Microsoft Security Response Center Blog Alerts

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Improper link resolution before file access (‘link following’) in Microsoft PC Manager allows an authorized attacker to elevate privileges locally.

Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

Improper privilege management in Windows Secure Kernel Mode allows an authorized attacker to elevate privileges locally.

Improper access control in Azure File Sync allows an authorized attacker to elevate privileges locally.

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

Use after free in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.

Improper limitation of a pathname to a restricted directory (‘path traversal’) in Azure allows an unauthorized attacker to elevate privileges over a network.

Out-of-bounds read in Web Threat Defense (WTD.sys) allows an unauthorized attacker to deny service over a network.