Live
Securing AI Agents in Windows: Microsoft's New Security Paradigm for 2025·MSFT +0.1%Critical RRAS Memory Leak CVE-2025-53797 Puts VPN Gateways at Risk – Patch Immediately·NVDA +3.0%Microsoft Confirms Two Azure Bot Service Elevation-of-Privilege Flaws, Urges Immediate Patching·GOOGL +1.2%After Stealth Falcon Zero-Day, Disable These 5 Windows Features to Slash Attack Surface·AMZN +2.9%CVE-2025-33023: No Patch for Siemens ROX II Upload Flaw Threatening Critical Manufacturing Networks·MSFT +0.1%CVE-2025-53734: Patch Visio Use-After-Free RCE Before Attackers Exploit Document Flaw·NVDA +3.0%Critical MSMQ Type‑Confusion Bug Allows Remote Code Execution, Microsoft Urges Immediate Patching·GOOGL +1.2%Critical SQL Server Vulnerability Enables Admin Escalation Over the Network·AMZN +2.9%Securing AI Agents in Windows: Microsoft's New Security Paradigm for 2025·MSFT +0.1%Critical RRAS Memory Leak CVE-2025-53797 Puts VPN Gateways at Risk – Patch Immediately·NVDA +3.0%Microsoft Confirms Two Azure Bot Service Elevation-of-Privilege Flaws, Urges Immediate Patching·GOOGL +1.2%After Stealth Falcon Zero-Day, Disable These 5 Windows Features to Slash Attack Surface·AMZN +2.9%CVE-2025-33023: No Patch for Siemens ROX II Upload Flaw Threatening Critical Manufacturing Networks·MSFT +0.1%CVE-2025-53734: Patch Visio Use-After-Free RCE Before Attackers Exploit Document Flaw·NVDA +3.0%Critical MSMQ Type‑Confusion Bug Allows Remote Code Execution, Microsoft Urges Immediate Patching·GOOGL +1.2%Critical SQL Server Vulnerability Enables Admin Escalation Over the Network·AMZN +2.9%

Attack Surface

The latest Attack Surface coverage — news, analysis, and updates from the WindowsNews.AI desk.

12 stories in view AI assisted desk updated 3:39 PM
Latest Most Read Breaking
Sort
Agent Governance · Ai Security

Securing AI Agents in Windows: Microsoft's New Security Paradigm for 2025

The era of passive applications is ending: AI agents are already reasoning, deciding, invoking tools, and acting across cloud and endpoint environments—and that shift demands a fundamentally...

Advertisement
cve_2025_33023_no.jpg
Access Control · Attack Surface

CVE-2025-33023: No Patch for Siemens ROX II Upload Flaw Threatening Critical Manufacturing Networks

Siemens RUGGEDCOM ROX II industrial networking devices — deployed worldwide in critical manufacturing and energy sectors — carry a dangerous unrestricted file upload vulnerability that allows...

SE Security Desk·48w ago
Attack Surface · Cve-2025-53734

CVE-2025-53734: Patch Visio Use-After-Free RCE Before Attackers Exploit Document Flaw

Microsoft has released a security update for a use-after-free vulnerability in Microsoft Visio that allows attackers to execute arbitrary code simply by having a victim open a maliciously crafted...

SE Security Desk·48w ago
Attack Surface · Cve-2025-53145

Critical MSMQ Type‑Confusion Bug Allows Remote Code Execution, Microsoft Urges Immediate Patching

Microsoft has released a security update addressing CVE-2025-53145, a type confusion vulnerability in Windows Message Queuing (MSMQ) that could allow an authenticated attacker to remotely execute...

SE Security Desk·48w ago
Access Control · Attack Surface

Critical SQL Server Vulnerability Enables Admin Escalation Over the Network

Microsoft has released a security advisory for CVE-2025-24999, a network-exploitable elevation-of-privilege flaw in Microsoft SQL Server that could allow an attacker with limited database access to...

SE Security Desk·48w ago
Amsi · Attack Surface

Microsoft Kills PowerShell 2.0 in Windows 11 24H2 and Server 2025: IT Must Migrate Now

The ancient PowerShell 2.0 engine, a holdover from the Windows 7 era, is vanishing from new Windows images starting this month. Microsoft has begun excising the legacy runtime from Windows 11 version...

SE Security Desk·48w ago
Amsi · Attack Surface

Microsoft to Strip PowerShell 2.0 from Windows 11 24H2 and Server 2025 Starting August

Microsoft will yank PowerShell 2.0 out of Windows 11, version 24H2, and Windows Server 2025 beginning this August, ending a 16-year run for the legacy scripting engine that has become a persistent...

SE Security Desk·48w ago
Ai Adoption · Ai Exposure

Tenable Unveils AI Exposure: New Module Secures ChatGPT and Copilot in Enterprises

Tenable has launched a private customer preview of Tenable AI Exposure, a new module within its Tenable One platform engineered to give organizations visibility and control over generative AI tools...

AI AI & Copilot Desk·49w ago
Ai · Ai Risks

Black Hat 2025: Zero-Click Exploits Can Hijack ChatGPT, Copilot, and Einstein Without a Trace

Security researchers at Zenity Labs have dropped a bombshell at Black Hat USA 2025: a new breed of zero-click exploit chains can silently hijack enterprise AI agents, including OpenAI’s ChatGPT,...

AI AI & Copilot Desk·49w ago
1 2 3 4