Live

Security Advisory

The latest Security Advisory coverage — news, analysis, and updates from the WindowsNews.AI desk.

12 stories in view AI assisted desk updated 3:22 PM
Latest Most Read Breaking
Sort
Cve-2025-21387 · Cybersecurity

Excel zero-day CVE-2025-21387 with 9.8 CVSS exploited in attacks.

CVE-2025-21387: Critical RCE Vulnerability in Microsoft Excel Microsoft has issued an urgent security advisory regarding CVE-2025-21387, a critical Remote Code Execution (RCE) vulnerability affecting...

Advertisement
Cisa · Industrial Control Systems

ZF RSSPlus Critical Flaw Threatens ICS Systems: Patch Now

The ZF RSSPlus vulnerability has emerged as a critical cybersecurity concern for industrial control systems (ICS), prompting advisories from CISA and other security agencies. This in-depth analysis...

SE Security Desk·77w ago
Cisa · Cybersecurity

Siemens Mendix LDAP Vulnerability: Critical Security Alert and Patch Guidance

Siemens has issued an urgent security advisory regarding a critical LDAP injection vulnerability in its Mendix platform that could allow attackers to bypass authentication mechanisms. The...

SE Security Desk·78w ago
Cve-2025-21393 · Cybersecurity

SharePoint Server faces critical 8.8-severity spoofing flaw CVE-2025-21393 before April patch

Critical CVE-2025-21393 Vulnerability Discovered in Microsoft SharePoint Server Microsoft has issued a critical security advisory regarding CVE-2025-21393, a newly discovered spoofing vulnerability...

SE Security Desk·78w ago
Cve-2025-21389 · Dos Vulnerability

UPnP memory corruption bug CVE-2025-21389 lets attackers crash Windows via port 1900

A newly discovered critical vulnerability (CVE-2025-21389) in Windows' Universal Plug and Play (UPnP) host service (upnphost.dll) exposes systems to denial-of-service (DoS) attacks. This security...

SE Security Desk·78w ago
Cve-2025-21248 · Remote Code Execution

Active exploits begin: Microsoft patches CVE-2025-21248 SYSTEM-level RCE in all Windows.

A newly discovered critical vulnerability in Windows Telephony Service (CVE-2025-21248) exposes millions of systems to remote code execution (RCE) attacks. Security researchers have rated this flaw...

SE Security Desk·78w ago
Cve-2025-21237 · Remote Code Execution

Critical unpatched Windows bug grants SYSTEM access via network attacks.

Microsoft has disclosed a critical remote code execution (RCE) vulnerability in the Windows Telephony Service (CVE-2025-21237) that could allow attackers to take complete control of affected systems....

SE Security Desk·78w ago
Cybersecurity · Foxman-un

Critical Hitachi Energy FOXMAN-UN Flaws Risk Power Grid Attacks

Hitachi Energy has issued a critical security advisory regarding multiple vulnerabilities in its FOXMAN-UN platform, a widely used industrial control system (ICS) solution. These flaws could allow...

SE Security Desk·78w ago
Cybersecurity · Microsoft Intelligent Security Association

Security Risk Advisors Joins Microsoft Intelligent Security Association: Enhanced Windows Security Ahead

Security Risk Advisors (SRA), a leading cybersecurity consulting firm, has officially joined the Microsoft Intelligent Security Association (MISA), marking a significant step forward for Windows...

SE Security Desk·79w ago