Microsoft Desktop Window Manager 0-Day Vulnerability Exploited in the wild

Microsoft patched a critical zero-day information disclosure flaw in its Desktop Window Manager (DWM) on January 13, 2026, in the Patch Tuesday update after detecting active exploitation in the wild. Tracked as CVE-2026-20805, the vulnerability allows low-privilege local attackers to expose sensitive user-mode memory, specifically section addresses, via remote ALPC ports. This could aid further […]

The post https://cybersecuritynews.com/desktop-window-manager-0-day-vulnerability/

.

https://cybersecuritynews.com/desktop-window-manager-0-day-vulnerability/