Cybersecurity
The latest Cybersecurity coverage — news, analysis, and updates from the WindowsNews.AI desk.
Excel zero-day CVE-2025-21387 with 9.8 CVSS exploited in attacks.
CVE-2025-21387: Critical RCE Vulnerability in Microsoft Excel Microsoft has issued an urgent security advisory regarding CVE-2025-21387, a critical Remote Code Execution (RCE) vulnerability affecting...
CVE-2025-21381: Critical Microsoft Excel Vulnerability Explained
CVE-2025-21381: Understanding the Microsoft Excel Vulnerability A newly discovered vulnerability in Microsoft Excel, tracked as CVE-2025-21381, has raised significant concerns among cybersecurity...
CVE-2025-21371: Critical Windows Telephony Service Vulnerability Exposes Systems to Remote Code Execution
CVE-2025-21371: Windows Telephony Service Vulnerability Exposed A newly discovered vulnerability in Windows Telephony Service (CVE-2025-21371) has been classified as critical, allowing attackers to...
CVE-2025-21367: Patch Now – Win32 Flaw Grants SYSTEM Access
Microsoft has recently disclosed CVE-2025-21367, a critical elevation of privilege (EoP) vulnerability affecting multiple Windows versions, including Windows 10, 11, and Windows Server editions. This...
Windows Core Messaging flaw grants SYSTEM access in February 2025 Patch Tuesday
CVE-2025-21358: Critical Elevation of Privileges Vulnerability in Windows Core Messaging Microsoft has disclosed a critical security vulnerability (CVE-2025-21358) affecting the Windows Core...
Microsoft CVE-2025-21347: Remote attackers can crash WDS servers with crafted network packets.
CVE-2025-21347: Understanding the DoS Vulnerability in Windows Deployment Services Windows Deployment Services (WDS), a critical component for enterprise network administrators, has been found...
CVE-2025-21337: Critical NTFS Vulnerability Exposes Windows Systems to Privilege Escalation Attacks
A newly discovered vulnerability in Windows' NTFS file system (CVE-2025-21337) has security experts warning of potential widespread privilege escalation attacks. This critical flaw in the core...
Critical Vulnerability in Microsoft HPC Pack (CVE-2025-21198): Remote Code Execution Risk
Microsoft has issued an urgent security alert regarding a newly discovered critical vulnerability in Microsoft HPC Pack, tracked as CVE-2025-21198. This flaw could allow attackers to execute...
Patch now: CVE-2025-21201 lets attackers hijack Windows Telephony Server remotely.
CVE-2025-21201: Remote Code Execution Risk in Windows Telephony Server Microsoft has disclosed a critical vulnerability (CVE-2025-21201) affecting Windows Telephony Server, which could allow...
CVE-2025-21190: Microsoft Warns of SYSTEM-Level RCE in Windows Telephony.
Critical RCE Vulnerability Discovered in Windows Telephony Service (CVE-2025-21190) Microsoft has issued an urgent security advisory regarding a newly discovered Remote Code Execution (RCE)...
Microsoft warns CVE-2025-21407 zero-day exploited in Windows Telephony attacks.
CVE-2025-21407: Critical Windows Telephony RCE Vulnerability Detected Microsoft has issued an urgent security advisory regarding CVE-2025-21407, a critical Remote Code Execution (RCE) vulnerability...
CVE-2025-21406: Critical Windows Telephony Service Vulnerability Exposes Systems to Remote Code Execution
CVE-2025-21406: Critical Windows Telephony Service Vulnerability Revealed Microsoft has disclosed a severe security flaw in the Windows Telephony Service (TAPI) tracked as CVE-2025-21406, which could...