Microsoft Security Response Center Blog Alerts

CVE-2025-29795 Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability

Posted on Friday March 21, 2025

Improper link resolution before file access ('link following') in Microsoft Edge (Chromium-based) allows an authorized attacker to elevate privileges locally.

 

CVE-2025-29806 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Posted on Friday March 21, 2025

No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

 

Chromium: CVE-2025-2476 Use after free in Lens

Posted on Friday March 21, 2025

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.

 

CVE-2025-24053 Microsoft Dataverse Elevation of Privilege Vulnerability

Posted on Thursday March 13, 2025

Improper authentication in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.

 

Chromium: CVE-2025-24201 Out of bounds write in GPU on Mac

Posted on Wednesday March 12, 2025

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information. Google is aware of reports that an exploit for CVE-2025-24201 exists in the wild.

 

Chromium: CVE-2025-2136 Use after free in Inspector

Posted on Wednesday March 12, 2025

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.

 

Page:   123456...120

Celebrating 35+ Years

Managed Internet Connections

Contact Us

Support Ends for Windows 10 22H2, Windows Server 2012 R2, Exchange 2013, Office 2016