TheWindowsUpdate.com

Out-of-bounds read in Windows Hyper-V allows an authorized attacker to disclose information locally. Continue reading CVE-2025-60706 Windows Hyper-V Information Disclosure Vulnerability→

Improper neutralization of input during web page generation (‘cross-site scripting’) in Dynamics 365 Field Service (online) allows an authorized attacker to perform spoofing over a network. Continue reading CVE-2025-62210 Dynamics 365 Field Service (online) Spoofing Vulnerability→

Improper access control in Windows Client-Side Caching (CSC) Service allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-60705 Windows Client-Side Caching Elevation of Privilege Vulnerability→

Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-60720 Windows Transport Driver Interface (TDI) Translation Driver Elevation of Privilege Vulnerability→

Missing cryptographic step in Windows Kerberos allows an unauthorized attacker to elevate privileges over a network. Continue reading CVE-2025-60704 Windows Kerberos Elevation of Privilege Vulnerability→

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. Continue reading CVE-2025-60715 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability→

Untrusted pointer dereference in Windows Remote Desktop allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-60703 Windows Remote Desktop Services Elevation of Privilege Vulnerability→

Improper privilege management in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-59514 Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability→