CVE-2025-24053: Microsoft Dataverse Elevation of Privilege Vulnerability

CVE-2025-2137: Chromium: CVE-2025-2137 Out of bounds read in V8

CVE-2025-2136: Chromium: CVE-2025-2136 Use after free in Inspector

CVE-2025-2135: Chromium: CVE-2025-2135 Type Confusion in V8

CVE-2025-1920: Chromium: CVE-2025-1920 Type Confusion in V8

**Are there any additional steps that I need to follow to be protected from this vulnerability?**

The changes to address this vulnerability updated Virtual Secure Mode components. The policy described in Guidance for blocking rollback of Virtualization-based Security (VBS) related security updates has been updated to account for the latest changes. If you deployed this policy, then you'll need to redeploy using the updated policy.

Headline

CVE-2025-21284: Windows Virtual Trusted Platform Module Denial of Service Vulnerability

Microsoft Security Response Center: Latest News