Microsoft News Articles

CISA flags Windows Task Host vulnerability as exploited in attacks

CISA warned U.S. government agencies to secure their systems against a Windows Task Host privilege escalation vulnerability that could allow attackers to gain SYSTEM privileges.

14 hours ago

Microsoft, Salesforce Patch AI Agent Data Leak Flaws

Two recently fixed prompt injections in Salesforce Agentforce and Microsoft Copilot would have enabled an external attacker to leak sensitive data.

17 hours ago

Microsoft Issues Patches for SharePoint Zero-Day and 168 Other New Vulnerabilities

Microsoft fixes 169 vulnerabilities including exploited SharePoint CVE-2026-32201, prompting CISA remediation by April 28, 2026.

19 hours ago

CISA Adds Two Known Exploited Vulnerabilities to Catalog - IT Security News

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2009-0238 Microsoft Office Remote Code Execution Vulnerability CVE-2026-32201 Microsoft SharePoint Server Improper Input Validation Vulnerability  These types of...

1 day ago

CISA Adds Seven Known Exploited Vulnerabilities to Catalog - IT Security News

CISA has added seven new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2012-1854 Microsoft Visual Basic for Applications Insecure Library Loading Vulnerability CVE-2020-9715 Adobe Acrobat Use-After-Free Vulnerability CVE-2023-2152...

2 days ago

APT28 Deploys PRISMEX Malware in Campaign Targeting Ukraine and NATO Allies

APT28 deploys PRISMEX using zero-day CVEs since September 2025, targeting Ukraine’s supply chains and NATO partners for espionage and sabotage.

1 week ago

APT28 Deploys PRISMEX Malware In Campaign Targeting Ukraine And NATO Allies

The Russian threat actor known as APT28 (aka Forest Blizzard and Pawn Storm) has been linked to a fresh spear-phishing campaign targeting Ukraine and its allies to deploy a previously undocumented malware...

1 week ago

Exploited: 2024 Microsoft Bug Poses Critical Threat

The recent discovery of a significant SQL injection vulnerability has raised alarms among IT security professionals. This flaw, identified as CVE-2024-43468, is present in Microsoft Configuration Manager and poses a severe risk to unpatched systems. Exploited: 2024 Microsoft Bug Poses Critical Threa...

Critical Microsoft SCCM Vulnerability Under Active Attack, Warns CISA

CISA confirms active exploitation of CVE-2024-43468 in Microsoft Configuration Manager and urges immediate patching.

CISA Warns of Exploited Microsoft SCCM Vulnerability in Recent Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning to U.S. government agencies about a significant vulnerability in Microsoft Configuration Manager. This vulnerability, identified as CVE-2024-43468, was initially patched in October 2024 but has since been exploited in a...

CISA adds SolarWinds, Microsoft, Apple, Notepad++ vulnerabilities to KEV catalog

The Microsoft Configuration Manager vulnerability, patched in 2024, could enable RCE.

Critical Microsoft bug from 2024 under exploitation

Ignore patches at your own risk. According to Uncle Sam, a SQL injection flaw in Microsoft Configuration Manager patched in October 2024 is now being actively exploited, exposing unpatched businesses and...

CISA flags critical Microsoft SCCM flaw as exploited in attacks

CISA ordered federal agencies on Thursday to secure their systems against a critical Microsoft Configuration Manager vulnerability patched in October 2024 and now exploited in attacks.

CISA Issues Urgent Warning on Microsoft Configuration Manager SQL Injection Vulnerability Under Active Exploitation

CISA has added a critical SQL injection vulnerability in Microsoft Configuration Manager to its Known Exploited Vulnerabilities (KEV) catalogue.

Microsoft: New Windows LNK spoofing issues aren't vulnerabilities

Today, at Wild West Hackin' Fest, security researcher Wietze Beukema disclosed multiple vulnerabilities in Windows LK shortcut files that allow attackers to deploy malicious payloads.

Microsoft Rushes Emergency Patch for Office Zero-Day

To exploit the vulnerability, an attacker would need either system access or be able to convince a user to open a malicious Office file.

The 4 Worst Vulnerabilities of 2025 – And How To Boost Patch Management in 2026

What were the worst vulnerabilities of last year, according to experts? 2025 saw its fair share of dangerous security vulnerabilities, often exploited before firms were able to apply patches....

ESET Research analyzed a critical flaw in Windows Imaging Component, which abuses JPG files

ESET researchers have examined CVE-2025-50165, a serious Windows vulnerability that theoretically grants remote code execution by opening a specially crafted JPG file. However, ESET Research believes that the exploitation scenario is harder than it appears to be.

Windows Imaging Component Vulnerability Enables Remote Code Execution in Complex Attack Scenarios

Tracked as CVE-2025-50165, the flaw affects WindowsCodecs.dll, the core library that processes standard image formats, including PNG, GIF, and JPG.

Windows Imaging Component Vulnerability Can Lead to RCE Attacks Under Complex Attack Scenarios

Researchers analyzed Windows flaw, that affects the WIC and could let attackers run code using specially crafted JPEG files.

Windows Imaging Component Vulnerability May Allow RCE Through Advanced Exploitation

A new analysis of a critical security flaw in Microsoft Windows, tracked as CVE-2025-50165, affects the Windows Imaging Component.

Microsoft Brokering File System Vulnerability Let Attackers Escalate Privileges

Microsoft has fixed a serious Windows BFS driver, that allow local attackers gain higher privileges, posing a risk to enterprise systems.

Microsoft Brokering File System Vulnerability Enables Local Privilege Escalation

Microsoft has addressed a critical use-after-free vulnerability in its Brokering File System (BFS) driver that could allow attackers to escalate privileges on Windows systems.

Critical Windows Admin Center Flaw CVE-2025-64669 Exposes Servers to Attack

Discover a critical vulnerability in Windows Admin Center (CVE-2025-64669) that allows standard users to escalate privileges and take control of servers. Learn more and update now.

Microsoft Desktop Window Manager Vulnerability Allows Privilege Escalation

The vulnerability, tracked as CVE-2025-55681, resides in the dwmcore!CBrushRenderingGraphBuilderAddEffectBrush function and affects Windows systems through a complex attack chain.