Network Security
The latest Network Security coverage — news, analysis, and updates from the WindowsNews.AI desk.
Windows 10 End of Support: 60% of Corporate Devices Still Unready as October Deadline Hits
October 14, 2025, marks the definitive end of free security updates, feature patches, and technical support for Windows 10—but with barely months to go, up to 60% of corporate devices and 53% of...
Microsoft Patches Critical Type-Confusion Bug in Windows Defender Firewall Service (CVE-2025-54915)
Microsoft has released a patch for CVE-2025-54915, a local privilege escalation vulnerability in the Windows Defender Firewall Service that exploits a type-confusion error. The flaw, described by...
Microsoft’s September Update Tackles RRAS Heap Overflow (CVE-2025-54113) – RCE Risk When Users Connect to Malicious Servers
Microsoft’s September 2025 Patch Tuesday brings a slew of fixes, but one stands out for network administrators: CVE-2025-54113, a heap-based buffer overflow in the Windows Routing and Remote Access...
Windows HTTP.sys Out-of-Bounds Read Enables Remote DoS — Patch Urgently
A newly referenced vulnerability in the Windows HTTP protocol stack exposes internet-facing servers to remote denial-of-service attacks, forcing administrators to take immediate action even as public...
SQL Server Vulnerability CVE-2025-47997: Patch Now to Block Memory Disclosure Attacks
Microsoft has released patches for a critical information-disclosure vulnerability in SQL Server that could allow an authenticated attacker to read sensitive memory contents over the network. Tracked...
Patch Now: Windows RRAS Flaw CVE-2025-55225 Spills System Memory to Remote Attackers
Microsoft has confirmed a serious information disclosure vulnerability in the Windows Routing and Remote Access Service (RRAS) that could let attackers remotely read sensitive memory contents from...
Windows SMBv3 Vulnerability CVE-2025-54101 Could Let Attackers Remotely Execute Code
A newly disclosed vulnerability in the Windows SMBv3 client could allow attackers to take full control of unpatched systems with nothing more than a network connection. Microsoft’s advisory,...
Microsoft Patches CVE-2025-53798: RRAS Memory Leak Exposes VPN Gateways to Data Theft
Microsoft has released a vendor update to patch CVE-2025-53798, an information-disclosure vulnerability in the Windows Routing and Remote Access Service (RRAS) that allows an attacker to read...
Windows RRAS Out-of-Bounds Read Flaw Exposes Memory to Remote Attackers
Microsoft has confirmed a memory disclosure vulnerability in the Windows Routing and Remote Access Service (RRAS) that could allow unauthenticated attackers to extract sensitive information from...
Critical RRAS Flaw Exposes VPN Gateways to Remote Memory Leaks — Patch Immediately
A remote information-disclosure vulnerability in the Windows Routing and Remote Access Service (RRAS) received an out-of-band advisory from Microsoft this week, warning that attackers can siphon...
Critical RRAS Memory Leak CVE-2025-53797 Puts VPN Gateways at Risk – Patch Immediately
Microsoft has disclosed a high-severity information-disclosure vulnerability in the Windows Routing and Remote Access Service (RRAS) that could allow unauthenticated attackers to read sensitive...
Microsoft Ships Audit-First SMB Hardening to Discover Incompatible Clients Before Enforcement
Microsoft has rolled out built‑in auditing for two critical SMB server hardening features—signing and Extended Protection for Authentication (EPA)—giving administrators a safe,...