Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

CVE-2025-1426: Chromium: CVE-2025-1006 Use after free in Network

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 133.0.3065.82 2/21/2025 133.0.6943.126/.127

Microsoft Security Response Center
#microsoft#chrome#Microsoft Edge (Chromium-based)#Security Vulnerability
CVE-2025-0999: Chromium: CVE-2025-0999 Heap buffer overflow in V8

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 133.0.3065.82 2/21/2025 133.0.6943.126/.127

FBI and CISA Warn of Ghost Ransomware: A Threat to Firms Worldwide

FBI and CISA warn of Ghost ransomware, a China-based cyber threat targeting businesses, schools, and healthcare worldwide by exploiting software vulnerabilities.

How One AI Startup Founder Cornered Microsoft Into Finally Taking Down Explicit Videos of Her

Breeze Liu has been a prominent advocate for victims. But even she struggled to scrub nonconsensual intimate images and videos of herself from the web.

Microsoft's End of Support for Exchange 2016 and 2019: What IT Teams Must Do Now

For decades, Microsoft Exchange has been the backbone of business communications, powering emailing, scheduling and collaboration for organizations worldwide. Whether deployed on-premises or in hybrid environments, companies of all sizes rely on Exchange for seamless internal and external communication, often integrating it deeply with their workflows, compliance policies and security frameworks

Microsoft Patches Actively Exploited Power Pages Privilege Escalation Vulnerability

Microsoft has released security updates to address two Critical-rated flaws impacting Bing and Power Pages, including one that has come under active exploitation in the wild. The vulnerabilities are listed below - CVE-2025-21355 (CVSS score: 8.6) - Microsoft Bing Remote Code Execution Vulnerability CVE-2025-24989 (CVSS score: 8.2) - Microsoft Power Pages Elevation of Privilege Vulnerability "

Russian Groups Target Signal Messenger in Spy Campaign

These sorts of attacks reveal growing adversary interest in secure messaging apps used by high-value targets for communication, Google says.

Malwarebytes introduces native ARM support for Windows devices 

Malwarebytes now protects ARM-based Windows devices, such as Microsoft’s Surface Pro X and Lenovo’s Yoga laptops.

CVE-2025-21355: Microsoft Bing Remote Code Execution Vulnerability

**Why are there no links to an update or instructions with steps that must be taken to protect from this vulnerability?** This vulnerability has already been fully mitigated by Microsoft. There is no action for users of this service to take. The purpose of this CVE is to provide further transparency. Please see Toward greater transparency: Unveiling Cloud Service CVEs for more information.