Live
CVE-2025-53806: Microsoft Patches RRAS Memory Disclosure Flaw in Windows VPN Servers·MSFT +0.1%CVE-2025-53804: Windows Kernel Vulnerability Exposes Sensitive Data—Patch Now and Harden Defenses·NVDA +3.0%Patch Alert: Microsoft Flags High-Risk Graphics Privilege Escalation (CVE-2025-53800)·GOOGL +1.2%CVE-2025-49692: Azure Connected Machine Agent Vulnerability Demands Immediate Patching·AMZN +2.9%SQL Server Vulnerability CVE-2025-47997: Patch Now to Block Memory Disclosure Attacks·MSFT +0.1%Microsoft AutoUpdate Vulnerability Lets Attackers Escalate to Root on macOS via Symlink Tricks·NVDA +3.0%Azure Arc’s Critical Local Privilege Flaw Fixed, But CVE Muddle May Leave Systems Exposed·GOOGL +1.2%CVE-2025-55243: OfficePlus Spoofing Flaw Exposes Data, Bypasses Scanners·AMZN +2.9%CVE-2025-53806: Microsoft Patches RRAS Memory Disclosure Flaw in Windows VPN Servers·MSFT +0.1%CVE-2025-53804: Windows Kernel Vulnerability Exposes Sensitive Data—Patch Now and Harden Defenses·NVDA +3.0%Patch Alert: Microsoft Flags High-Risk Graphics Privilege Escalation (CVE-2025-53800)·GOOGL +1.2%CVE-2025-49692: Azure Connected Machine Agent Vulnerability Demands Immediate Patching·AMZN +2.9%SQL Server Vulnerability CVE-2025-47997: Patch Now to Block Memory Disclosure Attacks·MSFT +0.1%Microsoft AutoUpdate Vulnerability Lets Attackers Escalate to Root on macOS via Symlink Tricks·NVDA +3.0%Azure Arc’s Critical Local Privilege Flaw Fixed, But CVE Muddle May Leave Systems Exposed·GOOGL +1.2%CVE-2025-55243: OfficePlus Spoofing Flaw Exposes Data, Bypasses Scanners·AMZN +2.9%

Msrc

The latest Msrc coverage — news, analysis, and updates from the WindowsNews.AI desk.

12 stories in view AI assisted desk updated 5:47 PM
Latest Most Read Breaking
Sort
Cve-2025-53806 · Information Disclosure

CVE-2025-53806: Microsoft Patches RRAS Memory Disclosure Flaw in Windows VPN Servers

Microsoft has disclosed CVE-2025-53806, a new information disclosure vulnerability in the Windows Routing and Remote Access Service (RRAS) that allows attackers to read sensitive memory contents from...

Advertisement
Credential Theft · Cu Update

SQL Server Vulnerability CVE-2025-47997: Patch Now to Block Memory Disclosure Attacks

Microsoft has released patches for a critical information-disclosure vulnerability in SQL Server that could allow an authenticated attacker to read sensitive memory contents over the network. Tracked...

SE Security Desk·44w ago
Cve-2025-55317 · Cybersecurity

Microsoft AutoUpdate Vulnerability Lets Attackers Escalate to Root on macOS via Symlink Tricks

Microsoft has disclosed a fresh local elevation-of-privilege vulnerability in its Microsoft AutoUpdate (MAU) agent that allows an attacker with an existing foothold on a macOS machine to escalate to...

SE Security Desk·44w ago
Azure Arc · Command Injection

Azure Arc’s Critical Local Privilege Flaw Fixed, But CVE Muddle May Leave Systems Exposed

Microsoft has patched a high-severity local elevation-of-privilege vulnerability in Azure Arc, but confusion over the associated CVE identifier could cause dangerous patching delays, security...

SE Security Desk·44w ago
Asr · Cve-2025-55243

CVE-2025-55243: OfficePlus Spoofing Flaw Exposes Data, Bypasses Scanners

Microsoft has published a security advisory for CVE-2025-55243, a spoofing vulnerability in Microsoft OfficePlus that can lead to the exposure of sensitive information and enable attackers to...

SE Security Desk·44w ago
Cve-2024-28916 · Cwe-59

Patch Now: Xbox Gaming Services CVE-2024-28916 Lets Low-Privilege Attackers Escalate to SYSTEM

A critical elevation-of-privilege vulnerability in Microsoft’s Xbox Gaming Services component, tracked as CVE-2024-28916, has been patched, but not before a public proof-of-concept demonstrated how...

SE Security Desk·44w ago
Cve-2025-55228 · Graphics Subsystem

Urgent: Windows Win32K GRFX Race Condition Exploitable for Kernel Code Execution – Patch Now

Microsoft has disclosed a dangerous race condition vulnerability in the Windows graphics subsystem’s Win32K component, tracked as CVE-2025-55228, that allows an authenticated local attacker to gain...

SE Security Desk·44w ago
Cve-2025-55225 · Extended Security Updates

Patch Now: Windows RRAS Flaw CVE-2025-55225 Spills System Memory to Remote Attackers

Microsoft has confirmed a serious information disclosure vulnerability in the Windows Routing and Remote Access Service (RRAS) that could let attackers remotely read sensitive memory contents from...

SE Security Desk·44w ago
Cve-2025-55223 · Directx

The CVE That Isn't There: DirectX Kernel Race Condition Panic and the Patches You Actually Need

Microsoft's August 2025 security updates landed with a thud for Windows administrators, but not all of them came with a neat advisory. In forums across the web, sysadmins are chasing a ghost:...

SE Security Desk·44w ago