Microsoft Security Response Center Blog Alerts

CVE-2025-21355 Microsoft Bing Remote Code Execution Vulnerability

Posted on Wednesday February 19, 2025

Missing Authentication for Critical Function in Microsoft Bing allows an unauthorized attacker to execute code over a network

Chromium: CVE -2025-0998 Out of bounds memory access in V8

Posted on Friday February 14, 2025

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.

Chromium: CVE -2025-0997 Use after free in Navigation

Posted on Friday February 14, 2025

Chromium: CVE -2025-0995 Use after free in V8

Posted on Friday February 14, 2025

Chromium: CVE -2025-0996 Inappropriate implementation in Browser UI

Posted on Friday February 14, 2025

CVE-2023-24932 Secure Boot Security Feature Bypass Vulnerability

Posted on Tuesday February 11, 2025

The following updates have been made to CVE-2023-24932: 1) In the Security Updates table, added all supported versions of the following as they are affected by this vulnerability: Windows 11 24H2 and Windows Server 2025. 2) Further, to comprehensively address this vulnerability, Microsoft has released February 2025 security updates for all affected versions of Windows 11 version 22H2 and Windows 11 version 23H2. Microsoft recommends that customers install the updates to be fully protected from the vulnerability. Customers whose systems are configured to receive automatic updates do not need to take any further action.

Page: 1...646566676869707172...172