on June 10, 2025 at 7:00 am — CVE-2025-29828 Windows Schannel Remote Code Execution Vulnerability
Missing release of memory after effective lifetime in Windows Cryptographic Services allows an unauthorized attacker to execute code over a network.
on June 10, 2025 at 7:00 am — CVE-2025-30399 .NET and Visual Studio Remote Code Execution Vulnerability
Untrusted search path in .NET and Visual Studio allows an unauthorized attacker to execute code over a network.
on June 10, 2025 at 7:00 am — CVE-2025-32710 Windows Remote Desktop Services Remote Code Execution Vulnerability
Use after free in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.
on June 10, 2025 at 7:00 am — CVE-2025-32712 Win32k Elevation of Privilege Vulnerability
Use after free in Windows Win32K – GRFX allows an authorized attacker to elevate privileges locally.
on June 10, 2025 at 7:00 am — CVE-2025-32712 Win32k Elevation of Privilege Vulnerability Read More »
on June 5, 2025 at 7:00 am — CVE-2025-47966 Power Automate Elevation of Privilege Vulnerability
Exposure of sensitive information to an unauthorized actor in Power Automate allows an unauthorized attacker to elevate privileges over a network.
on June 5, 2025 at 10:00 am — Newly identified wiper malware “PathWiper” targets critical infrastructure in Ukraine
Cisco Talos observed a destructive attack on a critical infrastructure entity within Ukraine, using a previously unknown wiper we are calling “PathWiper”. The attack was instrumented via a legitimate endpoint administration framework, indicating that the attackers likely had access to the administrative console, that was then used to issue malicious commands and deploy PathWiper across
on June 4, 2025 at 7:00 am — CVE-2025-21204 Windows Process Activation Elevation of Privilege Vulnerability
Added an FAQ to explain the remediation steps customers need to take to be protected from CVE-2025-21204. This includes a link to a script to aid in completing the remediation steps. This is an informational change only.
on June 3, 2025 at 8:50 pm — Chromium: CVE-2025-5419 Out of bounds read and write in V8
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information. Google is aware that an exploit for CVE-2025-5419 exists in the wild.
on June 3, 2025 at 8:50 pm — Chromium: CVE-2025-5419 Out of bounds read and write in V8 Read More »