Microsoft Security Response Center Blog Alerts

Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

Stack-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Improper privilege management in Azure Agent Installer allows an authorized attacker to elevate privileges locally.

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally.

Use after free in Microsoft Local Security Authority Server (lsasrv) allows an authorized attacker to elevate privileges locally.

Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network.

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Uncontrolled search path element in Visual Studio Code allows an authorized attacker to elevate privileges locally.

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.