Cybersecurity

Latest: Microsoft Updates Windows Dll That Triggered Security Alerts

2026-01-14 0 views admin
Latest: Microsoft Updates Windows Dll That Triggered Security Alerts

Microsoft has resolved a known issue that was causing security applications to incorrectly flag a core Windows component, the company said in a service alert posted this week.

The list of affected systems is quite extensive and includes both client (Windows 10 and Windows 11) and server (Windows Server 2012 through Windows Server 2025) platforms.

According to widespread user reports over the past several months, third-party security software flagged Windows assets, including WinSqlite3.dll, a dynamic link library (DLL) included with the Windows system libraries that implements the SQLite database engine, as vulnerable to attacks exploiting a memory corruption vulnerability (CVE-2025-6965).

Microsoft confirmed the issue on Tuesday in a service alert seen by BleepingComputer and updated the WinSqlite3.dll Windows core component to address the false positive detections.

"Security scanning applications may report the Windows components WinSqlite3.dll as vulnerable. WinSqllite3.dll is included in Windows as part of core installation components and can be found in system folders. The latest version was included in Windows updates released June 2025 and later," it said.

"This issue was resolved in updates released January 13, 2026 and later. We recommend you install the latest update for your device as it contains important improvements and issue resolution."

Microsoft also noted that WinSqlite3.dll is distinct from sqlite3.dll, which is not a Windows component, and that it can be updated for Microsoft apps by installing their latest version from the Microsoft Store.

In October, Microsoft resolved a false positive issue that caused its Defender for Endpoint enterprise security platform to incorrectly mark SQL Server as end-of-life.

The bug affected Microsoft Defender XDR customers running SQL Server 2017 and 2019, even though SQL Server 2017 will reach the end of extended support in October 2027 and SQL Server 2019 is supported until January 2030.

One week earlier, it fixed another new false positive that caused Defender for Endpoint to flag BIOS firmware on some Dell devices as outdated, prompting users to update it.

Source: BleepingComputer

🏷️ Tags

securityvulnerabilitycveattackexploit

More from Cybersecurity

Update: Critical AI Agents Are Becoming Privilege Escalation Paths

Update: Critical AI Agents Are Becoming Privilege Escalation Paths

2026-01-14 0
Complete Guide to Consentfix Debrief: Insights From The New Oauth Phishing Attack

Complete Guide to Consentfix Debrief: Insights From The New Oauth Phishing Attack

2026-01-14 0
Essential Guide: Hackers Exploit C-ares Dll Side-loading To Bypass Security And...

Essential Guide: Hackers Exploit C-ares Dll Side-loading To Bypass Security And...

2026-01-14 0
Attack Let Hackers Hijack Microsoft Copilot Sessions Reprompt

Attack Let Hackers Hijack Microsoft Copilot Sessions Reprompt

2026-01-14 0

Trending

1

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

2025-10-27 • 189 views
2

CVE-2025-43939: Dell Unity OS Command Injection (High)

2025-10-30 • 148 views
3

Google disputes false claims of massive Gmail data breach

2025-10-30 • 130 views
4

Microsoft: DNS outage impacts Azure and Microsoft 365 services

2025-10-30 • 88 views
5

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting

2025-11-25 • 81 views