Microsoft Security Response Center Blog Alerts

Uncontrolled search path element in Visual Studio Code allows an authorized attacker to elevate privileges locally.

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.

Improper link resolution before file access (‘link following’) in Microsoft Windows allows an authorized attacker to elevate privileges locally.

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Use after free in Microsoft Office Access allows an unauthorized attacker to execute code locally.

Heap-based buffer overflow in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.

Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally.

Weak authentication in ASP.NET Core & Visual Studio allows an unauthorized attacker to elevate privileges over a network.

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Heap-based buffer overflow in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.