Live
Critical Local Privilege Escalation Bug in Windows DWM Fixed: Here’s What You Need to Know·MSFT +0.1%CVE-2025-54906: Microsoft Office Memory Bug Enables Code Execution via Malicious Docs – Patch Now·NVDA +3.0%Urgent Excel Security Fix: Use-After-Free Bug Opens Door to Code Execution — Mac LTSC Patches Delayed·GOOGL +1.2%Windows NEGOEX Integer Overflow Lets Attackers Escalate to SYSTEM—Patch Now·AMZN +2.9%Microsoft Flags UI Spoofing Vulnerability CVE-2025-49755 in Edge for Android·MSFT +0.1%Microsoft's CVE-2025-53793 Advisory: Azure Stack Hub Authentication Flaw Exposes Sensitive Data·NVDA +3.0%CVE-2025-50155: Critical Windows Push Notifications EoP Flaw Exposes Systems to Full Takeover·GOOGL +1.2%Microsoft Closes Excel Heap Overflow Remote Code Execution Hole (CVE-2025-53737) — Patch Now·AMZN +2.9%Critical Local Privilege Escalation Bug in Windows DWM Fixed: Here’s What You Need to Know·MSFT +0.1%CVE-2025-54906: Microsoft Office Memory Bug Enables Code Execution via Malicious Docs – Patch Now·NVDA +3.0%Urgent Excel Security Fix: Use-After-Free Bug Opens Door to Code Execution — Mac LTSC Patches Delayed·GOOGL +1.2%Windows NEGOEX Integer Overflow Lets Attackers Escalate to SYSTEM—Patch Now·AMZN +2.9%Microsoft Flags UI Spoofing Vulnerability CVE-2025-49755 in Edge for Android·MSFT +0.1%Microsoft's CVE-2025-53793 Advisory: Azure Stack Hub Authentication Flaw Exposes Sensitive Data·NVDA +3.0%CVE-2025-50155: Critical Windows Push Notifications EoP Flaw Exposes Systems to Full Takeover·GOOGL +1.2%Microsoft Closes Excel Heap Overflow Remote Code Execution Hole (CVE-2025-53737) — Patch Now·AMZN +2.9%

Msrc Advisory

The latest Msrc Advisory coverage — news, analysis, and updates from the WindowsNews.AI desk.

12 stories in view AI assisted desk updated 1:36 AM
Latest Most Read Breaking
Sort
Cve-2025-53801 · Dwm Core Library

Critical Local Privilege Escalation Bug in Windows DWM Fixed: Here’s What You Need to Know

Microsoft has patched a serious local privilege escalation vulnerability in the Windows Desktop Window Manager (DWM) Core Library, tracked as CVE-2025-53801, that could allow an attacker with a basic...

Advertisement
Android Browser · Browser Security

Microsoft Flags UI Spoofing Vulnerability CVE-2025-49755 in Edge for Android

Microsoft’s Security Response Center has disclosed CVE-2025-49755, a user-interface spoofing flaw in Microsoft Edge (Chromium-based) for Android that could let attackers trick users into handing...

SE Security Desk·48w ago
Air-gapped · Authentication

Microsoft's CVE-2025-53793 Advisory: Azure Stack Hub Authentication Flaw Exposes Sensitive Data

Microsoft has published an urgent security advisory for CVE-2025-53793, an improper authentication vulnerability in Azure Stack Hub that could allow unauthenticated attackers to access sensitive...

SE Security Desk·48w ago
Cve-2025-50155 · Edr

CVE-2025-50155: Critical Windows Push Notifications EoP Flaw Exposes Systems to Full Takeover

A serious elevation-of-privilege vulnerability in Windows Push Notifications has been cataloged as CVE-2025-50155 by Microsoft, giving authenticated local attackers a clear path to SYSTEM-level...

SE Security Desk·48w ago
Cve-2025-53737 · Defense In Depth

Microsoft Closes Excel Heap Overflow Remote Code Execution Hole (CVE-2025-53737) — Patch Now

Microsoft’s April 2025 security updates included a fix for a heap overflow vulnerability in Excel that attackers could exploit to run arbitrary code on a victim’s machine. Tracked as...

SE Security Desk·48w ago
Asr · Cve-2025-53732

Urgent Patch for CVE-2025-53732: Microsoft Office Heap Overflow Enables Remote Code Execution via Malicious Documents

Microsoft has released a critical security update addressing CVE-2025-53732, a heap-based buffer overflow vulnerability in Microsoft Office that allows remote code execution (RCE) when a user opens a...

SE Security Desk·48w ago
Cross-site Scripting · Csp

Microsoft Patches Dynamics 365 On-Prem Flaw CVE-2025-53728 That Exposes Sensitive Data

Microsoft has released a security update to fix an information disclosure vulnerability in Dynamics 365 on-premises versions, tracked as CVE-2025-53728. The flaw, classified as allowing an...

SE Security Desk·48w ago
Asr · Cve-2025-53731

Critical Office Use-After-Free Bug (CVE-2025-53731) Lets Attackers Execute Code—Patch Now, Microsoft Warns

Microsoft’s Security Response Center has published a new advisory, CVE-2025-53731, confirming a critical use-after-free vulnerability in Microsoft Office that can let attackers execute arbitrary...

SE Security Desk·48w ago
Afd.sys · Cve-2025

Actively Exploited AFD.sys Vulnerability Grants Attackers SYSTEM Access: Patch Now

Microsoft has patched a dangerous vulnerability in the Windows Ancillary Function Driver for WinSock (AFD.sys) that attackers are actively exploiting in the wild to gain complete control over...

SE Security Desk·48w ago
1 2 3 4