Threat Hunting
The latest Threat Hunting coverage — news, analysis, and updates from the WindowsNews.AI desk.
Cisco Rushes Patch for Critical 10.0 Bug Exposing Firewall Managers to Pre-Auth Shell Attacks
Cisco released an emergency software update Thursday for a maximum-severity vulnerability that allows unauthenticated attackers to seize full control of Secure Firewall Management Center (FMC)...
CodeMeter 8.30a Fixes Privilege Escalation (CVE-2025-47809) Affecting Siemens Windows ICS
A newly disclosed local privilege escalation vulnerability in Wibu-Systems CodeMeter Runtime (CVE-2025-47809) enables unprivileged Windows users to gain SYSTEM-level access during the brief...
Critical Word Flaw CVE-2025-53784 Lets Attackers Hijack PCs via Malicious Docs — Patch Immediately
Microsoft’s latest security advisory warns of a memory-corruption flaw in Word—CVE-2025-53784—that hands attackers a local-code-execution foothold from nothing more than a booby-trapped...
Microsoft's CVE-2025-53793 Advisory: Azure Stack Hub Authentication Flaw Exposes Sensitive Data
Microsoft has published an urgent security advisory for CVE-2025-53793, an improper authentication vulnerability in Azure Stack Hub that could allow unauthenticated attackers to access sensitive...
Microsoft Teams Flaw CVE-2025-53783: Unauthenticated RCE via Heap Overflow Sparks Urgent Patching
Microsoft has published a security advisory for CVE-2025-53783, a heap-based buffer overflow in Microsoft Teams that allows an unauthorized attacker to execute code remotely over a network. The...
CVE-2025-53740: Urgent Patch Needed as Office Use-After-Free RCE Threatens Enterprise Security
Microsoft has confirmed a critical use-after-free vulnerability in Microsoft Office, tracked as CVE-2025-53740, that could let attackers run arbitrary code when a user opens a maliciously crafted...
CVE-2025-53765: Microsoft Warns of Azure Stack Hub Data Leak Through Authorized Local Access
Microsoft’s Security Response Center has published an advisory for CVE-2025-53765, an information disclosure vulnerability in Azure Stack Hub that permits an attacker with local authorization to...
Microsoft Issues Advisory for Critical Excel RCE Flaw CVE-2025-53739, Urges Immediate Patching
A newly discovered vulnerability in Microsoft Excel, tracked as CVE-2025-53739, could allow attackers to execute arbitrary code on victims' machines simply by convincing them to open a specially...
CVE-2025-53733: Patch Microsoft Word RCE Now – Numeric Conversion Flaw Exploited
Microsoft has published advisory CVE-2025-53733, warning of a remote code execution vulnerability in Microsoft Word that stems from an incorrect conversion between numeric types during document...
Microsoft Closes Excel Heap Overflow Remote Code Execution Hole (CVE-2025-53737) — Patch Now
Microsoft’s April 2025 security updates included a fix for a heap overflow vulnerability in Excel that attackers could exploit to run arbitrary code on a victim’s machine. Tracked as...
Urgent Patch for CVE-2025-53732: Microsoft Office Heap Overflow Enables Remote Code Execution via Malicious Documents
Microsoft has released a critical security update addressing CVE-2025-53732, a heap-based buffer overflow vulnerability in Microsoft Office that allows remote code execution (RCE) when a user opens a...
Microsoft Patches Dynamics 365 On-Prem Flaw CVE-2025-53728 That Exposes Sensitive Data
Microsoft has released a security update to fix an information disclosure vulnerability in Dynamics 365 on-premises versions, tracked as CVE-2025-53728. The flaw, classified as allowing an...