Live
SQL Server Vulnerability CVE-2025-47997: Patch Now to Block Memory Disclosure Attacks·MSFT +0.1%Microsoft AutoUpdate Vulnerability Lets Attackers Escalate to Root on macOS via Symlink Tricks·NVDA +3.0%Azure Arc’s Critical Local Privilege Flaw Fixed, But CVE Muddle May Leave Systems Exposed·GOOGL +1.2%CVE-2025-55243: OfficePlus Spoofing Flaw Exposes Data, Bypasses Scanners·AMZN +2.9%Patch Now: Xbox Gaming Services CVE-2024-28916 Lets Low-Privilege Attackers Escalate to SYSTEM·MSFT +0.1%CVE-2025-55236: Windows Graphics Kernel Race Condition Allows Attackers to Escalate to SYSTEM — Patch Now·NVDA +3.0%Patch Now: Windows Graphics Kernel Race Condition (CVE-2025-55226) Puts Multi-User Systems at Kernel Compromise Risk·GOOGL +1.2%Unverified Deserialization Flaw in Microsoft HPC Pack Could Enable Remote Code Execution·AMZN +2.9%SQL Server Vulnerability CVE-2025-47997: Patch Now to Block Memory Disclosure Attacks·MSFT +0.1%Microsoft AutoUpdate Vulnerability Lets Attackers Escalate to Root on macOS via Symlink Tricks·NVDA +3.0%Azure Arc’s Critical Local Privilege Flaw Fixed, But CVE Muddle May Leave Systems Exposed·GOOGL +1.2%CVE-2025-55243: OfficePlus Spoofing Flaw Exposes Data, Bypasses Scanners·AMZN +2.9%Patch Now: Xbox Gaming Services CVE-2024-28916 Lets Low-Privilege Attackers Escalate to SYSTEM·MSFT +0.1%CVE-2025-55236: Windows Graphics Kernel Race Condition Allows Attackers to Escalate to SYSTEM — Patch Now·NVDA +3.0%Patch Now: Windows Graphics Kernel Race Condition (CVE-2025-55226) Puts Multi-User Systems at Kernel Compromise Risk·GOOGL +1.2%Unverified Deserialization Flaw in Microsoft HPC Pack Could Enable Remote Code Execution·AMZN +2.9%

Articles from 2025

Browse all Windows news articles published in 2025

12 articles Page 900 of 2838
Articles from 2025
All archives
Credential Theft · Cu Update

SQL Server Vulnerability CVE-2025-47997: Patch Now to Block Memory Disclosure Attacks

Microsoft has released patches for a critical information-disclosure vulnerability in SQL Server that could allow an authenticated attacker to read sensitive memory contents over the network. Tracked...

SE Security Desk·43w ago
Cve-2025-55317 · Cybersecurity

Microsoft AutoUpdate Vulnerability Lets Attackers Escalate to Root on macOS via Symlink Tricks

Microsoft has disclosed a fresh local elevation-of-privilege vulnerability in its Microsoft AutoUpdate (MAU) agent that allows an attacker with an existing foothold on a macOS machine to escalate to...

SE Security Desk·43w ago
Azure Arc · Command Injection

Azure Arc’s Critical Local Privilege Flaw Fixed, But CVE Muddle May Leave Systems Exposed

Microsoft has patched a high-severity local elevation-of-privilege vulnerability in Azure Arc, but confusion over the associated CVE identifier could cause dangerous patching delays, security...

SE Security Desk·43w ago
Asr · Cve-2025-55243

CVE-2025-55243: OfficePlus Spoofing Flaw Exposes Data, Bypasses Scanners

Microsoft has published a security advisory for CVE-2025-55243, a spoofing vulnerability in Microsoft OfficePlus that can lead to the exposure of sensitive information and enable attackers to...

SE Security Desk·43w ago
Cve-2024-28916 · Cwe-59

Patch Now: Xbox Gaming Services CVE-2024-28916 Lets Low-Privilege Attackers Escalate to SYSTEM

A critical elevation-of-privilege vulnerability in Microsoft’s Xbox Gaming Services component, tracked as CVE-2024-28916, has been patched, but not before a public proof-of-concept demonstrated how...

SE Security Desk·43w ago
Cve-2025-55236 · Dxgkrnl

CVE-2025-55236: Windows Graphics Kernel Race Condition Allows Attackers to Escalate to SYSTEM — Patch Now

Microsoft has published advisory CVE-2025-55236, a time-of-check/time-of-use (TOCTOU) race condition in the Windows Graphics Kernel that hands local, authenticated attackers a path to elevate...

SE Security Desk·43w ago
Blue Screen · Concurrency

Patch Now: Windows Graphics Kernel Race Condition (CVE-2025-55226) Puts Multi-User Systems at Kernel Compromise Risk

Microsoft has pushed out a security update to patch CVE-2025-55226, a high-severity race condition vulnerability in the Windows Graphics Kernel that enables an authenticated local attacker to execute...

SE Security Desk·43w ago
Access Control · Cluster

Unverified Deserialization Flaw in Microsoft HPC Pack Could Enable Remote Code Execution

Microsoft’s High Performance Compute (HPC) Pack is under scrutiny after a report surfaced describing a critical deserialization vulnerability that could allow attackers to execute arbitrary code...

SE Security Desk·43w ago
Cve-2025-55228 · Graphics Subsystem

Urgent: Windows Win32K GRFX Race Condition Exploitable for Kernel Code Execution – Patch Now

Microsoft has disclosed a dangerous race condition vulnerability in the Windows graphics subsystem’s Win32K component, tracked as CVE-2025-55228, that allows an authenticated local attacker to gain...

SE Security Desk·43w ago
Cve-2025-55225 · Extended Security Updates

Patch Now: Windows RRAS Flaw CVE-2025-55225 Spills System Memory to Remote Attackers

Microsoft has confirmed a serious information disclosure vulnerability in the Windows Routing and Remote Access Service (RRAS) that could let attackers remotely read sensitive memory contents from...

SE Security Desk·43w ago
Cve-2025-55223 · Directx

The CVE That Isn't There: DirectX Kernel Race Condition Panic and the Patches You Actually Need

Microsoft's August 2025 security updates landed with a thud for Windows administrators, but not all of them came with a neat advisory. In forums across the web, sysadmins are chasing a ghost:...

SE Security Desk·43w ago
Cve-2025-54919 · Edr

Patch Now: CVE-2025-54919 Win32K Bug Opens Door to Instant SYSTEM-Level Compromise

Microsoft has released a security update for a high‑impact race condition vulnerability in the Windows Win32K graphics subsystem that could allow an authenticated local attacker to gain...

SE Security Desk·43w ago