Live
Microsoft Flags Critical Race Condition RCE in Windows Storage—Patch Immediately·MSFT +0.1%Microsoft Fixes CVE-2025-55229 Certificate Spoofing Bug Threatening TLS, VPNs, and Code Signing·NVDA +3.0%Chrome 139 Seals High-Severity V8 Out-of-Bounds Write CVE-2025-9132, Enterprises Scramble to Patch Edge·GOOGL +1.2%CVE-2025-53763: Microsoft Flags Azure Databricks Privilege Escalation Flaw, Urges Immediate Defensive Actions·AMZN +2.9%Patch Now: Microsoft's netbt.sys Kernel Flaw (CVE-2025-55230/47996) Grants Attackers Full Control·MSFT +0.1%PC Manager’s 7.8 CVSS Flaw Exposed: How Symlinks Give Attackers SYSTEM Rights·NVDA +3.0%CISA Alerts Federal Agencies and Enterprises to Apple Image I/O Zero-Day Under Active Exploit·GOOGL +1.2%CISA's Triple Threat: Mitsubishi HVAC 9.8, Unpatched MELSEC DoS, and Fujifilm Privilege Escalation·AMZN +2.9%Microsoft Flags Critical Race Condition RCE in Windows Storage—Patch Immediately·MSFT +0.1%Microsoft Fixes CVE-2025-55229 Certificate Spoofing Bug Threatening TLS, VPNs, and Code Signing·NVDA +3.0%Chrome 139 Seals High-Severity V8 Out-of-Bounds Write CVE-2025-9132, Enterprises Scramble to Patch Edge·GOOGL +1.2%CVE-2025-53763: Microsoft Flags Azure Databricks Privilege Escalation Flaw, Urges Immediate Defensive Actions·AMZN +2.9%Patch Now: Microsoft's netbt.sys Kernel Flaw (CVE-2025-55230/47996) Grants Attackers Full Control·MSFT +0.1%PC Manager’s 7.8 CVSS Flaw Exposed: How Symlinks Give Attackers SYSTEM Rights·NVDA +3.0%CISA Alerts Federal Agencies and Enterprises to Apple Image I/O Zero-Day Under Active Exploit·GOOGL +1.2%CISA's Triple Threat: Mitsubishi HVAC 9.8, Unpatched MELSEC DoS, and Fujifilm Privilege Escalation·AMZN +2.9%

Security Alerts

The latest Security Alerts coverage — news, analysis, and updates from the WindowsNews.AI desk.

12 stories in view AI assisted desk updated 1:08 AM
Latest Most Read Breaking
Sort
Cve-2025-55231 · Incident Response

Microsoft Flags Critical Race Condition RCE in Windows Storage—Patch Immediately

Microsoft has issued a critical security advisory for CVE-2025-55231, a race‑condition vulnerability in the Windows storage management stack that could allow remote code execution. The flaw,...

Advertisement
Allocation Spraying · Attack Detection

Patch Now: Microsoft's netbt.sys Kernel Flaw (CVE-2025-55230/47996) Grants Attackers Full Control

A local elevation-of-privilege flaw in the Windows MBT Transport driver—the kernel component behind NetBIOS over TCP/IP—can hand attackers full SYSTEM rights, and while Microsoft’s July 2025...

SE Security Desk·45w ago
Applocker · Cve-2025-29975

PC Manager’s 7.8 CVSS Flaw Exposed: How Symlinks Give Attackers SYSTEM Rights

A vulnerability tracked as CVE-2025-29975 in Microsoft PC Manager hands local attackers a direct path to full SYSTEM control. With a CVSS 3.1 score of 7.8 (high) and a low attack complexity, the bug...

SE Security Desk·45w ago
Apple · Bod 22-01

CISA Alerts Federal Agencies and Enterprises to Apple Image I/O Zero-Day Under Active Exploit

The Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2025-43300 to its Known Exploited Vulnerabilities (KEV) Catalog on August 21, 2025, triggering a mandatory patch sprint for...

SE Security Desk·45w ago
Air Conditioning Controllers · Cisa

CISA's Triple Threat: Mitsubishi HVAC 9.8, Unpatched MELSEC DoS, and Fujifilm Privilege Escalation

Mitsubishi Electric’s air conditioning controllers face a critical authentication bypass with a CVSS severity score of 9.8, leading a trio of industrial control system (ICS) and medical device...

SE Security Desk·45w ago
Advisory · Automation

Mitsubishi Electric Confirms Unpatched DoS Flaw in MELSEC iQ-F PLCs, Recommends Network Hardening

Mitsubishi Electric has disclosed a remotely exploitable denial-of-service vulnerability in the embedded web server of its MELSEC iQ-F series programmable logic controllers, tracked under an internal...

SE Security Desk·45w ago
8.2 Upgrade · Access Control

Fujifilm Medical Viewer Flaw Allows Unauthorized Access to Patient Scans — CISA Calls for Immediate Upgrade

A severe privilege-escalation vulnerability in FUJIFILM Healthcare Americas’ Synapse Mobility medical imaging viewer could allow remote attackers to bypass role-based access controls and view...

SE Security Desk·45w ago
Building Management · Cisa

CISA's August 19 ICS Alert: Siemens Desigo CC SAML Bypass, Tigo Hardcoded Credentials, and EG4 Inverter Firmware Risks Exposed

Four industrial control system advisories released by CISA on August 19, 2025, pack an urgent punch for critical infrastructure operators, exposing dangerous flaws across building management...

SE Security Desk·45w ago
Codemeter · Codemeter V8.30a

Siemens Urges Patching of Desigo CC and SENTRON as CodeMeter Flaws Enable Remote RCE and Privilege Escalation

{ "title": "Siemens Urges Patching of Desigo CC and SENTRON as CodeMeter Flaws Enable Remote RCE and Privilege Escalation", "content": "Siemens has issued an urgent security advisory for the...

SE Security Desk·45w ago