**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

2 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #microsoft #Windows DWM Core Library #Security Vulnerability

CVE-2025-20570: Visual Studio Code Elevation of Privilege Vulnerability

Improper access control in Visual Studio Code allows an authorized attacker to elevate privileges locally.

2 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #auth #Visual Studio Code #Security Vulnerability

CVE-2025-29811: Windows Mobile Broadband Driver Elevation of Privilege Vulnerability

Improper input validation in Windows Mobile Broadband allows an authorized attacker to elevate privileges locally.

2 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #auth #Windows Mobile Broadband #Security Vulnerability

CVE-2025-29819: Windows Admin Center in Azure Portal Information Disclosure Vulnerability

**What type of information could be disclosed by this vulnerability?** The type of information that could be disclosed if an attacker successfully exploited this vulnerability includes unauthorized read-only access to the local file system.

2 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #auth #Azure Portal Windows Admin Center #Security Vulnerability

CVE-2025-29816: Microsoft Word Security Feature Bypass Vulnerability

**Is the Preview Pane an attack vector for this vulnerability?** No, the Preview Pane is not an attack vector.

2 months ago

Microsoft Security Response Center

Open in Source

#vulnerability #microsoft #Microsoft Office Word #Security Vulnerability

CVE-2025-29812: DirectX Graphics Kernel Elevation of Privilege Vulnerability

Untrusted pointer dereference in Windows Kernel Memory allows an authorized attacker to elevate privileges locally.