Live
Hyper-V PowerShell Direct Flaw Lets Attackers Impersonate Admins, Microsoft Urges Patching·MSFT +0.1%Microsoft Patches CVE-2025-53798: RRAS Memory Leak Exposes VPN Gateways to Data Theft·NVDA +3.0%Critical RRAS Flaw Exposes VPN Gateways to Remote Memory Leaks — Patch Immediately·GOOGL +1.2%Critical RRAS Memory Leak CVE-2025-53797 Puts VPN Gateways at Risk – Patch Immediately·AMZN +2.9%Behind CVE-2025-55241: Why the MSRC Advisory Is Sparking a Hunt for Windows Exploit Defenses·MSFT +0.1%CVE Confusion Hits Microsoft Dynamics 365 FastTrack: Urgent Patch Needed for Info-Disclosure Flaw·NVDA +3.0%CVE-2025-55242: Microsoft Flags Xbox Information Disclosure Exploit – Admins Must Patch Immediately·GOOGL +1.2%Microsoft Confirms Two Azure Bot Service Elevation-of-Privilege Flaws, Urges Immediate Patching·AMZN +2.9%Hyper-V PowerShell Direct Flaw Lets Attackers Impersonate Admins, Microsoft Urges Patching·MSFT +0.1%Microsoft Patches CVE-2025-53798: RRAS Memory Leak Exposes VPN Gateways to Data Theft·NVDA +3.0%Critical RRAS Flaw Exposes VPN Gateways to Remote Memory Leaks — Patch Immediately·GOOGL +1.2%Critical RRAS Memory Leak CVE-2025-53797 Puts VPN Gateways at Risk – Patch Immediately·AMZN +2.9%Behind CVE-2025-55241: Why the MSRC Advisory Is Sparking a Hunt for Windows Exploit Defenses·MSFT +0.1%CVE Confusion Hits Microsoft Dynamics 365 FastTrack: Urgent Patch Needed for Info-Disclosure Flaw·NVDA +3.0%CVE-2025-55242: Microsoft Flags Xbox Information Disclosure Exploit – Admins Must Patch Immediately·GOOGL +1.2%Microsoft Confirms Two Azure Bot Service Elevation-of-Privilege Flaws, Urges Immediate Patching·AMZN +2.9%

Msrc

The latest Msrc coverage — news, analysis, and updates from the WindowsNews.AI desk.

12 stories in view AI assisted desk updated 12:37 AM
Latest Most Read Breaking
Sort
Blue Team · Cve-2025-49734

Hyper-V PowerShell Direct Flaw Lets Attackers Impersonate Admins, Microsoft Urges Patching

Microsoft has disclosed a new elevation-of-privilege vulnerability (CVE-2025-49734) in Windows Hyper-V’s PowerShell Direct feature that lets a locally authenticated attacker with low privileges...

Advertisement
Cisa · Cybersecurity

Behind CVE-2025-55241: Why the MSRC Advisory Is Sparking a Hunt for Windows Exploit Defenses

Microsoft's Security Response Center published advisory CVE-2025-55241, and within hours, security practitioners weren't just scanning for patches—they were demanding deep-dive guidance on...

SE Security Desk·45w ago
Access Control · Cloud Security

CVE Confusion Hits Microsoft Dynamics 365 FastTrack: Urgent Patch Needed for Info-Disclosure Flaw

Microsoft's Dynamics 365 FastTrack Implementation Assets have been thrust into the security spotlight following an information disclosure vulnerability that lets attackers harvest private data over a...

SE Security Desk·45w ago
Certification Pipeline · Compensating Controls

CVE-2025-55242: Microsoft Flags Xbox Information Disclosure Exploit – Admins Must Patch Immediately

Microsoft has published a security advisory for CVE-2025-55242, an information disclosure vulnerability that could allow unauthorized actors to access sensitive data over a network. The bug, which...

AI AI & Copilot Desk·45w ago
Attack Surface · Authorization

Microsoft Confirms Two Azure Bot Service Elevation-of-Privilege Flaws, Urges Immediate Patching

Security teams responsible for Azure Bot Service deployments are grappling with a double-barreled set of improper authorization vulnerabilities that could let unauthenticated attackers hijack cloud...

SE Security Desk·45w ago
Azure Firewall · Azure Networking

Azure Networking EoP Flaw CVE-2025-54914: Immediate Hardening Steps for Hybrid Cloud Teams

Microsoft’s Security Response Center (MSRC) has published an advisory for CVE-2025-54914, an elevation-of-privilege vulnerability in Azure Networking that could allow attackers with minimal...

SE Security Desk·45w ago
Cve-2025-55231 · Incident Response

Microsoft Flags Critical Race Condition RCE in Windows Storage—Patch Immediately

Microsoft has issued a critical security advisory for CVE-2025-55231, a race‑condition vulnerability in the Windows storage management stack that could allow remote code execution. The flaw,...

SE Security Desk·47w ago
Allocation Spraying · Attack Detection

Patch Now: Microsoft's netbt.sys Kernel Flaw (CVE-2025-55230/47996) Grants Attackers Full Control

A local elevation-of-privilege flaw in the Windows MBT Transport driver—the kernel component behind NetBIOS over TCP/IP—can hand attackers full SYSTEM rights, and while Microsoft’s July 2025...

SE Security Desk·47w ago
Audit Logs · Auditing

Microsoft Quietly Patches Copilot Flaw That Let Insiders Access Files Without Audit Traces

A security researcher discovered that a simple prompt technique could make Microsoft 365 Copilot summarize sensitive corporate files without leaving the required Purview audit records. Microsoft...

AI AI & Copilot Desk·47w ago