TheWindowsUpdate.com

External control of file name or path in Windows Core Shell allows an unauthorized attacker to perform spoofing over a network. Continue reading CVE-2025-59244 NTLM Hash Disclosure Spoofing Vulnerability→

Use of a key past its expiration date in Virtual Secure Mode allows an authorized attacker to perform spoofing locally. Continue reading CVE-2025-48813 Virtual Secure Mode Spoofing Vulnerability→

Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally. Continue reading CVE-2025-59238 Microsoft PowerPoint Remote Code Execution Vulnerability→

Uncontrolled resource consumption in Windows Remote Procedure Call allows an unauthorized attacker to deny service over a network. Continue reading CVE-2025-59502 Remote Procedure Call Denial of Service Vulnerability→

Uncaught exception in Microsoft Office allows an unauthorized attacker to deny service locally. Continue reading CVE-2025-59229 Microsoft Office Denial of Service Vulnerability→

Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally. Continue reading CVE-2025-59226 Microsoft Office Visio Remote Code Execution Vulnerability→

tif_predict.h and tif_predict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual tile size like YCbCr with subsampling. Reported as MSVR 35105, aka “Predi… Continue reading CVE-2016-9535 MITRE CVE-2016-9535: LibTIFF Heap Buffer Overflow Vulnerability→

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. Continue reading CVE-2025-59224 Microsoft Excel Remote Code Execution Vulnerability→