Microsoft Security Response Center Blog Alerts

CVE-2025-27488 Microsoft Windows Hardware Lab Kit (HLK) Elevation of Privilege Vulnerability

Posted on Tuesday May 13, 2025

Use of hard-coded credentials in Windows Hardware Lab Kit allows an authorized attacker to elevate privileges locally.

 

CVE-2025-26677 Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability

Posted on Tuesday May 13, 2025

Uncontrolled resource consumption in Remote Desktop Gateway Service allows an unauthorized attacker to deny service over a network.

 

CVE-2025-32709 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Posted on Tuesday May 13, 2025

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

 

CVE-2025-21264 Visual Studio Code Security Feature Bypass Vulnerability

Posted on Tuesday May 13, 2025

Files or directories accessible to external parties in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally.

 

CVE-2025-32706 Windows Common Log File System Driver Elevation of Privilege Vulnerability

Posted on Tuesday May 13, 2025

Improper input validation in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

 

CVE-2025-32703 Visual Studio Information Disclosure Vulnerability

Posted on Tuesday May 13, 2025

Insufficient granularity of access control in Visual Studio allows an authorized attacker to disclose information locally.

 

Page:   1...171819202122232425...172

Celebrating 35+ Years

Managed Internet Connections

Contact Us

Support Ends for Windows 10 22H2, Windows Server 2012 R2, Exchange 2013, Office 2016