The proof of concept for this vulnerability has been made public violating coordinated vulnerability best practices.
We are issuing this CVE to provide mitigation guidance that can be implemented to protect against this vulnerability until the security update is made available.
Mitigation FAQs
Should I leverage the temporary mitigation?
Microsoft recommends that you consider implementing these mitigations if you are concerned your devices and data are at risk of being compromised or stolen. For example, if your organization’s employees take their work devices home or on business travel.
What impact to service availability/management could be caused by implementing the mitigations?
Implementing these mitigations will not impact service availability or management operations.
Do customers need to revert the changes made to mitigate the vulnerability once the security update to protect against this vulnerability is available?
No. The security update will maintain the mitigation's behavior once the security update is installed.
I am using TPM+PIN, am I at risk of this vulnerability being exploited
No, if you are using TPM+PIN the vulnerability is not exploitable.
CVSS Score
6.8
EPSS Score
0.001
Published
2026-05-20
Integer overflow or wraparound in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2026-05-12
Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally.
CVSS Score
7.0
EPSS Score
0.0
Published
2026-05-12
Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network.
CVSS Score
9.8
EPSS Score
0.0
Published
2026-05-12
Reliance on a component that is not updateable in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
CVSS Score
6.7
EPSS Score
0.003
Published
2026-05-12
Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.001
Published
2026-05-12
Windows TCP/IP Denial of Service Vulnerability
CVSS Score
7.4
EPSS Score
0.001
Published
2026-05-12
Windows TCP/IP Denial of Service Vulnerability
CVSS Score
7.4
EPSS Score
0.001
Published
2026-05-12
Use after free in Windows TCP/IP allows an unauthorized attacker to execute code over a network.
CVSS Score
8.1
EPSS Score
0.001
Published
2026-05-12
Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to execute code locally.
CVSS Score
8.8
EPSS Score
0.0
Published
2026-05-12
Page 1