Microsoft Security Response Center Blog Alerts

CVE-2025-29959 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

Posted on Tuesday May 13, 2025

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

 

CVE-2025-26684 Microsoft Defender Elevation of Privilege Vulnerability

Posted on Tuesday May 13, 2025

External control of file name or path in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally.

 

CVE-2025-26646 .NET, Visual Studio, and Build Tools for Visual Studio Spoofing Vulnerability

Posted on Tuesday May 13, 2025

External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized attacker to perform spoofing over a network.

 

Chromium: CVE-2025-4372 Use after free in WebAudio

Posted on Thursday May 08, 2025

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202 5) for more information.

 

CVE-2025-47732 Microsoft Dataverse Remote Code Execution Vulnerability

Posted on Thursday May 08, 2025

Information published.

 

CVE-2025-47733 Microsoft Power Apps Information Disclosure Vulnerability

Posted on Thursday May 08, 2025

Server-Side Request Forgery (SSRF) in Microsoft Power Apps allows an unauthorized attacker to disclose information over a network

 

Page:   1...232425262728293031...172

Celebrating 35+ Years

Managed Internet Connections

Contact Us

Support Ends for Windows 10 22H2, Windows Server 2012 R2, Exchange 2013, Office 2016