Month: June 2025

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. Continue reading CVE-2025-47957 Microsoft Word Remote Code Execution Vulnerability→

Improper input validation in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-47968 Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability→

Exposure of sensitive information to an unauthorized actor in Windows Hello allows an authorized attacker to disclose information locally. Continue reading CVE-2025-47969 Windows Virtualization-Based Security (VBS) Information Disclosure Vulnerability→

Untrusted pointer dereference in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. Continue reading CVE-2025-3052 Cert CC: CVE-2025-3052 InsydeH2O Secure Boot Bypass→

Improper access control in Windows SDK allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-47962 Windows SDK Elevation of Privilege Vulnerability→

Microsoft is announcing the availability of the security updates for Microsoft Office 365. Customers running Office 365 should log in ensure you have the latest update to be protected from this vulnerability. See the [Release Notes](https://learn.micro… Continue reading CVE-2025-47175 Microsoft PowerPoint Remote Code Execution Vulnerability→

Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network. Continue reading CVE-2025-33071 Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability→

Microsoft is announcing the availability of the security updates for Microsoft Office 365. Customers running Office 365 should log in ensure you have the latest update to be protected from this vulnerability. See the [Release Notes](https://learn.micro… Continue reading CVE-2025-47173 Microsoft Office Remote Code Execution Vulnerability→