#windows

### Impact Any user with a Juju account on a controller can upload a charm to the /charms endpoint. No specific permissions are required - it's just sufficient for the user to exist in the controller user database. A charm which exploits the zip slip vulnerability may be used to allow such a user to get access to a machine running a unit using the affected charm. ### Details A controller exposes three charm-related HTTP API endpoints, as follows: - PUT/GET https://<controller-ip>:17070/model-<model-uuid>/charms/<nameofcharm>-<hashofcharm> - POST/GET https://<controller-ip>:17070/model-<model-uuid>/charms - GET https://<controller-ip>:17070/charms These endpoints require Basic HTTP authentication credentials and will accept any valid user within the context of the controller. A user that has no specific permission or access granted can call all of these APIs. To reproduce: ``` juju bootstrap juju add-user testuser juju change-user-password testuser ``` Download the ZIP file of an...

Microsoft today released updates to fix at least 137 security vulnerabilities in its Windows operating systems and supported software. None of the weaknesses addressed this month are known to be actively exploited, but 14 of the flaws earned Microsoft's most-dire "critical" rating, meaning they could be exploited to seize control over vulnerable Windows PCs with little or no help from users.

Microsoft has released its monthly security update for July 2025, which includes 132 vulnerabilities affecting a range of products, including 14 that Microsoft marked as “critical.”

Pakistan’s APT36 Transparent Tribe uses phishing and Linux malware to target Indian defence systems running BOSS Linux says Cyfirma.

Russian organizations have been targeted as part of an ongoing campaign that delivers a previously undocumented Windows spyware called Batavia. The activity, per cybersecurity vendor Kaspersky, has been active since July 2024. "The targeted attack begins with bait emails containing malicious links, sent under the pretext of signing a contract," the Russian company said. "The main goal of the

Integer overflow or wraparound in Microsoft Graphics Component allows an authorized attacker to execute code locally.

**What kind of security feature could be bypassed by successfully exploiting this vulnerability?** An attacker who successfully exploited the vulnerability could evade Mark of the Web (MOTW) defenses.

Missing synchronization in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network.

Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.