Security
Headlines
HeadlinesLatestCVEs

Latest News

CVE-2025-62455: Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability

Improper input validation in Windows Message Queuing allows an authorized attacker to elevate privileges locally.

Microsoft Security Response Center
#vulnerability#windows#microsoft#auth#Windows Message Queuing#Security Vulnerability
CVE-2025-59516: Windows Storage VSP Driver Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

CVE-2025-64670: Windows DirectX Information Disclosure Vulnerability

Exposure of sensitive information to an unauthorized actor in Microsoft Graphics Component allows an authorized attacker to disclose information over a network.

CVE-2025-64667: Microsoft Exchange Server Spoofing Vulnerability

**According to the CVSS metrics, successful exploitation of this vulnerability could lead to no loss of confidentiality (C:N), some loss of integrity (I:L) but have no effect on availability (A:N). What is the impact of this vulnerability?** An attacker could spoof incorrect **5322.From** email address that is displayed to a user.

CVE-2025-64658: Windows File Explorer Elevation of Privilege Vulnerability

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** For an attacker to exploit this vulnerability, they would need to have knowledge of a specific operation that triggers a memory allocation failure, specifically a use after free.