Articles from 2025
Browse all Windows news articles published in 2025
CVE-2025-59188: Microsoft Failover Cluster Information Disclosure Vulnerability Analysis
Microsoft has issued a critical security advisory for CVE-2025-59188, a significant information disclosure vulnerability affecting Microsoft Failover Cluster that could allow low-privileged local...
CVE-2025-58739: Windows File Explorer Spoofing Vulnerability Exposes NTLM Credentials
Microsoft has disclosed a critical security vulnerability in Windows File Explorer that could allow attackers to spoof user interfaces and potentially expose NTLM credentials to unauthorized parties....
WSUS RCE flaw with 9.8 CVSS score highlights Microsoft's October 2025 patch batch of 175 CVEs
Microsoft's October 2025 Patch Tuesday has arrived with critical security updates addressing approximately 175 Common Vulnerabilities and Exposures (CVEs), including a particularly dangerous Remote...
Microsoft Patches Critical Inbox COM Objects Memory Flaws in October 2025 Update
Microsoft's October 2025 security update addresses a critical cluster of memory corruption vulnerabilities in Inbox COM Objects that could enable local code execution and privilege escalation...
CVE-2025-58738: Critical RCE Vulnerability in Windows Inbox COM Objects Patched
Microsoft has addressed a critical security vulnerability in Windows Inbox COM Objects that could allow attackers to execute arbitrary code on affected systems. The flaw, tracked as CVE-2025-58738...
CVE-2025-58733: Critical Windows COM Object Vulnerability Threatens System Security
Microsoft has confirmed CVE-2025-58733 as a critical security vulnerability affecting Windows Inbox COM Objects that could allow attackers to execute arbitrary code and elevate privileges on...
CVE-2025-58736: Critical Windows COM Memory Vulnerability Patched in October 2025 Update
Microsoft has addressed a critical security vulnerability in Windows COM objects that could allow attackers to escalate privileges on affected systems. CVE-2025-58736, patched in the October 2025...
CVE-2025-58718: Critical RDP Client Vulnerability Enables Remote Code Execution
Microsoft has disclosed a high-severity security vulnerability in its Remote Desktop Client that could allow attackers to execute arbitrary code on vulnerable systems. CVE-2025-58718, rated with a...
CVE-2025-58726: Critical Windows SMB Server Vulnerability Requires Immediate Patching
Microsoft has disclosed a critical security vulnerability in the Windows Server Message Block (SMB) protocol that could allow authenticated attackers to elevate privileges on affected systems....
CVE-2025-58729: Critical Windows LSM DoS Vulnerability - Patch Now
Microsoft has issued a critical security advisory for CVE-2025-58729, a newly discovered denial-of-service vulnerability in the Windows Local Session Manager (LSM) that could allow attackers to crash...
CVE-2025-58726: Critical Windows SMB Server Privilege Escalation Vulnerability Analysis
Microsoft has disclosed a significant security vulnerability in the Windows Server Message Block (SMB) protocol that could allow authenticated attackers to escalate privileges over network...
Patches released for CVE-2025-58714 AFD driver flaw granting attackers SYSTEM access
Microsoft has confirmed a serious elevation-of-privilege vulnerability in the Windows Ancillary Function Driver for WinSock (afd.sys) that could allow attackers to gain SYSTEM-level privileges on...