By Sergiu Gatlan
Publication Date: 2026-01-14 16:44:00
Microsoft has resolved a known issue that was causing security applications to incorrectly flag a core Windows component, the company said in a service alert posted this week.
The list of affected systems is quite extensive and includes both client (Windows 10 and Windows 11) and server (Windows Server 2012 through Windows Server 2025) platforms.
According to widespread user reports over the past several months, third-party security software flagged Windows assets, including WinSqlite3.dll, a dynamic link library (DLL) included with the Windows system libraries that implements the SQLite database engine, as vulnerable to attacks exploiting a memory corruption vulnerability (CVE-2025-6965).
Microsoft confirmed the issue on Tuesday in a service alert seen by BleepingComputer and updated the WinSqlite3.dll Windows core component to address the false positive detections.
“Security scanning applications may report the Windows components WinSqlite3.dll as…
_Dragos_Condrea_Alamy.jpg?disable=upscale&width=1200&height=630&fit=crop&ssl=1 "Microsoft to Bundle Security Copilot in M365 Enterprise License")
