Security Alerts
The latest Security Alerts coverage — news, analysis, and updates from the WindowsNews.AI desk.
Critical RRAS Heap Overflow Exposes Windows Servers to Unauthenticated Remote Code Execution
Microsoft has issued urgent patches for a heap-based buffer overflow in the Windows Routing and Remote Access Service (RRAS) that allows remote, unauthenticated attackers to execute arbitrary code on...
Urgent Patch for CVE-2025-50161: Win32K GRFX Heap Overflow Enables SYSTEM Escalation
Microsoft's latest security advisory warns of a heap-based buffer overflow in the Win32K GRFX subsystem that could allow an authenticated local attacker to escalate privileges to SYSTEM. Identified...
Microsoft Patches Critical RRAS Heap Overflow CVE-2025-50160 That Exposes VPN Servers to Remote Takeover
Microsoft has released a patch for a critical heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) tracked as CVE-2025-50160, which allows attackers to remotely execute code...
Microsoft Patches Critical Use-After-Free in Windows PPP EAP‑TLS, Enabling Local Privilege Escalation
Microsoft has issued a security advisory for CVE‑2025‑50159, a use‑after‑free vulnerability in the Remote Access Point‑to‑Point Protocol (PPP) EAP‑TLS implementation that can allow an...
The CVE That Wasn't: Unpacking NTFS TOCTOU Risks and Microsoft’s 2025 Patch Reality
A flurry of confusion swept across sysadmin channels this week after an advisory citing “CVE-2025-50158 — Windows NTFS Information Disclosure (TOCTOU)” began circulating, only for anyone...
Microsoft Patches Windows RRAS Bug That Leaks Confidential Data Over the Network
Microsoft has released a security update to address a serious information disclosure vulnerability in the Windows Routing and Remote Access Service (RRAS) that could allow attackers to extract...
Windows File Explorer NTLM Leak: CVE-2025-50154 Exposes Credentials in Stealthy Attacks
A single unassuming ZIP archive can now become a weapon to steal Windows credentials, thanks to a newly patched flaw in Windows File Explorer. Microsoft's March 11, 2025 Patch Tuesday update fixed a...
Windows AFD.sys Hit Again: Race Condition CVE-2025-49762 Opens Door to SYSTEM Access
Microsoft has disclosed yet another high-severity vulnerability in the Windows Ancillary Function Driver for WinSock (AFD.sys), this time a race condition tracked as CVE-2025-49762 that allows a...
Microsoft Patches Actively Exploited Windows DWM Use-After-Free Vulnerability CVE-2025-30400
A critical vulnerability in Windows Desktop Window Manager (DWM) gave attackers a direct path to SYSTEM privileges, and Microsoft confirmed it was being exploited in real-world attacks before May...
CVE-2025-25007: Critical Exchange Server Spoofing Vulnerability Demands Immediate Action Despite Scant Details
A newly disclosed spoofing vulnerability in Microsoft Exchange Server is ratcheting up urgency for enterprise security teams, even as technical specifics remain locked behind Microsoft’s...
Critical SQL Server Patches Land, but CVE Confusion Causes Headaches for Admins
Microsoft’s July 2025 Patch Tuesday brought a cluster of security updates for SQL Server that fix critical vulnerabilities, including a heap-based buffer overflow leading to remote code execution,...
Patch Now: CVE-2025-49761 Windows Kernel UAF Flaw Enables SYSTEM Takeover
A newly disclosed use-after-free vulnerability in the Windows kernel, tracked as CVE-2025-49761, hands a reliable privilege escalation path to any attacker who already has a toehold on a target...