Microsoft Security Response Center Blog Alerts

Improper authentication in Microsoft Defender for Identity allows an unauthorized attacker to perform spoofing over an adjacent network.

Access of resource using incompatible type (‘type confusion’) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Improper input validation in Active Directory Certificate Services (AD CS) allows an authorized attacker to deny service over a network.

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Improper input validation in Windows Hyper-V allows an unauthorized attacker to deny service locally.

Use of hard-coded credentials in Windows Hardware Lab Kit allows an authorized attacker to elevate privileges locally.

Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.

Heap-based buffer overflow in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.

Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.

Uncontrolled resource consumption in Windows LDAP – Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.