Microsoft Security Response Center Blog Alerts

Improper input validation in Microsoft Office Word allows an unauthorized attacker to bypass a security feature over a network.

Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally.

Use after free in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.

Improper input validation in Windows Kerberos allows an unauthorized attacker to elevate privileges over a network.

Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Sensitive data storage in improperly locked memory in Windows Update Stack allows an authorized attacker to elevate privileges locally.

Sensitive data storage in improperly locked memory in Windows upnphost.dll allows an authorized attacker to elevate privileges locally.

Untrusted pointer dereference in Windows Kernel Memory allows an authorized attacker to elevate privileges locally.

Sensitive data storage in improperly locked memory in Windows Win32K – GRFX allows an authorized attacker to elevate privileges locally.