Primary

Context

Microsoft Windows Information Disclosure Vulnerability in TWINUI Subsystem

Vulnerability

A vulnerability allowing sensitive information exposure has been identified in the Tablet Windows User Interface (TWINUI) Subsystem. This issue allows an authorized attacker to locally disclose information, specifically the local memory address, on affected systems.

Impact

Exploitation of this vulnerability could lead to unauthorized disclosure of sensitive information, such as local memory addresses, to an attacker.

Remediation

Users can apply the security update provided by Microsoft to address this vulnerability. Security update KB5073724 is available for various Windows 10 versions, while KB5073457 is available for Windows Server 2022. For Windows 11, security update KB5074109 can be applied. Instructions for downloading these security updates are available on the Microsoft Update Catalog.

Added: Jan 13, 2026, 8:11 PM

Updated: Jan 13, 2026, 8:11 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

0.0

relevance

2.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

0.0

relevance

2.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Microsoft Windows Information Disclosure Vulnerability in TWINUI Subsystem

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating