Microsoft Security Response Center Blog Alerts

CVE-2025-33053 Internet Shortcut Files Remote Code Execution Vulnerability

Posted on Thursday June 19, 2025

Corrected the CVE description and title. This is an informational change only.

 

CVE-2024-28923 Secure Boot Security Feature Bypass Vulnerability

Posted on Friday June 13, 2025

Added an acknowledgement. This is an informational change only.

 

Chromium: CVE-2025-5958 Use after free in Media

Posted on Friday June 13, 2025

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

 

Chromium: CVE-2025-5959 Type Confusion in V8

Posted on Friday June 13, 2025

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

 

CVE-2025-32711 M365 Copilot Information Disclosure Vulnerability

Posted on Wednesday June 11, 2025

Ai command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.

 

CVE-2025-47176 Microsoft Outlook Remote Code Execution Vulnerability

Posted on Tuesday June 10, 2025

'.../...//' in Microsoft Office Outlook allows an authorized attacker to execute code locally.

 

Page:   12345...172

Celebrating 35+ Years

Off-Site Cloud Backups

Contact Us

Support Ends for Windows 10 22H2, Windows Server 2012 R2, Exchange 2013, Office 2016