Month: June 2025

External control of file name or path in Windows Security App allows an authorized attacker to perform spoofing locally. Continue reading CVE-2025-47956 Windows Security App Spoofing Vulnerability→

Improper privilege management in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-47955 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability→

Microsoft is announcing the availability of the security updates for Microsoft Office 365. Customers running Office 365 should log in ensure you have the latest update to be protected from this vulnerability. See the [Release Notes](https://learn.micro… Continue reading CVE-2025-47953 Microsoft Office Remote Code Execution Vulnerability→

Microsoft is announcing the availability of the security updates for Microsoft Office 365. Customers running Office 365 should log in ensure you have the latest update to be protected from this vulnerability. See the [Release Notes](https://learn.micro… Continue reading CVE-2025-47165 Microsoft Excel Remote Code Execution Vulnerability→

Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network. Continue reading CVE-2025-47160 Windows Shortcut Files Security Feature Bypass Vulnerability→

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. Continue reading CVE-2025-47163 Microsoft SharePoint Server Remote Code Execution Vulnerability→

Improper link resolution before file access (‘link following’) in Windows Installer allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-33075 Windows Installer Elevation of Privilege Vulnerability→

Use of uninitialized resource in Windows Netlogon allows an unauthorized attacker to elevate privileges over a network. Continue reading CVE-2025-33070 Windows Netlogon Elevation of Privilege Vulnerability→