Security Alerts
The latest Security Alerts coverage — news, analysis, and updates from the WindowsNews.AI desk.
Deploy May 2025 updates now to fix Windows Search DoS flaw CVE-2025-59198
Microsoft has disclosed a critical denial-of-service vulnerability in Windows Search, designated CVE-2025-59198, that could allow low-privileged local users to crash the Windows Search service and...
CVE-2025-59191: Critical Windows CDPSvc Privilege Escalation Vulnerability
A critical security vulnerability in Windows' Connected Devices Platform Service (CDPSvc) has been identified, posing significant risks to millions of Windows systems worldwide. Designated as...
CVE-2025-59189: Critical Windows BFS Vulnerability Enables Local Privilege Escalation
Microsoft has disclosed a significant security vulnerability in its Brokering File System (BFS) component that could allow attackers to gain elevated privileges on affected Windows systems....
CVE-2025-59184 Exposes Windows HA Services to Local Data Leakage
Microsoft has disclosed a significant security vulnerability affecting Windows High Availability Services, the critical subsystem that underpins Storage Spaces Direct (S2D) and related clustering...
CVE-2025-59187 Windows Kernel Vulnerability: Critical Privilege Escalation Patch
Microsoft has issued an urgent security update addressing CVE-2025-59187, a critical Windows Kernel elevation-of-privilege vulnerability that could allow attackers to gain SYSTEM-level access on...
CVE-2025-58739: Windows File Explorer Spoofing Vulnerability Exposes NTLM Credentials
Microsoft has disclosed a critical security vulnerability in Windows File Explorer that could allow attackers to spoof user interfaces and potentially expose NTLM credentials to unauthorized parties....
CVE-2025-59188: Microsoft Failover Cluster Information Disclosure Vulnerability Analysis
Microsoft has issued a critical security advisory for CVE-2025-59188, a significant information disclosure vulnerability affecting Microsoft Failover Cluster that could allow low-privileged local...
Microsoft Patches Critical Inbox COM Objects Memory Flaws in October 2025 Update
Microsoft's October 2025 security update addresses a critical cluster of memory corruption vulnerabilities in Inbox COM Objects that could enable local code execution and privilege escalation...
CVE-2025-58738: Critical RCE Vulnerability in Windows Inbox COM Objects Patched
Microsoft has addressed a critical security vulnerability in Windows Inbox COM Objects that could allow attackers to execute arbitrary code on affected systems. The flaw, tracked as CVE-2025-58738...
CVE-2025-58733: Critical Windows COM Object Vulnerability Threatens System Security
Microsoft has confirmed CVE-2025-58733 as a critical security vulnerability affecting Windows Inbox COM Objects that could allow attackers to execute arbitrary code and elevate privileges on...
CVE-2025-58736: Critical Windows COM Memory Vulnerability Patched in October 2025 Update
Microsoft has addressed a critical security vulnerability in Windows COM objects that could allow attackers to escalate privileges on affected systems. CVE-2025-58736, patched in the October 2025...
CVE-2025-58718: Critical RDP Client Vulnerability Enables Remote Code Execution
Microsoft has disclosed a high-severity security vulnerability in its Remote Desktop Client that could allow attackers to execute arbitrary code on vulnerable systems. CVE-2025-58718, rated with a...