CVE-2025-4609: Chromium: CVE-2025-4609 Incorrect handle provided in unspecified circumstances in Mojo

CVE-2025-4664: Chromium: CVE-2025-4664 Insufficient policy enforcement in Loader

CVE-2025-47161: Microsoft Defender for Endpoint Elevation of Privilege Vulnerability

CVE-2025-29842: UrlMon Security Feature Bypass Vulnerability

CVE-2025-29841: Universal Print Management Service Elevation of Privilege Vulnerability

**According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?**

A user could be tricked into entering credentials or responding to a pop up after opening a specially crafted file or clicking on a link, typically by way of an enticement in an email or URL.

Headline

CVE-2025-29796: Microsoft Edge for iOS Spoofing Vulnerability

Microsoft Security Response Center: Latest News