CVE-2025-21380: Azure Marketplace SaaS Resources Information Disclosure Vulnerability

CVE-2025-21385: Microsoft Purview Information Disclosure Vulnerability

CVE-2024-12695: Chromium: CVE-2024-12695 Out of bounds write in V8

CVE-2024-12694: Chromium: CVE-2024-12694 Use after free in Compositing

CVE-2024-12693: Chromium: CVE-2024-12693 Out of bounds memory access in V8

**How can an attacker successfully exploit this vulnerability?**

This vulnerability can be exploited when an attacker with admin privileges creates an x509 certificate with an MD5 property, which causes certificate validation to fail with no further validation checks.

Headline

CVE-2024-21316: Windows Server Key Distribution Service Security Feature Bypass

Microsoft Security Response Center: Latest News