CVE-2025-24053: Microsoft Dataverse Elevation of Privilege Vulnerability

CVE-2025-2137: Chromium: CVE-2025-2137 Out of bounds read in V8

CVE-2025-2136: Chromium: CVE-2025-2136 Use after free in Inspector

CVE-2025-2135: Chromium: CVE-2025-2135 Type Confusion in V8

CVE-2025-1920: Chromium: CVE-2025-1920 Type Confusion in V8

**How could an attacker exploit this vulnerability?**

An attacker could successfully exploit this vulnerability by connecting to a system with the Remote Desktop Gateway role, triggering the race condition to create a use-after-free scenario, and then leveraging this to execute arbitrary code.

Headline

CVE-2024-49123: Windows Remote Desktop Services Remote Code Execution Vulnerability

Microsoft Security Response Center: Latest News