Live
Microsoft Patches Dynamics 365 On-Prem Flaw CVE-2025-53728 That Exposes Sensitive Data·MSFT +0.1%Critical Office Use-After-Free Bug (CVE-2025-53731) Lets Attackers Execute Code—Patch Now, Microsoft Warns·NVDA +3.0%Microsoft Warns of CVE-2025-53726: Windows Push Notification Flaw Grants SYSTEM Access to Local Attackers·GOOGL +1.2%Windows Notification Use‑After‑Free Vulnerability (CVE‑2025‑49725) Grants Attackers SYSTEM Privileges·AMZN +2.9%CVE-2025-53723: Hyper‑V Truncation Bug Hands Local Attackers SYSTEM Control·MSFT +0.1%Microsoft Issues Urgent Fix for CVE-2025-53724: Windows Push Notifications Type Confusion Bug Enables SYSTEM Access·NVDA +3.0%CVE-2025-53722: Attackers Can Exhaust Windows RDS and Force Server Downtime, Microsoft Warns·GOOGL +1.2%Patch Now: Windows CDPSvc Use-After-Free Bug (CVE-2025-48000) Grants Attackers SYSTEM Privileges·AMZN +2.9%Microsoft Patches Dynamics 365 On-Prem Flaw CVE-2025-53728 That Exposes Sensitive Data·MSFT +0.1%Critical Office Use-After-Free Bug (CVE-2025-53731) Lets Attackers Execute Code—Patch Now, Microsoft Warns·NVDA +3.0%Microsoft Warns of CVE-2025-53726: Windows Push Notification Flaw Grants SYSTEM Access to Local Attackers·GOOGL +1.2%Windows Notification Use‑After‑Free Vulnerability (CVE‑2025‑49725) Grants Attackers SYSTEM Privileges·AMZN +2.9%CVE-2025-53723: Hyper‑V Truncation Bug Hands Local Attackers SYSTEM Control·MSFT +0.1%Microsoft Issues Urgent Fix for CVE-2025-53724: Windows Push Notifications Type Confusion Bug Enables SYSTEM Access·NVDA +3.0%CVE-2025-53722: Attackers Can Exhaust Windows RDS and Force Server Downtime, Microsoft Warns·GOOGL +1.2%Patch Now: Windows CDPSvc Use-After-Free Bug (CVE-2025-48000) Grants Attackers SYSTEM Privileges·AMZN +2.9%

Security Alerts

The latest Security Alerts coverage — news, analysis, and updates from the WindowsNews.AI desk.

12 stories in view AI assisted desk updated 8:25 AM
Latest Most Read Breaking
Sort
Cross-site Scripting · Csp

Microsoft Patches Dynamics 365 On-Prem Flaw CVE-2025-53728 That Exposes Sensitive Data

Microsoft has released a security update to fix an information disclosure vulnerability in Dynamics 365 on-premises versions, tracked as CVE-2025-53728. The flaw, classified as allowing an...

Advertisement
Cloud Security · Cve-2025-53723

CVE-2025-53723: Hyper‑V Truncation Bug Hands Local Attackers SYSTEM Control

Microsoft has published an advisory for a new elevation‑of‑privilege vulnerability in Windows Hyper‑V that could allow an authorized attacker on an affected host to escalate privileges and take...

SE Security Desk·46w ago
Cve-2025-53724 · Endpoint Security

Microsoft Issues Urgent Fix for CVE-2025-53724: Windows Push Notifications Type Confusion Bug Enables SYSTEM Access

Microsoft’s latest security advisory warns of a serious elevation-of-privilege vulnerability in the Windows Push Notifications Apps component, tracked as CVE-2025-53724. The flaw, rooted in a type...

SE Security Desk·46w ago
Availability · Cve-2025-53722

CVE-2025-53722: Attackers Can Exhaust Windows RDS and Force Server Downtime, Microsoft Warns

A recently disclosed flaw in Windows Remote Desktop Services (CVE-2025-53722) allows attackers to remotely crash servers by overwhelming system resources, Microsoft’s security advisory warns. The...

SE Security Desk·46w ago
August 2025 · Cdpsvc

Patch Now: Windows CDPSvc Use-After-Free Bug (CVE-2025-48000) Grants Attackers SYSTEM Privileges

A use-after-free vulnerability in the Windows Connected Devices Platform Service (CDPSvc) lets any local authenticated attacker gain full SYSTEM control—and the fix landed in Microsoft’s July...

SE Security Desk·46w ago
Cve-2025-53719 · Cybersecurity

Uninitialized Resource Bug in Windows RRAS Could Expose Corporate VPN Secrets, Microsoft Urges Patch

Microsoft has disclosed a new information disclosure vulnerability in the Windows Routing and Remote Access Service (RRAS), tracked as CVE-2025-53719, that could allow an authenticated attacker to...

SE Security Desk·46w ago
Afd.sys · Applocker

Critical Windows AFD.sys Kernel Flaw (CVE-2025-53718) Exposes Systems to Local Privilege Escalation

Microsoft has issued a high-priority security advisory for a use-after-free vulnerability in the Windows Ancillary Function Driver for WinSock (AFD.sys). Tracked as CVE-2025-53718, the flaw allows a...

SE Security Desk·46w ago
Cve-2025-33064 · Cve-2025-49657

Critical Heap Overflow in Windows RRAS: Patch Now to Protect VPN Gateways from Remote Code Execution

Microsoft’s June–July 2025 security updates address a critical heap-based buffer overflow in the Windows Routing and Remote Access Service (RRAS) that could allow remote code execution against...

SE Security Desk·46w ago
Active Directory · Authentication

CVE-2025-33057: Microsoft Patches LSASS Null Pointer DoS That Can Crash Domain Controllers

Microsoft has released a security update for a vulnerability that allows an attacker with network access to crash the Local Security Authority Subsystem Service (LSASS) and trigger a...

SE Security Desk·46w ago