Microsoft Security Response Center Blog Alerts

CVE-2025-27745 Microsoft Office Remote Code Execution Vulnerability

Posted on Tuesday April 08, 2025

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

 

CVE-2025-27742 NTFS Information Disclosure Vulnerability

Posted on Tuesday April 08, 2025

Out-of-bounds read in Windows NTFS allows an unauthorized attacker to disclose information locally.

 

CVE-2025-27744 Microsoft Office Elevation of Privilege Vulnerability

Posted on Tuesday April 08, 2025

Improper access control in Microsoft Office allows an authorized attacker to elevate privileges locally.

 

CVE-2025-27741 NTFS Elevation of Privilege Vulnerability

Posted on Tuesday April 08, 2025

Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally.

 

CVE-2025-27740 Active Directory Certificate Services Elevation of Privilege Vulnerability

Posted on Tuesday April 08, 2025

Weak authentication in Windows Active Directory Certificate Services allows an authorized attacker to elevate privileges over a network.

 

CVE-2025-27479 Kerberos Key Distribution Proxy Service Denial of Service Vulnerability

Posted on Tuesday April 08, 2025

Insufficient resource pool in Windows Kerberos allows an unauthorized attacker to deny service over a network.

 

Page:   1...424344454647484950...172

Celebrating 35+ Years

Managed Internet Connections

Contact Us

Support Ends for Windows 10 22H2, Windows Server 2012 R2, Exchange 2013, Office 2016