Latest News

CVE-2025-29837: Windows Installer Information Disclosure Vulnerability

Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to disclose information locally.

9 days ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #auth #Windows Installer #Security Vulnerability

CVE-2025-29978: Microsoft PowerPoint Remote Code Execution Vulnerability

Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.

9 days ago

Microsoft Security Response Center

Open in Source

#vulnerability #microsoft #rce #auth #Microsoft Office PowerPoint #Security Vulnerability

CVE-2025-29977: Microsoft Excel Remote Code Execution Vulnerability

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

9 days ago

Microsoft Security Response Center

Open in Source

#vulnerability #microsoft #rce #auth #Microsoft Office Excel #Security Vulnerability

CVE-2025-29976: Microsoft SharePoint Server Elevation of Privilege Vulnerability

Improper privilege management in Microsoft Office SharePoint allows an authorized attacker to elevate privileges locally.

9 days ago

Microsoft Security Response Center

Open in Source

#vulnerability #microsoft #auth #Microsoft Office SharePoint #Security Vulnerability

CVE-2025-30377: Microsoft Office Remote Code Execution Vulnerability

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

9 days ago

Microsoft Security Response Center

Open in Source

#vulnerability #microsoft #rce #auth #Microsoft Office #Security Vulnerability

CVE-2025-30376: Microsoft Excel Remote Code Execution Vulnerability

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

9 days ago

Microsoft Security Response Center

Open in Source

#vulnerability #microsoft #rce #buffer_overflow #auth #Microsoft Office Excel #Security Vulnerability

CVE-2025-30375: Microsoft Excel Remote Code Execution Vulnerability

Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

9 days ago

Microsoft Security Response Center

Open in Source

#vulnerability #microsoft #rce #auth #Microsoft Office Excel #Security Vulnerability

CVE-2025-29973: Microsoft Azure File Sync Elevation of Privilege Vulnerability

Improper access control in Azure File Sync allows an authorized attacker to elevate privileges locally.

9 days ago

Microsoft Security Response Center

Open in Source

#vulnerability #microsoft #auth #Azure File Sync #Security Vulnerability

CVE-2025-29970: Microsoft Brokering File System Elevation of Privilege Vulnerability

Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.

9 days ago

Microsoft Security Response Center

Open in Source

#vulnerability #microsoft #auth #Microsoft Brokering File System #Security Vulnerability

CVE-2025-29971: Web Threat Defense (WTD.sys) Denial of Service Vulnerability

Out-of-bounds read in Windows Transport Security Layer (TLS) allows an unauthorized attacker to deny service over a network.

9 days ago

Microsoft Security Response Center

Open in Source

#vulnerability #web #windows #dos #auth #ssl #Web Threat Defense (WTD.sys)#Security Vulnerability