Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2025-47972: Windows Input Method Editor (IME) Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization (‘race condition’) in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges over a network.

Microsoft Security Response Center
#vulnerability#windows#microsoft#auth#Microsoft Input Method Editor (IME)#Security Vulnerability

Microsoft Security Response Center: Latest News

CVE-2025-49677: Microsoft Brokering File System Elevation of Privilege Vulnerability