CyberSecurity
on June 11, 2025 at 7:00 am — CVE-2025-32711 M365 Copilot Information Disclosure Vulnerability
Ai command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.
on June 10, 2025 at 7:00 am — CVE-2025-29828 Windows Schannel Remote Code Execution Vulnerability
Missing release of memory after effective lifetime in Windows Cryptographic Services allows an unauthorized attacker to execute code over a network.
on June 10, 2025 at 7:00 am — CVE-2025-30399 .NET and Visual Studio Remote Code Execution Vulnerability
Untrusted search path in .NET and Visual Studio allows an unauthorized attacker to execute code over a network.
on June 10, 2025 at 7:00 am — CVE-2025-32710 Windows Remote Desktop Services Remote Code Execution Vulnerability
Use after free in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.
on June 10, 2025 at 7:00 am — CVE-2025-32712 Win32k Elevation of Privilege Vulnerability
Use after free in Windows Win32K – GRFX allows an authorized attacker to elevate privileges locally.
on June 10, 2025 at 7:00 am — CVE-2025-32712 Win32k Elevation of Privilege Vulnerability Read More »
on June 5, 2025 at 7:00 am — CVE-2025-47966 Power Automate Elevation of Privilege Vulnerability
Exposure of sensitive information to an unauthorized actor in Power Automate allows an unauthorized attacker to elevate privileges over a network.
on June 4, 2025 at 7:00 am — CVE-2025-21204 Windows Process Activation Elevation of Privilege Vulnerability
Added an FAQ to explain the remediation steps customers need to take to be protected from CVE-2025-21204. This includes a link to a script to aid in completing the remediation steps. This is an informational change only.