Microsoft Security Response Center Blog Alerts

CVE-2025-32719 Windows Storage Management Provider Information Disclosure Vulnerability

Published June 10, 2025

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

Published June 10, 2025

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Published June 10, 2025

Improper access control in Microsoft Local Security Authority Server (lsasrv) allows an unauthorized attacker to deny service over a network.

Published June 10, 2025

Improper link resolution before file access (‘link following’) in Windows Installer allows an authorized attacker to elevate privileges locally.

Published June 10, 2025

Integer overflow or wraparound in Windows SMB allows an authorized attacker to elevate privileges locally.

Published June 10, 2025

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Published June 10, 2025

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

Published June 10, 2025

Improper privilege management in Windows Kernel allows an unauthorized attacker to elevate privileges locally.

Published June 10, 2025

Out-of-bounds read in Windows Media allows an authorized attacker to elevate privileges locally.

Published June 10, 2025

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.