Microsoft Security Response Center Blog Alerts

CVE-2025-27487 Remote Desktop Client Remote Code Execution Vulnerability

Posted on Tuesday April 08, 2025

Heap-based buffer overflow in Remote Desktop Client allows an authorized attacker to execute code over a network.

 

CVE-2025-27483 NTFS Elevation of Privilege Vulnerability

Posted on Tuesday April 08, 2025

Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally.

 

CVE-2025-27482 Windows Remote Desktop Services Remote Code Execution Vulnerability

Posted on Tuesday April 08, 2025

Sensitive data storage in improperly locked memory in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.

 

CVE-2025-27481 Windows Telephony Service Remote Code Execution Vulnerability

Posted on Tuesday April 08, 2025

Stack-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.

 

CVE-2025-27480 Windows Remote Desktop Services Remote Code Execution Vulnerability

Posted on Tuesday April 08, 2025

Use after free in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.

 

CVE-2025-27484 Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability

Posted on Tuesday April 08, 2025

Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over a network.

 

Page:   1...323334353637383940...172

Celebrating 35+ Years

Managed Computer Support Services

Contact Us

Support Ends for Windows 10 22H2, Windows Server 2012 R2, Exchange 2013, Office 2016