Microsoft Security Response Center Blog Alerts

Protection mechanism failure in Windows Mark of the Web (MOTW) allows an unauthorized attacker to bypass a security feature locally.

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.

Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally.

Improper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally.

Incorrect conversion between numeric types in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Heap-based buffer overflow in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally.

Information published.

Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.

Heap-based buffer overflow in Windows Telephony Server allows an unauthorized attacker to execute code over a network.

Heap-based buffer overflow in Windows exFAT File System allows an unauthorized attacker to execute code locally.