Microsoft Security Response Center Blog Alerts

Heap-based buffer overflow in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.

Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally.

Weak authentication in ASP.NET Core & Visual Studio allows an unauthorized attacker to elevate privileges over a network.

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Heap-based buffer overflow in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.

Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally.

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

Improper neutralization of special elements used in a command (‘command injection’) in Azure Arc allows an authorized attacker to elevate privileges locally.

Use after free in DNS Server allows an unauthorized attacker to execute code over a network.

Null pointer dereference in Windows Kernel Memory allows an authorized attacker to deny service locally.