CVE-2025-0451: Chromium: CVE-2025-0451 Inappropriate implementation in Extensions API

CVE-2025-0445: Chromium: CVE-2025-0445 Use after free in V8

CVE-2025-0444: Chromium: CVE-2025-0444 Use after free in Skia

CVE-2025-21342: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

CVE-2025-21408: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

**What kind of security feature could be bypassed by successfully exploiting this vulnerability?**

A hypervisor-protected code integrity (HVCI) security feature bypass vulnerability could exist when Windows incorrectly allows certain kernel-mode pages to be marked as Read, Write, Execute (RWX) even with HVCI enabled. To exploit this vulnerability an attacker could run a specially crafted script at administrator level that exploits a signed driver to bypass code integrity protections in Windows.

Headline

CVE-2024-21431: Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability

Microsoft Security Response Center: Latest News