Opinions, tips, and news orbiting Microsoft
Stack-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-54099 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
Improper input validation in Windows Local Security Authority Subsystem Service (LSASS) allows an authorized attacker to deny service over a network. Continue reading CVE-2025-53809 Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability
Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. Continue reading CVE-2025-53796 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
Improper access control in Windows MultiPoint Services allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-54116 Windows MultiPoint Services Elevation of Privilege Vulnerability
Use after free in Windows BitLocker allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-54911 Windows BitLocker Elevation of Privilege Vulnerability
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. Continue reading CVE-2025-54096 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Continue reading CVE-2025-54896 Microsoft Excel Remote Code Execution Vulnerability
Free of memory not on the heap in Microsoft Office allows an unauthorized attacker to execute code locally. Continue reading CVE-2025-54906 Microsoft Office Remote Code Execution Vulnerability