Threat Detection
The latest Threat Detection coverage — news, analysis, and updates from the WindowsNews.AI desk.
Microsoft PC Manager Vulnerability Leaks Passwords — Patch Available
Microsoft has confirmed a troubling security flaw in PC Manager, its free system maintenance utility for Windows, that stores sensitive information in plain text, leaving credentials and other...
Microsoft Sentinel UEBA Now Ingests AWS, GCP, Okta Logs for AI-Driven Threat Detection
Microsoft has quietly rolled out a major update to its cloud-native SIEM, Microsoft Sentinel, significantly expanding the data sources its User and Entity Behavior Analytics (UEBA) engine can digest....
Windows OT Security Alert: Siemens Flaw CVE-2025-40757 Leaks Device Databases Over BACnet
A newly disclosed vulnerability in Siemens APOGEE PXC and TALON TC building automation controllers allows unauthenticated attackers to pull encrypted database files directly over the BACnet protocol,...
Microsoft’s September Patch Tuesday Combats Office RCEs and Preview Pane Exploits with 80+ Fixes
Microsoft’s September 9, 2025 Patch Tuesday release delivers over 80 security fixes, but a cluster of critical Office remote code execution (RCE) vulnerabilities—some exploitable through document...
Microsoft Deploys SMB Relay Attack Auditing in CVE-2025-55234, Urges Phased Hardening Before Enforcement
Microsoft has released CVE-2025-55234 not as a traditional patch for a new vulnerability, but as a strategic operational toolkit designed to help administrators audit and harden their SMB...
Microsoft Patches Critical Type-Confusion Bug in Windows Defender Firewall Service (CVE-2025-54915)
Microsoft has released a patch for CVE-2025-54915, a local privilege escalation vulnerability in the Windows Defender Firewall Service that exploits a type-confusion error. The flaw, described by...
Urgent Patch Alert: Windows VHD Bug CVE-2025-54112 Enables Full System Compromise
A single booby-trapped VHD file is all an attacker needs to jump from limited user to complete Windows server or workstation control. That’s the reality behind CVE-2025-54112, the latest...
Windows camsvc Race Condition Exploited for SYSTEM Access: Urgent Patch Deployed
A race condition in the Windows Capability Access Management Service (camsvc) allows a local attacker to escalate privileges to SYSTEM, Microsoft confirmed in a July 2025 security advisory. The...
CVE-2025-54093: Windows TCP/IP Race Condition Grants SYSTEM Access – Patch Now
Microsoft has disclosed a local elevation-of-privilege vulnerability in the Windows TCP/IP driver that gives authenticated attackers a clear path to SYSTEM-level control. Tracked as CVE-2025-54093...
Microsoft Issues Urgent Fix for Windows Defender Firewall Type-Confusion EoP (CVE-2025-54104)
Microsoft has confirmed a critical elevation-of-privilege vulnerability in the Windows Defender Firewall Service (MpsSvc) that could enable an attacker with local access to escalate to SYSTEM-level...
Critical Hyper-V Privilege Escalation Flaw (CVE-2025-54098) Demands Immediate Patching
Microsoft has released a security update to fix a serious privilege escalation vulnerability in Windows Hyper-V, tracked as CVE-2025-54098, that could allow an attacker with local access to elevate...
Critical Windows LSASS Bug Exposes Domain Controllers to Authentication DoS Attacks
Microsoft’s latest security advisory for CVE-2025-53809 details a network-exploitable denial-of-service flaw in the Windows Local Security Authority Subsystem Service, the bedrock of authentication...