Microsoft Security Response Center Blog Alerts

Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally.

Use after free in Windows Hyper-V allows an authorized attacker to execute code over a network.

Out-of-bounds read in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally.

Weak authentication in Windows Hello allows an authorized attacker to bypass a security feature over a network.

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Use after free in Windows Win32K – GRFX allows an unauthorized attacker to elevate privileges over a network.

Improper privilege management in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally.

Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows Secure Channel allows an authorized attacker to elevate privileges locally.

Uncontrolled resource consumption in Windows LDAP – Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.