Microsoft Security Response Center Blog Alerts

CVE-2025-24998 Visual Studio Elevation of Privilege Vulnerability

Posted on Tuesday March 11, 2025

Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally.

 

CVE-2025-24997 DirectX Graphics Kernel File Denial of Service Vulnerability

Posted on Tuesday March 11, 2025

Null pointer dereference in Windows Kernel Memory allows an authorized attacker to deny service locally.

 

CVE-2025-24996 NTLM Hash Disclosure Spoofing Vulnerability

Posted on Tuesday March 11, 2025

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.

 

CVE-2025-24995 Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

Posted on Tuesday March 11, 2025

Heap-based buffer overflow in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally.

 

CVE-2025-21180 Windows exFAT File System Remote Code Execution Vulnerability

Posted on Tuesday March 11, 2025

Heap-based buffer overflow in Windows exFAT File System allows an unauthorized attacker to execute code locally.

 

CVE-2025-24988 Windows USB Video Class System Driver Elevation of Privilege Vulnerability

Posted on Tuesday March 11, 2025

Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack.

 

Page:   1...67891011121314...120

Celebrating 35+ Years

Managed Internet Connections

Contact Us

Support Ends for Windows 10 22H2, Windows Server 2012 R2, Exchange 2013, Office 2016