Microsoft Security Response Center Blog Alerts

Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.

Heap-based buffer overflow in Windows Media allows an authorized attacker to execute code locally.

Improper input validation in Microsoft Office Word allows an unauthorized attacker to bypass a security feature over a network.

Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally.

Use after free in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.

Improper input validation in Windows Kerberos allows an unauthorized attacker to elevate privileges over a network.

Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Sensitive data storage in improperly locked memory in Windows Update Stack allows an authorized attacker to elevate privileges locally.

Sensitive data storage in improperly locked memory in Windows upnphost.dll allows an authorized attacker to elevate privileges locally.