Do Son 
For users of Windows 11 who have recently deployed the latest cumulative updates, a myriad of complications may have already surfaced. Among these, a relatively obscure yet critical issue has emerged: certain hardware equipped with integrated modemsβtraditionally utilized for dial-up connectivityβhas been rendered incapable of accessing the internet following the installation.
While affected users initially presumed these connectivity failures were mere unintended bugs, a meticulous examination of the release notes reveals that Microsoft has deliberately decommissioned several legacy modem drivers. This decisive action was prompted by the discovery of significant security vulnerabilities within these long-abandoned software components. The specific drivers targeted for neutralization include:
- AGRSM64.SYS and AGRSM.SYS: Developed by Agere Systems, these artifacts have lacked maintenance for over two decades.
- SMSERL64.SYS and SMSERIAL.SYS: Predominantly associated with Motorola and various third-party soft-modems, these operate as serial communication drivers.
The technical community identified severe security flaws within these drivers in 2023 and 2025, most notably CVE-2023-31096, an elevation of privilege vulnerability, and CVE-2025-24052, a perilous stack-based buffer overflow.
The latter is particularly hazardous; its mere presence within the system allows malicious actors to orchestrate an assault, irrespective of whether the physical modem hardware is actively engaged. Agere Systems, a descendant of the venerable Bell Labs, has vanished into history through a series of corporate acquisitions. While the intellectual property now resides with Broadcom, that entity has expressed no intention of sustaining such antiquated hardware or software.
Consequently, Microsoft has prioritized systemic integrity by forcibly disabling these drivers within Windows 11. This shift predominantly impacts specialized sectors and industrial control environments. At present, no official remediation exists; users are forced into the precarious position of either uninstalling the security patches or forfeiting future system updates entirely.
Related Posts:
- Cybercrime and Passport Fraud: Former Motorola Tech Faces Double Trouble
- October Patch Tuesday: Microsoft Fixes 6 Zero-Days, Including 4 Actively Exploited Flaws, as Windows 10 Reaches End-of-Life
- Researcher Demonstrates Local Privilege Escalation in Legacy Windows Modem Driver Exploited in the Wild
- MediaTek September 2025 Security Bulletin: High-Severity Modem Flaws Could Enable Remote Attacks
Support Our Threat Intelligence
If you find our CVE report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
