Microsoft Security Response Center Blog Alerts

CVE-2025-24046 Kernel Streaming Service Driver Elevation of Privilege Vulnerability

Posted on Tuesday March 11, 2025

Use after free in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.

 

CVE-2025-24045 Windows Remote Desktop Services Remote Code Execution Vulnerability

Posted on Tuesday March 11, 2025

Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.

 

CVE-2025-21199 Azure Agent Installer for Backup and Site Recovery Elevation of Privilege Vulnerability

Posted on Tuesday March 11, 2025

Improper privilege management in Azure Agent Installer allows an authorized attacker to elevate privileges locally.

 

CVE-2025-21247 MapUrlToZone Security Feature Bypass Vulnerability

Posted on Tuesday March 11, 2025

Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network.

 

CVE-2025-25008 Windows Server Elevation of Privilege Vulnerability

Posted on Tuesday March 11, 2025

Improper link resolution before file access ('link following') in Microsoft Windows allows an authorized attacker to elevate privileges locally.

 

CVE-2025-25003 Visual Studio Elevation of Privilege Vulnerability

Posted on Tuesday March 11, 2025

Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally.

 

Page:   1...5678910111213...120

Celebrating 35+ Years

Managed Internet Connections

Contact Us

Support Ends for Windows 10 22H2, Windows Server 2012 R2, Exchange 2013, Office 2016