Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

catdoc zero-day, NVIDIA, High-Logic FontCreator and Parallel vulnerabilities

Cisco Talos’ Vulnerability Discovery & Research team recently disclosed three zero-day vulnerabilities in catdoc, as well as vulnerabilities in Parallel, NVIDIA and High-Logic FontCreator 15.

TALOS
Open in Source
#vulnerability#web#ios#mac#windows#microsoft#debian#cisco#git#intel#buffer_overflow#zero_day
Microsoft Patches 67 Vulnerabilities Including WEBDAV Zero-Day Exploited in the Wild

Microsoft has released patches to fix 67 security flaws, including one zero-day bug in Web Distributed Authoring and Versioning (WEBDAV) that it said has come under active exploitation in the wild. Of the 67 vulnerabilities, 11 are rated Critical and 56 are rated Important in severity. This includes 26 remote code execution flaws, 17 information disclosure flaws, and 14 privilege escalation

CVE-2025-32711: M365 Copilot Information Disclosure Vulnerability

**Why are there no links to an update or instructions with steps that must be taken to protect from this vulnerability?** This vulnerability has already been fully mitigated by Microsoft. There is no action for users of this service to take. The purpose of this CVE is to provide further transparency. Please see Toward greater transparency: Unveiling Cloud Service CVEs for more information.

Patch Tuesday, June 2025 Edition

Microsoft today released security updates to fix at least 67 vulnerabilities in its Windows operating systems and software. Redmond warns that one of the flaws is already under active attack, and that software blueprints showing how to exploit a pervasive Windows bug patched this month are now public.

June 2025 Patch Tuesday: Microsoft Fixes 66 Bugs, Including Active 0-Day

June 2025 Patch Tuesday fixes 66 bugs, including a zero-day in WebDAV. Update Windows, Office, and more now to block active threats.

Stealth Falcon APT Exploits Microsoft RCE Zero-Day in Mideast

The bug is one of 66 disclosed and patched today by Microsoft as part of its June 2025 Patch Tuesday set of security vulnerability fixes.

June Microsoft Patch Tuesday

June Microsoft Patch Tuesday. A total of 81 vulnerabilities, roughly the same as in May. Among them, 15 vulnerabilities were added between the May and June MSPT. There are 3 vulnerabilities with signs of exploitation in the wild: 🔻 RCE – WEBDAV (CVE-2025-33053). The vulnerability is related to Internet Explorer mode in Microsoft Edge and […]

Microsoft Patch Tuesday for June 2025 — Snort rules and prominent vulnerabilities

Microsoft has released its monthly security update for June 2025, which includes 66 vulnerabilities affecting a range of products, including 10 that Microsoft marked as “critical.”

20 Top-Level Domain Names Abused by Hackers in Phishing Attacks

Disclosure: This article was provided by ANY.RUN. The information and analysis presented are based on their research and findings.

About Elevation of Privilege – Windows Common Log File System Driver (CVE-2025-32701, CVE-2025-32706) vulnerabilities

About Elevation of Privilege – Windows Common Log File System Driver (CVE-2025-32701, CVE-2025-32706) vulnerabilities. When Microsoft disclosed these vulnerabilities in the May Patch Tuesday, attackers were already exploiting them in the wild. The Common Log File System (CLFS) is a general-purpose logging service that can be used by software clients running in user-mode or kernel-mode. […]