CVE-2025-24064: Windows  Domain Name Service Remote Code Execution Vulnerability

CVE-2025-24061: Windows Mark of the Web Security Feature Bypass Vulnerability

CVE-2025-24059: Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2025-24084: Windows Subsystem for Linux (WSL2) Kernel Remote Code Execution Vulnerability

CVE-2025-24075: Microsoft Excel Remote Code Execution Vulnerability

**How could an attacker exploit this vulnerability?**

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then trigger an event that could exploit the vulnerability and save an invalid state to a database or trigger other unintended actions.

Headline

CVE-2025-24994: Microsoft Windows Cross Device Service Elevation of Privilege Vulnerability

Microsoft Security Response Center: Latest News