Microsoft News Articles
Recent news articles refferecing the vendors vulnerabilities.

CISA Adds One Known Exploited Vulnerability to Catalog | CISA
CISA has added one new vulnerability to itsĀ Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-49138(link is external) Microsoft Windows Common Log File System (CLFS)...
1 week ago
Update Windows Now ā Microsoft Confirms System Takeover Danger
Microsoft has issued a warning that Windows hackers could gain system privileges using this authentication relay attack ā an update is available; apply now.
2 weeks ago

Update Windows Now ā Microsoft Confirms System Takeover Danger
Microsoft has issued a warning that Windows hackers could gain system privileges using this authentication relay attack ā an update is available; apply now.
2 weeks ago
Week in review: Microsoft fixes exploited zero-day, Mirai botnets target unpatched Wazuh servers - Help Net Security
Hereās an overview of some of last weekās most interesting news, articles, interviews and videos: Microsoft fixes zero-day exploited for cyber espionage
2 weeks ago

First Known Zero-Click AI Exploit: Microsoft 365 Copilot's 'EchoLeak' Flaw
Security researchers uncovered āEchoLeak,ā a zero-click flaw in Microsoft 365 Copilot, exposing sensitive data without user action. Microsoft has mitigated the vulnerability.
2 weeks ago
āEchoLeakā AI Attack Enabled Theft of Sensitive Data via Microsoft 365 Copilot
Microsoft recently patched CVE-2025-32711, a vulnerability that could have been used for zero-click attacks to steal data from Copilot.
3 weeks ago

CVE-2025-33053: RCE in WebDAV
Microsoft has fixed the CVE-2025-33053 vulnerability in Web Distributed Authoring and Versioning (WebDAV), which allowed attackers to remotely execute arbitrary code on a victim's computer.
3 weeks ago
Hackers exploited Windows WebDav zero-day to drop malware
An APT hacking group known asĀ 'Stealth Falcon' exploited a Windows WebDav RCE vulnerability in zero-day attacks since March 2025 against defense and government organizations in Turkey, Qatar, Egypt, and Yemen.
3 weeks ago
Microsoft Patches Two New RCE Vulnerabilities: CVE-2025-47171 and CVE-2025-47176Ā
Morphisec Threat Labs discovers and details two severe Microsoft Outlook vulnerabilities: CVE-2025-47171 and CVE-2025-47176.
3 weeks ago
Microsoft fixes Windows Server auth issues caused by April updates
Microsoft has fixed a known issue causing authentication problems on Windows Server domain controllers after installing the April 2025 security updates.
3 weeks ago
Microsoft fixes zero-day exploited for cyber espionage (CVE-2025-33053) - Help Net Security
For June 2025 Patch Tuesday, Microsoft has fixed 66 new CVEs, including a zero-day exploited in the wild (CVE-2025-33053).
3 weeks ago
Microsoft Patches 67 Vulnerabilities Including WEBDAV Zero-Day Exploited in the Wild
Microsoft patches 67 vulnerabilities, including a WEBDAV zero-day actively exploited by Stealth Falcon. Critical for enterprise security.
3 weeks ago
Patch Tuesday, June 2025 Edition
Microsoft today released security updates to fix at least 67 vulnerabilities in its Windows operating systems and software. Redmond warns that one of the flaws is already under active attack, and that software blueprints showing how to exploit a pervasiveā¦
3 weeks ago

Windows network vulnerability CVE-2025-33073 (Reflective Kerberos Relay Attack)
[German]On June 10, 2025, Microsoft also patched the vulnerability CVE-2025-33073 with the security updates for Windows. This is a vulnerability in the Kerberosā¦
3 weeks ago
June Patch Tuesday brings a lighter load for defenders | Computer W...
Barely 70 vulnerabilities make the cut for Microsoft's monthly security update, but an RCE flaw in WEBDAV and an EoP issue in Windows SMB Client still warrant close attention.
3 weeks ago

Windows WEBDAV 0-Day RCE Vulnerability Actively Exploited in the Wild - All Versions Affected
Microsoft has confirmed that a critical zero-day vulnerability in its Web Distributed Authoring and Versioning (WebDAV) implementation is being actively exploited by attackers in the wild, prompting an urgent security update as part of June 2025's Patch Tuesday.
3 weeks ago

Microsoft tackles WebDAV zero-day in June 2025 patch update
Microsoftās June 2025 patch fixes 67 flaws, including the first WebDAV zero-day in seven years and critical remote code execution issues across Windows and Office.
3 weeks ago

Microsoft Windows WebDAV 0-Day RCE Vulnerability Actively Exploited in The Wild
A critical zero-day vulnerability in Microsoft Windows, designated CVE-2025-33053, has been actively exploited by the APT group Stealth Falcon.
3 weeks ago

Attention: June 2025 Patchday closes vulnerability CVE-2025-33073 in Windows
[German]On June 11, 2025, Microsoft will hold its regular patch day and release security updates for Windows. Administrators in companies should install theā¦
3 weeks ago
Microsoft shares script to restore inetpub folder you shouldnāt delete
Microsoft has released a PowerShell script to help restore an empty 'inetpub' folder created by the April 2025 Windows security updates if deleted. As Microsoft previously warned, this folder helps mitigate a high-severity Windows Process Activation privilege escalation vulnerability.
3 weeks ago

Microsoft Unveils European Security Effort to Disrupt Cybercrime Networks
The flaw, patched during Microsoftās March 2025 Patch Tuesday, was actively exploited as a zero-day in the wild
3 weeks ago

CISA Adds Five Known Exploited Vulnerabilities to Catalog | CISA
CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-30400(link is external) Microsoft Windows DWM Core Library...
1 month ago

Windows Privilege Escalation Flaw Allows Attackers to Gain Admin Access in Under 300 Milliseconds
Security researchers have uncovered a critical vulnerability in Windows 11 that allowed attackers to escalate privileges.
Windows Is Under Attack, Microsoft Confirms ā Act Now, CISA Warns
Microsoft has confirmed multiple new Windows zero-day attacks. Here's what you need to know and do, right now.

BitLocker Encryption Bypassed in Minutes Using Bitpixie Vulnerability: PoC Released
A critical vulnerability in Microsoftās BitLocker full disk encryption, demonstrating that it can be bypassed in under five minutes using a software-only attack dubbed "Bitpixie" (CVE-2023-21563).

Critical Microsoft Outlook Flaw Enables Remote Execution of Arbitrary Code
Newly disclosed vulnerability in Microsoft Outlook (CVE-2025-32705) permits attackers to execute arbitrary code on compromised systems.

Outlook RCE Vulnerability Allows Attackers to Execute Arbitrary Code
Microsoft addressed a significant security flaw in its Outlook email client during the May 2025 Patch Tuesday, releasing fixes for 72 vulnerabilities.
Windows CLFS Zero-Day Vulnerability Actively Exploited in the Wild
Microsoft has disclosed two critical security vulnerabilities in the Windows CLFS Driver that are currently being exploited in the wild.

Windows Ancillary for WinSock 0-Day Vulnerability Actively Exploited to Gain Admin Access.
Microsoft has confirmed active exploitation of a critical privilege escalation vulnerability in the Windows Ancillary Function Driver for WinSock.

New Microsoft Scripting Engine Vulnerability Exposes Systems to Remote Code Attacks
Critical zero-day vulnerability in Microsoftās Scripting Engine (CVE-2025-30397) has been confirmed to enable remote code execution.

Microsoft Scripting Engine 0-Day Vulnerability Enables Remote Code Execution Over Network
Microsoft has disclosed a critical memory corruption vulnerability in its Scripting Engine (CVE-2025-30397), which allows unauthorized attackers to execute code remotely over a network.
Windows Common Log File System 0-Day Vulnerability Actively Exploited in the Wild
Microsoft has confirmed that threat actors are actively exploiting two critical vulnerabilities in the Windows Common Log File System (CLFS) driver to gain SYSTEM-level privileges on compromised systems.

Mitigate High-Risk Vulnerabilities Using TruRisk | Qualys
Mitigate high-risk vulnerabilities with TruRisk Mitigate. Implement configuration fixes and alternative solutions to protect your systems without patching.

Play Ransomware Deployed in the Wild Exploiting Windows 0-Day Vulnerability
Patched Windows zero-day vulnerability (CVE-2025-29824) in the CLFS driver was exploited in attacks linked to the Play ransomware operation.
Play Ransomware Group Used Windows Zero-Day
Previously, Microsoft reported that Storm-2460 had also used the privilege escalation bug to deploy ransomware on organizations in several countries.
Play ransomware exploited Windows logging flaw in zero-day attacks
The Play ransomware gangĀ has exploited a high-severity Windows Common Log File System flaw in zero-day attacks to gain SYSTEM privileges and deploy malware on compromised systems.

Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day to Breach U.S. Organization
Play ransomware exploited CVE-2025-29824 zero-day in a U.S. breach before Microsoft patched it
Microsoft: April updates cause Windows Server auth issues
Microsoft says the April 2025 security updates are causing authentication issues on some Windows Server 2025 domain controllers.
Second Ransomware Group Caught Exploiting Windows Flaw as Zero-Day
At least two ransomware groups exploited the Windows zero-day CVE-2025-29824 before it was patched by Microsoft.
Windows "inetpub" security fix can be abused to block future updates
A recent Windows security update that creates an 'inetpub' folder has introduced a new weakness allowing attackers to prevent the installation of future updates.

Windows 11's crucial new 'inetpub' folder is laughably easy to hack
The inetpub folder in Windows is meant to be a security measure, but attackers can block it and cause all sorts of issues due to another vulnerability.

Critical Flaw in Windows Update Stack Enables Code Execution and Privilege Escalation
A newly discovered vulnerability in the Windows Update Stack, tracked as CVE-2025-21204, enable attackers to execute arbitrary code.

Critical Windows Update Stack Vulnerability Allows Code Execution & Privilege Escalation
A significant security flaw has been identified in the Windows Update Stack, exposing millions of Windows systems to the risk of unauthorized code execution and privilege escalation.Ā
Alarms sound over attacks via Microsoft NTLM vulnerability
Attacks targeting government and contractor companies in Poland and Romania via NTLM exploit.
Alarms sound over attacks via Microsoft NTLM vulnerability
Attacks targeting government and contractor companies in Poland and Romania via NTLM exploit.

Windows vulnerability with NTLM hash abuse exploited for phishing
A vulnerability in Windows that exposes NTLM hashes via .library-ms files is currently being actively exploited by hackers
U.S. CISA adds Apple products and Microsoft Windows NTLM flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Apple products and Microsoft Windows NTLM flaws to its Known Exploited Vulnerabilities catalog

CISA Warns of Active Exploitation of Windows NTLM Vulnerability
CISA alerted organizations to active exploitation of a newly disclosed Microsoft Windows vulnerability tracked as CVE-2025-24054.

CVE-2025-24054 Under Active AttackāSteals NTLM Credentials on File Download
Windows flaw CVE-2025-24054 actively exploited since March 19 to leak NTLM hashes via phishing attacks.