Articles from 2025
Browse all Windows news articles published in 2025
Critical Windows Graphics Race Condition (CVE-2025-53807) Hands Out SYSTEM Access—Urgent Patch Guide
A race condition in the Windows Graphics Component can hand authenticated attackers full SYSTEM privileges, Microsoft disclosed this week. The vulnerability, cataloged as CVE-2025-53807, lurks in the...
Critical Bluetooth Flaw CVE-2025-27490 Patched: Full System Compromise Possible via Airborne Attack
Microsoft’s April 2025 Patch Tuesday included a fix for a critical Bluetooth elevation-of-privilege vulnerability, CVE-2025-27490, that allows an attacker within Bluetooth range to escalate...
Windows HTTP.sys Out-of-Bounds Read Enables Remote DoS — Patch Urgently
A newly referenced vulnerability in the Windows HTTP protocol stack exposes internet-facing servers to remote denial-of-service attacks, forcing administrators to take immediate action even as public...
CVE-2025-53806: Microsoft Patches RRAS Memory Disclosure Flaw in Windows VPN Servers
Microsoft has disclosed CVE-2025-53806, a new information disclosure vulnerability in the Windows Routing and Remote Access Service (RRAS) that allows attackers to read sensitive memory contents from...
CVE-2025-53804: Windows Kernel Vulnerability Exposes Sensitive Data—Patch Now and Harden Defenses
Microsoft has confirmed a new information disclosure vulnerability in the Windows kernel, tracked as CVE-2025-53804, that allows a local attacker to extract sensitive data from protected kernel...
Patch Alert: Microsoft Flags High-Risk Graphics Privilege Escalation (CVE-2025-53800)
Microsoft’s latest security advisory addresses an elevation-of-privilege vulnerability in the Windows Graphics Component tracked as CVE-2025-53800. Published through the Security Update Guide, the...
Microsoft Emergency Patch for RRAS Memory Leak (CVE-2025-53796) — Update Windows VPN Gateways Now
Microsoft has released a critical security update for Windows Routing and Remote Access Service (RRAS) to plug an information disclosure hole that allows attackers to siphon memory contents over the...
Critical Local Privilege Escalation Bug in Windows DWM Fixed: Here’s What You Need to Know
Microsoft has patched a serious local privilege escalation vulnerability in the Windows Desktop Window Manager (DWM) Core Library, tracked as CVE-2025-53801, that could allow an attacker with a basic...
Microsoft Patches Windows Kernel Memory Leak (CVE-2025-53803) That Facilitates Privilege Escalation
Microsoft has released a security update to close a Windows kernel memory disclosure vulnerability that hands attackers a powerful reconnaissance tool for crafting more reliable exploits. Tracked as...
Microsoft Patches Windows Imaging Component Flaw That Could Leak Sensitive Data Through Crafted Images
A critical information disclosure vulnerability in the Windows Imaging Component (WIC) was among the top fixes delivered in Microsoft’s July 2025 Patch Tuesday updates. Tracked as CVE-2025-47980,...
Copilot Brings One-Click Bulk Proofreading to Word for the Web
Microsoft has flipped the switch on a long-awaited Copilot feature in Word for the web: users can now fix every spelling and grammar mistake in a highlighted passage with a single click. The new "Fix...
CVE-2025-49692: Azure Connected Machine Agent Vulnerability Demands Immediate Patching
Microsoft has released a security update to address a critical elevation-of-privilege vulnerability (CVE-2025-49692) in the Azure Connected Machine agent, the software component that enables Azure...