Microsoft Security Response Center Blog Alerts

CVE-2025-26628 Azure Local Cluster Information Disclosure Vulnerability

Posted on Tuesday April 08, 2025

Insufficiently protected credentials in Azure Local Cluster allows an authorized attacker to disclose information locally.

 

CVE-2025-25002 Azure Local Cluster Information Disclosure Vulnerability

Posted on Tuesday April 08, 2025

Insertion of sensitive information into log file in Azure Local Cluster allows an authorized attacker to disclose information over an adjacent network.

 

CVE-2025-24058 Windows DWM Core Library Elevation of Privilege Vulnerability

Posted on Tuesday April 08, 2025

Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

 

CVE-2025-21222 Windows Telephony Service Remote Code Execution Vulnerability

Posted on Tuesday April 08, 2025

Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.

 

CVE-2025-21221 Windows Telephony Service Remote Code Execution Vulnerability

Posted on Tuesday April 08, 2025

Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.

 

CVE-2025-21204 Windows Process Activation Elevation of Privilege Vulnerability

Posted on Tuesday April 08, 2025

Improper link resolution before file access ('link following') in Windows Update Stack allows an authorized attacker to elevate privileges locally.

 

Page:   1...373839404142434445...172

Celebrating 35+ Years

Managed Computer Support Services

Contact Us

Support Ends for Windows 10 22H2, Windows Server 2012 R2, Exchange 2013, Office 2016