Heap Overflow
The latest Heap Overflow coverage — news, analysis, and updates from the WindowsNews.AI desk.
Chrome 141 Fixes Critical Video Flaw; Edge Security Lag Raises Concerns
The recent disclosure of CVE-2025-11206, a heap buffer overflow vulnerability in Chromium's Video component, has highlighted both the strengths and complexities of modern browser security ecosystems....
Chrome and Edge Patch Critical ANGLE Heap Overflow — Update Your Browser Now
Google has rushed out a fix for a high‑severity memory corruption flaw in Chrome’s ANGLE graphics layer, and Microsoft has now incorporated the same fix into its Edge browser. The vulnerability,...
Two Windows Bluetooth Flaws Could Give Attackers SYSTEM Access: Here’s What to Do
Microsoft has fixed two serious elevation-of-privilege vulnerabilities in the Windows Bluetooth Service that could be chained with other exploits to hand an attacker full control of an unpatched PC....
Critical Office Heap Overflow (CVE-2025-54910) Patched for Windows, Mac Fixes Still Pending
Microsoft has released security updates to patch a critical heap-based buffer overflow in Microsoft Office, tracked as CVE-2025-54910, that could allow attackers to execute arbitrary code after a...
Microsoft Patches Critical Excel Heap Overflow (CVE-2025-54900) – What You Need to Know
Microsoft has released a security update patching a critical heap‑based buffer overflow in Excel, tracked as CVE‑2025‑54900, that could allow attackers to execute code on a victim’s machine...
Microsoft’s September Update Tackles RRAS Heap Overflow (CVE-2025-54113) – RCE Risk When Users Connect to Malicious Servers
Microsoft’s September 2025 Patch Tuesday brings a slew of fixes, but one stands out for network administrators: CVE-2025-54113, a heap-based buffer overflow in the Windows Routing and Remote Access...
Critical Bluetooth Flaw CVE-2025-27490 Patched: Full System Compromise Possible via Airborne Attack
Microsoft’s April 2025 Patch Tuesday included a fix for a critical Bluetooth elevation-of-privilege vulnerability, CVE-2025-27490, that allows an attacker within Bluetooth range to escalate...
Patch Alert: Microsoft Flags High-Risk Graphics Privilege Escalation (CVE-2025-53800)
Microsoft’s latest security advisory addresses an elevation-of-privilege vulnerability in the Windows Graphics Component tracked as CVE-2025-53800. Published through the Security Update Guide, the...
Microsoft Flags Critical Visio Heap Overflow – Urgent Patch for CVE-2025-54907 Underway
Microsoft has confirmed a dangerous heap-based buffer overflow in Microsoft Office Visio that lets attackers execute malicious code simply by convincing a user to open a rigged diagram file. The...
CVE-2025-54899 Exposes Excel to Code Execution Attacks: Patch Deployed for Critical Memory-Safety Bug
Microsoft has released a security update to patch CVE-2025-54899, a memory-safety vulnerability in Excel that can allow attackers to execute arbitrary code on a victim's machine when a malicious...
Critical Windows Server VPN Gateway Flaw Allows Unauthenticated Remote Code Execution — Patch RRAS Now
Microsoft is urging organizations to immediately patch a series of critical heap-based buffer overflow vulnerabilities in Windows Routing and Remote Access Service (RRAS) that can be exploited...
Chrome 139 Fixes High-Severity libaom AV1 Heap Overflow; Edge Patch to Follow
Google has rolled out a stable-channel update for Chrome that patches CVE-2025-8879, a high-severity heap buffer overflow in the libaom AV1 codec library. The fix landed on August 12, 2025, in Chrome...