TheWindowsUpdate.com

Protection mechanism failure in Windows SmartScreen allows an unauthorized attacker to bypass a security feature over a network. Continue reading CVE-2025-49740 Windows SmartScreen Security Feature Bypass Vulnerability→

Time-of-check time-of-use (toctou) race condition in Microsoft Windows QoS scheduler allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-49730 Microsoft Windows QoS Scheduler Driver Elevation of Privilege Vulnerability→

Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-49732 Windows Graphics Component Elevation of Privilege Vulnerability→

Use after free in Windows Win32K – ICOMP allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-49733 Win32k Elevation of Privilege Vulnerability→

Concurrent execution using shared resource with improper synchronization (‘race condition’) in Microsoft Teams allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-49737 Microsoft Teams Elevation of Privilege Vulnerability→

Missing synchronization in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network. Continue reading CVE-2025-47999 Windows Hyper-V Denial of Service Vulnerability→

Improper link resolution before file access (‘link following’) in Visual Studio allows an unauthorized attacker to elevate privileges over a network. Continue reading CVE-2025-49739 Visual Studio Elevation of Privilege Vulnerability→

Improper link resolution before file access (‘link following’) in Microsoft PC Manager allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-49738 Microsoft PC Manager Elevation of Privilege Vulnerability→