CVE-2025-24984: Windows NTFS Information Disclosure Vulnerability

CVE-2025-24983: Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

CVE-2025-24084: Windows Subsystem for Linux (WSL2) Kernel Remote Code Execution Vulnerability

CVE-2025-24076: Microsoft Windows Cross Device Service Elevation of Privilege Vulnerability

CVE-2025-24075: Microsoft Excel Remote Code Execution Vulnerability

Improper neutralization of special elements used in a command ('command injection') in Azure Command Line Integration (CLI) allows an unauthorized attacker to elevate privileges locally.

Headline

CVE-2025-24049: Azure Command Line Integration (CLI) Elevation of Privilege Vulnerability

Microsoft Security Response Center: Latest News