CVE-2025-24064: Windows  Domain Name Service Remote Code Execution Vulnerability

CVE-2025-24061: Windows Mark of the Web Security Feature Bypass Vulnerability

CVE-2025-24059: Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2025-24084: Windows Subsystem for Linux (WSL2) Kernel Remote Code Execution Vulnerability

CVE-2025-24075: Microsoft Excel Remote Code Execution Vulnerability

**According to the CVSS metric, the Attack Vector is Physical (AV:P). What does that mean for this vulnerability?**

An attacker needs physical access to the target computer to plug in a malicious USB drive.

Headline

CVE-2025-24984: Windows NTFS Information Disclosure Vulnerability

Microsoft Security Response Center: Latest News