Microsoft Security Response Center Blog Alerts

Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally.

Use after free in Windows LDAP – Lightweight Directory Access Protocol allows an unauthorized attacker to execute code over a network.

Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.

Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.

Insufficient resource pool in Windows Kerberos allows an unauthorized attacker to deny service over a network.

Exposure of sensitive information to an unauthorized actor in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

Improper input validation in Windows Mobile Broadband allows an authorized attacker to elevate privileges locally.

Exposure of sensitive information to an unauthorized actor in Windows Power Dependency Coordinator allows an authorized attacker to disclose information locally.

Sensitive data storage in improperly locked memory in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.

Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.