Microsoft Security Response Center Blog Alerts

CVE-2025-26645 Remote Desktop Client Remote Code Execution Vulnerability

Posted on Tuesday March 11, 2025

Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

 

CVE-2025-26633 Microsoft Management Console Security Feature Bypass Vulnerability

Posted on Tuesday March 11, 2025

Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally.

 

CVE-2025-26631 Visual Studio Code Elevation of Privilege Vulnerability

Posted on Tuesday March 11, 2025

Uncontrolled search path element in Visual Studio Code allows an authorized attacker to elevate privileges locally.

 

CVE-2025-26630 Microsoft Access Remote Code Execution Vulnerability

Posted on Tuesday March 11, 2025

Use after free in Microsoft Office Access allows an unauthorized attacker to execute code locally.

 

CVE-2025-26629 Microsoft Office Remote Code Execution Vulnerability

Posted on Tuesday March 11, 2025

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

 

CVE-2025-26627 Azure Arc Installer Elevation of Privilege Vulnerability

Posted on Tuesday March 11, 2025

Improper neutralization of special elements used in a command ('command injection') in Azure Arc allows an authorized attacker to elevate privileges locally.

 

Page:   12345678...120

Celebrating 35+ Years

Managed Internet Connections

Contact Us

Support Ends for Windows 10 22H2, Windows Server 2012 R2, Exchange 2013, Office 2016