Microsoft Security Response Center Blog Alerts

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally.

Use after free in Microsoft Local Security Authority Server (lsasrv) allows an authorized attacker to elevate privileges locally.

Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network.

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Uncontrolled search path element in Visual Studio Code allows an authorized attacker to elevate privileges locally.

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.

Improper link resolution before file access (‘link following’) in Microsoft Windows allows an authorized attacker to elevate privileges locally.

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Use after free in Microsoft Office Access allows an unauthorized attacker to execute code locally.