Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

CVE-2025-62220: Windows Subsystem for Linux GUI Remote Code Execution Vulnerability

Microsoft Security Response Center
Open in Source
#vulnerability#windows#linux#rce#Windows Subsystem for Linux GUI#Security Vulnerability
CVE-2025-62217: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.

CVE-2025-60713: Windows Routing and Remote Access Service (RRAS) Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

CVE-2025-59508: Windows Speech Recognition Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could elevate from a low integrity level up to a medium integrity level.

CVE-2025-59507: Windows Speech Runtime Elevation of Privilege Vulnerability

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.

CVE-2025-59505: Windows Smart Card Reader Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

About Elevation of Privilege – Windows Remote Access Connection Manager (CVE-2025-59230) vulnerability

About Elevation of Privilege – Windows Remote Access Connection Manager (CVE-2025-59230) vulnerability. A vulnerability from the October Microsoft Patch Tuesday. The Windows Remote Access Connection Manager (RasMan) service is a core Windows component that manages dial-up and Virtual Private Network (VPN) connections, ensuring secure communication between a computer and remote networks. An access control flaw […]

Konni Hackers Turn Google’s Find Hub into a Remote Data-Wiping Weapon

The North Korea-affiliated threat actor known as Konni (aka Earth Imp, Opal Sleet, Osmium, TA406, and Vedalia) has been attributed to a new set of attacks targeting both Android and Windows devices for data theft and remote control. "Attackers impersonated psychological counselors and North Korean human rights activists, distributing malware disguised as stress-relief programs," the Genians

Fantasy Hub is spyware for rent—complete with fake app kits and support

Fantasy Hub RAT-for-rent hides in fake Android apps, stealing logins, PINs, and messages—all with a single SMS permission.