CVE-2025-4609: Chromium: CVE-2025-4609 Incorrect handle provided in unspecified circumstances in Mojo

CVE-2025-4664: Chromium: CVE-2025-4664 Insufficient policy enforcement in Loader

CVE-2025-47161: Microsoft Defender for Endpoint Elevation of Privilege Vulnerability

CVE-2025-29842: UrlMon Security Feature Bypass Vulnerability

CVE-2025-29841: Universal Print Management Service Elevation of Privilege Vulnerability

Time-of-check time-of-use (toctou) race condition in Windows Local Security Authority (LSA) allows an authorized attacker to elevate privileges locally.

Headline

CVE-2025-21191: Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability

Microsoft Security Response Center: Latest News