CyberSecurity
on February 6, 2025 at 8:00 am — CVE-2025-21177 Microsoft Dynamics 365 Sales Elevation of Privilege Vulnerability
Server-Side Request Forgery (SSRF) in Microsoft Dynamics 365 Sales allows an authorized attacker to elevate privileges over a network.
on February 6, 2025 at 8:00 am — Chromium: CVE-2025-0444 Use after free in Skia
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.
on February 6, 2025 at 8:00 am — Chromium: CVE-2025-0444 Use after free in Skia Read More »
on January 29, 2025 at 8:00 am — CVE-2024-43499 .NET and Visual Studio Denial of Service Vulnerability
Revised the Security Updates table to include PowerShell 7.5 installed on Windows, PowerShell 7.5 installed on Linux, and PowerShell 7.5 installed on MacOC because these versions of PowerShell 7 are affected by this vulnerability. See [https://github.com/PowerShell/Announcements/issues/73](https://github.com/PowerShell/Announcements/issues/73) for more information.
on January 29, 2025 at 8:00 am — CVE-2024-43498 .NET and Visual Studio Remote Code Execution Vulnerability
Revised the Security Updates table to include PowerShell 7.5 installed on Windows, PowerShell 7.5 installed on Linux, and PowerShell 7.5 installed on MacOC because these versions of PowerShell 7 are affected by this vulnerability. See [https://github.com/PowerShell/Announcements/issues/74](https://github.com/PowerShell/Announcements/issues/74) for more information.
on January 29, 2025 at 8:00 am — CVE-2025-21215 Secure Boot Security Feature Bypass Vulnerability
In the Security Updates table, corrected the Impact to Security Feature Bypass. This is an informational change only.