Security Alerts
The latest Security Alerts coverage — news, analysis, and updates from the WindowsNews.AI desk.
CISA and FBI Warn Windows Users About Surging Medusa Ransomware Threats
The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) have issued a joint cybersecurity advisory warning about the rapidly evolving Medusa ransomware...
Critical Windows USB Video Driver Flaw Allows Code Execution — Patch Now
CVE-2025-24055: Critical Out-of-Bounds Read Vulnerability in Windows USB Video Driver Microsoft has disclosed a critical security vulnerability, CVE-2025-24055, affecting the Windows USB Video Class...
Patch now: Critical CVE-2025-24055 flaw in Windows USB Video driver risks kernel memory leak.
A newly discovered vulnerability in Windows' USB Video Class (UVC) driver has raised significant security concerns. Designated as CVE-2025-24055, this out-of-bounds read flaw could allow attackers to...
Patch Now: Critical CVE-2025-24991 NTFS Flaw Leaks Windows Data
Understanding CVE-2025-24991: Windows NTFS Vulnerability Explained A newly discovered vulnerability in Windows NTFS, tracked as CVE-2025-24991, has raised concerns among security professionals and...
CVE-2024-9157: Critical DLL Loading Vulnerability in Synaptics Software Threatens Windows Security
A newly discovered vulnerability (CVE-2024-9157) in Synaptics touchpad and biometric software exposes Windows systems to DLL hijacking attacks, putting millions of devices at risk. This critical...
Microsoft patches CVE-2025-24988 USB driver flaw targeted by physical attackers
A newly discovered vulnerability in Windows USB drivers, tracked as CVE-2025-24988, has raised significant security concerns among IT professionals and Windows users alike. This critical flaw in the...
Critical Windows Fast FAT Driver Flaw CVE-2025-24985 Enables Local Privilege Escalation
Microsoft has disclosed a critical security vulnerability (CVE-2025-24985) in the Windows Fast FAT file system driver that could allow attackers to execute arbitrary code with elevated privileges....
Critical CVE-2025-24077 Vulnerability Exposed in Microsoft Word: Local Code Execution Risk
A newly discovered critical vulnerability (CVE-2025-24077) in Microsoft Word has security experts sounding alarms due to its potential for local code execution attacks. This use-after-free flaw,...
Microsoft: Critical Windows Kernel Streaming Flaw (CVE-2025-24995) Enables Kernel Code Execution
Microsoft has disclosed a critical security vulnerability (CVE-2025-24995) affecting the Windows Kernel Streaming driver (ks.sys), which could allow attackers to execute arbitrary code with...
February 2025 Patch Fixes CVE-2025-21247 Windows URL Zone Bypass Flaw
Microsoft has disclosed a critical security vulnerability (CVE-2025-21247) in Windows' URL handling mechanism that could allow attackers to bypass security zones and execute malicious code. This...
Critical CVE-2025-24075: Buffer Overflow Vulnerability in Microsoft Excel Exposes Users to Local Code Execution
Critical CVE-2025-24075: Buffer Overflow Vulnerability in Microsoft Excel A newly discovered buffer overflow vulnerability (CVE-2025-24075) in Microsoft Excel poses a severe threat to users,...
CVE-2025-24070: Critical Authentication Flaw in ASP.NET Core and Visual Studio Exposes Systems to Privilege Escalation
CVE-2025-24070: Critical Vulnerability in ASP.NET Core and Visual Studio A newly discovered critical vulnerability (CVE-2025-24070) in Microsoft's ASP.NET Core framework and Visual Studio has sent...