TheWindowsUpdate.com

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. Continue reading CVE-2025-59227 Microsoft Office Remote Code Execution Vulnerability→

Improper access control in Network Connection Status Indicator (NCSI) allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-59201 Network Connection Status Indicator (NCSI) Elevation of Privilege Vulnerability→

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. Continue reading CVE-2025-59222 Microsoft Word Remote Code Execution Vulnerability→

Concurrent execution using shared resource with improper synchronization (‘race condition’) in Data Sharing Service Client allows an unauthorized attacker to perform spoofing locally. Continue reading CVE-2025-59200 Data Sharing Service Spoofing Vulnerability→

Exposure of sensitive information to an unauthorized actor in Windows Push Notification Core allows an authorized attacker to disclose information locally. Continue reading CVE-2025-59209 Windows Push Notification Information Disclosure Vulnerability→

Improper access control in Software Protection Platform (SPP) allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-59199 Software Protection Platform (SPP) Elevation of Privilege Vulnerability→

Improper input validation in Microsoft Windows Search Component allows an authorized attacker to deny service locally. Continue reading CVE-2025-59198 Windows Search Service Denial of Service Vulnerability→

Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows SSDP Service allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-59196 Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability→