Cybersecurity
The latest Cybersecurity coverage — news, analysis, and updates from the WindowsNews.AI desk.
Microsoft Visio Zero-Day RCE Exploited in Wild—Patch Pending, Immediate Action Urged
Microsoft has issued a critical security alert regarding a newly discovered Remote Code Execution (RCE) vulnerability in Microsoft Office Visio, tracked as CVE-2025-21356. This zero-day flaw allows...
Critical Excel zero-day CVE-2025-21354 actively exploited, CVSS 9.8, no patch yet.
A newly discovered critical vulnerability in Microsoft Excel (CVE-2025-21354) has security experts sounding alarms about potential remote code execution (RCE) attacks. This zero-day flaw, currently...
Patch Now: Critical RCE Flaw CVE-2025-21348 Hits SharePoint Server
CVE-2025-21348: Critical Microsoft SharePoint Server Vulnerability Explained Microsoft SharePoint Server, a widely used enterprise collaboration platform, is facing a severe security threat with the...
Patch Now: Critical CVE-2025-21346 Office Flaw Enables Remote Attacks
CVE-2025-21346: Understanding Microsoft Office Vulnerability and Staying Secure A newly discovered vulnerability, CVE-2025-21346, has raised concerns among cybersecurity experts and Microsoft Office...
CVE-2025-21344: Critical SharePoint RCE Vulnerability Threatens Enterprise Security
Microsoft has issued an urgent security alert regarding CVE-2025-21344, a critical Remote Code Execution (RCE) vulnerability affecting multiple SharePoint Server versions. This zero-day...
Active exploitation of CVE-2025-21341 zero-day grants SYSTEM access on Windows 10/11.
CVE-2025-21341: Critical Windows Elevation of Privilege Vulnerability Uncovered Security researchers have uncovered CVE-2025-21341, a critical elevation of privilege vulnerability affecting multiple...
Critical .NET Zero-Day CVE-2025-21173: Patch Now for Privilege Escalation
Microsoft has issued an urgent security advisory regarding CVE-2025-21173, a critical elevation of privilege vulnerability in the .NET framework affecting all supported Windows versions. This...
CVE-2025-21178: Critical RCE Vulnerability in Visual Studio - Patch Now
CVE-2025-21178: Urgent RCE Vulnerability in Visual Studio - What You Need to Know Microsoft has issued a critical security alert regarding CVE-2025-21178, a newly discovered Remote Code Execution...
Windows 8.8 CVSS bug lets attackers hijack system via malicious media files
CVE-2025-21327: Critical Windows Digital Media Vulnerability Exposed Microsoft has disclosed a serious elevation of privilege vulnerability (CVE-2025-21327) affecting Windows Digital Media components...
Windows Kernel Zero-Day CVE-2025-21321: Patch All Versions Now
Microsoft has disclosed a critical vulnerability (CVE-2025-21321) in the Windows kernel that could allow attackers to execute arbitrary code with system-level privileges. This zero-day vulnerability...
KB5050009 and KB5050021 patch zero-day exploits but break USB audio and webcams
Overview of January 2025 Patch Tuesday Updates for Windows 11 Microsoft's January 2025 Patch Tuesday has delivered two crucial cumulative updates for Windows 11 users: KB5050009 for version 24H2 and...
CVE-2025-21319: Critical Windows Kernel Vulnerability Exposes Systems to Information Disclosure
A newly discovered vulnerability in the Windows kernel, tracked as CVE-2025-21319, has raised significant security concerns among cybersecurity professionals and Windows administrators. This critical...