Primary

Context

Microsoft Windows Performance Monitor Integer Underflow Vulnerability Allowing Remote Code Execution

Vulnerability

A remote code execution vulnerability has been identified in Windows Performance Monitor. This issue arises from an integer underflow, or wraparound, which allows an unauthorized attacker to execute code over a network. The vulnerability affects multiple Windows 11 versions, Windows Server 2022, and Windows Server 2025.

Impact

Exploitation of this vulnerability could lead to unauthorized remote code execution on the affected system.

Remediation

Users can download the security update for this vulnerability via the Microsoft Update Catalog. For Windows Server 2022, the update is KB5094128. For Windows 11, the updates are KB5095051 for version 26H1, KB5094126 for version 24H2, and KB5093998 for version 23H2. Windows 11 version 25H2 also has an available update, KB5094126. For Windows Server 2025, the security update is KB5094125.

Added: Jun 9, 2026, 7:35 PM

Updated: Jun 9, 2026, 7:35 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

7.5

exploitability

5.4

remediation

7.7

relevance

9.6

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

7.5

exploitability

5.4

remediation

7.7

relevance

9.6

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Microsoft Windows Performance Monitor Integer Underflow Vulnerability Allowing Remote Code Execution

Vulnerability

Impact

Remediation

Affected Products

Microsoft Windows Server 2022

Microsoft Windows 11

Microsoft Windows Server 2025

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating