Live
Microsoft Flags UI Spoofing Vulnerability CVE-2025-49755 in Edge for Android·MSFT +0.1%Critical Word Flaw CVE-2025-53784 Lets Attackers Hijack PCs via Malicious Docs — Patch Immediately·NVDA +3.0%Microsoft: CVE-2025-48807 Hyper V Exploit Demands Local Access, Yet Threatens Entire Host Infrastructures·GOOGL +1.2%Microsoft's CVE-2025-53793 Advisory: Azure Stack Hub Authentication Flaw Exposes Sensitive Data·AMZN +2.9%WSL 2.5.10 Fixes TOCTOU Bug: Microsoft Acts Fast on CVE-2025-53788 Privilege Escalation·MSFT +0.1%CVE-2025-49723: Windows StateRepository Flaw Opens Door to Local Privilege Escalation, Advisories Confuse CVE Numbers·NVDA +3.0%Microsoft Teams Flaw CVE-2025-53783: Unauthenticated RCE via Heap Overflow Sparks Urgent Patching·GOOGL +1.2%CVE-2025-50155: Critical Windows Push Notifications EoP Flaw Exposes Systems to Full Takeover·AMZN +2.9%Microsoft Flags UI Spoofing Vulnerability CVE-2025-49755 in Edge for Android·MSFT +0.1%Critical Word Flaw CVE-2025-53784 Lets Attackers Hijack PCs via Malicious Docs — Patch Immediately·NVDA +3.0%Microsoft: CVE-2025-48807 Hyper V Exploit Demands Local Access, Yet Threatens Entire Host Infrastructures·GOOGL +1.2%Microsoft's CVE-2025-53793 Advisory: Azure Stack Hub Authentication Flaw Exposes Sensitive Data·AMZN +2.9%WSL 2.5.10 Fixes TOCTOU Bug: Microsoft Acts Fast on CVE-2025-53788 Privilege Escalation·MSFT +0.1%CVE-2025-49723: Windows StateRepository Flaw Opens Door to Local Privilege Escalation, Advisories Confuse CVE Numbers·NVDA +3.0%Microsoft Teams Flaw CVE-2025-53783: Unauthenticated RCE via Heap Overflow Sparks Urgent Patching·GOOGL +1.2%CVE-2025-50155: Critical Windows Push Notifications EoP Flaw Exposes Systems to Full Takeover·AMZN +2.9%

Security Alerts

The latest Security Alerts coverage — news, analysis, and updates from the WindowsNews.AI desk.

12 stories in view AI assisted desk updated 5:12 AM
Latest Most Read Breaking
Sort
Android Browser · Browser Security

Microsoft Flags UI Spoofing Vulnerability CVE-2025-49755 in Edge for Android

Microsoft’s Security Response Center has disclosed CVE-2025-49755, a user-interface spoofing flaw in Microsoft Edge (Chromium-based) for Android that could let attackers trick users into handing...

Advertisement
Cve-2025-53788 · Edr

WSL 2.5.10 Fixes TOCTOU Bug: Microsoft Acts Fast on CVE-2025-53788 Privilege Escalation

Microsoft released an out-of-band Windows Subsystem for Linux (WSL) update on August 6, 2025, patching a local elevation-of-privilege vulnerability that could let attackers break out of WSL2...

SE Security Desk·46w ago
Cve-2025-49723 · Cve-2025-53789-mismatch

CVE-2025-49723: Windows StateRepository Flaw Opens Door to Local Privilege Escalation, Advisories Confuse CVE Numbers

Microsoft's July 2025 Patch Tuesday delivers a fix for a high-severity missing authorization vulnerability in the Windows StateRepository API, tracked as CVE-2025-49723. The bug lets an already...

SE Security Desk·46w ago
Cve-2025-53783 · Cybersecurity

Microsoft Teams Flaw CVE-2025-53783: Unauthenticated RCE via Heap Overflow Sparks Urgent Patching

Microsoft has published a security advisory for CVE-2025-53783, a heap-based buffer overflow in Microsoft Teams that allows an unauthorized attacker to execute code remotely over a network. The...

SE Security Desk·46w ago
Cve-2025-50155 · Edr

CVE-2025-50155: Critical Windows Push Notifications EoP Flaw Exposes Systems to Full Takeover

A serious elevation-of-privilege vulnerability in Windows Push Notifications has been cataloged as CVE-2025-50155 by Microsoft, giving authenticated local attackers a clear path to SYSTEM-level...

SE Security Desk·46w ago
Active Directory · Authentication

CVE-2025-53779: New Kerberos Path Traversal Bug Opens Door to Privilege Escalation—Patch Now

Microsoft’s security team has published guidance for CVE-2025-53779, a newly disclosed vulnerability in Windows Kerberos that could let authenticated attackers on the network elevate their...

SE Security Desk·46w ago
Authentication Vulnerability · Cve-2025-53778

Windows Admins: CVE-2025-53778 Is a Patch-Now NTLM Privilege Escalation That Threatens Entire Domains

Microsoft has silently added CVE-2025-53778 to its Security Update Guide, flagging a improper authentication flaw in the Windows NTLM implementation that permits an authorized attacker to elevate...

SE Security Desk·46w ago
Cve-2025-50157 · Extended Security Updates

Critical RRAS Vulnerability Leaks Windows Server Memory—Patch CVE-2025-50157 Immediately

Microsoft has issued an urgent security update for a memory disclosure flaw in Windows Routing and Remote Access Service (RRAS) that could let attackers remotely extract sensitive data from unpatched...

SE Security Desk·46w ago
Cve-2025-47956 · Cwe-73

Windows Security App UI Spoofing Flaw CVE-2025-47956 Patched – But Local Attackers Can Still Fake Alerts

Microsoft’s June 2025 security updates address a spoofing vulnerability in the Windows Security App that lets a local user manipulate file names and paths to display forged security alerts. Tracked...

SE Security Desk·46w ago