Security Alerts
The latest Security Alerts coverage — news, analysis, and updates from the WindowsNews.AI desk.
Excel zero-day CVE-2025-21387 with 9.8 CVSS exploited in attacks.
CVE-2025-21387: Critical RCE Vulnerability in Microsoft Excel Microsoft has issued an urgent security advisory regarding CVE-2025-21387, a critical Remote Code Execution (RCE) vulnerability affecting...
Excel Zero-Day CVE-2025-21386 Lets Attackers Hijack Systems via Malicious Spreadsheets
CVE-2025-21386: Microsoft Excel Remote Code Execution Vulnerability Microsoft has disclosed a critical security vulnerability (CVE-2025-21386) affecting Excel that could allow remote code execution...
CVE-2025-21381: Critical Microsoft Excel Vulnerability Explained
CVE-2025-21381: Understanding the Microsoft Excel Vulnerability A newly discovered vulnerability in Microsoft Excel, tracked as CVE-2025-21381, has raised significant concerns among cybersecurity...
CVE-2025-21371: Critical Windows Telephony Service Vulnerability Exposes Systems to Remote Code Execution
CVE-2025-21371: Windows Telephony Service Vulnerability Exposed A newly discovered vulnerability in Windows Telephony Service (CVE-2025-21371) has been classified as critical, allowing attackers to...
CVE-2025-21367: Patch Now – Win32 Flaw Grants SYSTEM Access
Microsoft has recently disclosed CVE-2025-21367, a critical elevation of privilege (EoP) vulnerability affecting multiple Windows versions, including Windows 10, 11, and Windows Server editions. This...
CVE-2025-21359: Critical Windows Kernel Security Vulnerability Explained and Mitigation Steps
Microsoft has issued a critical security alert regarding CVE-2025-21359, a newly discovered vulnerability in the Windows kernel that could allow attackers to execute arbitrary code with system-level...
Windows Core Messaging flaw grants SYSTEM access in February 2025 Patch Tuesday
CVE-2025-21358: Critical Elevation of Privileges Vulnerability in Windows Core Messaging Microsoft has disclosed a critical security vulnerability (CVE-2025-21358) affecting the Windows Core...
CVE-2025-21350: Critical Kerberos Vulnerability Threatens Windows Authentication Systems
CVE-2025-21350: New Denial of Service Vulnerability in Kerberos Explained A newly discovered vulnerability in the Kerberos authentication protocol, tracked as CVE-2025-21350, poses a significant...
CVE-2025-21349: Critical Windows Remote Desktop Vulnerability Exposed - What You Need to Know
CVE-2025-21349: New Vulnerability in Windows Remote Desktop Configuration Microsoft has disclosed a critical security vulnerability (CVE-2025-21349) affecting Windows Remote Desktop Services that...
Microsoft CVE-2025-21347: Remote attackers can crash WDS servers with crafted network packets.
CVE-2025-21347: Understanding the DoS Vulnerability in Windows Deployment Services Windows Deployment Services (WDS), a critical component for enterprise network administrators, has been found...
CVE-2025-21337: Critical NTFS Vulnerability Exposes Windows Systems to Privilege Escalation Attacks
A newly discovered vulnerability in Windows' NTFS file system (CVE-2025-21337) has security experts warning of potential widespread privilege escalation attacks. This critical flaw in the core...
Critical Vulnerability in Microsoft HPC Pack (CVE-2025-21198): Remote Code Execution Risk
Microsoft has issued an urgent security alert regarding a newly discovered critical vulnerability in Microsoft HPC Pack, tracked as CVE-2025-21198. This flaw could allow attackers to execute...