Opinions, tips, and news orbiting Microsoft
Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally. Continue reading CVE-2025-49689 Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability
The vulnerability assigned to this CVE is in certain processor models offered by AMD. The mitigation for this vulnerability requires a Windows update. This CVE is being documented in the Security Update Guide to announce that the latest builds of Windo… Continue reading CVE-2025-36350 AMD: CVE-2024-36350 Transient Scheduler Attack in Store Queue
[CVE-2025-46835](https://www.cve.org/CVERecord?id=CVE-2025-46835) is regarding a vulnerability in Git GUI where when a user clones an untrusted repository and is tricked into editing a file located in a maliciously named directory in the repository, th… Continue reading CVE-2025-46835 MITRE: CVE-2025-46835 Git File Overwrite Vulnerability
Improper handling of insufficient permissions or privileges in Microsoft Teams allows an authorized attacker to elevate privileges over a network. Continue reading CVE-2025-49731 Microsoft Teams Elevation of Privilege Vulnerability
Out-of-bounds read in Windows Kerberos allows an authorized attacker to deny service over a network. Continue reading CVE-2025-47978 Windows Kerberos Denial of Service Vulnerability
Updated links to security updates. This is an informational change only. Continue reading CVE-2022-23278 Microsoft Defender for Endpoint Spoofing Vulnerability
Integer overflow or wraparound in Windows Hyper-V allows an authorized attacker to disclose information over an adjacent network. Continue reading CVE-2025-48002 Windows Hyper-V Information Disclosure Vulnerability
Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-48000 Windows Connected Devices Platform Service Elevation of Privilege Vulnerability