Microsoft Desktop Window Manager Vulnerability Allows Privilege Escalation
Posted: Fri Dec 19, 2025 2:59 pm
Microsoft has released a security patch addressing a critical out-of-bounds vulnerability in Desktop Windows Manager (DWM) that could allow local attackers to escalate privileges on Windows systems.
The vulnerability, tracked as CVE-2025-55681, resides in the dwmcore!CBrushRenderingGraphBuilderAddEffectBrush function and affects Windows systems through a complex attack chain.
The flaw was discovered during the TyphoonPWN Windows security competition, where it placed second in the vulnerability category.
https://cyberpress.org/microsoft-deskto ... erability/
The vulnerability, tracked as CVE-2025-55681, resides in the dwmcore!CBrushRenderingGraphBuilderAddEffectBrush function and affects Windows systems through a complex attack chain.
The flaw was discovered during the TyphoonPWN Windows security competition, where it placed second in the vulnerability category.
https://cyberpress.org/microsoft-deskto ... erability/