Microsoft Security Response Center Blog Alerts

Use after free in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally.

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing locally.

Improper input validation in Windows Hyper-V allows an authorized attacker to execute code locally.

Use after free in Windows Cluster Client Failover allows an authorized attacker to elevate privileges locally.

Exposure of sensitive information to an unauthorized actor in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network.

Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally.

Improper input validation in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to elevate privileges locally.

Server-side request forgery (ssrf) in Azure DevOps Server allows an authorized attacker to perform spoofing over a network.

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.