Microsoft News Articles

Windows Admin Center Vulnerability (CVE-2025-64669) Let Attackers Escalate Privileges

A new local privilege escalation vulnerability in Microsoft’s Windows Admin Center (WAC), affecting versions up to 2.4.2.1 and environments running WAC 2411 and earlier.

1 day ago

Windows Admin Center Vulnerability Allows Attackers to Escalate Privileges

The flaw, tracked as CVE-2025-64669, affects all versions up to WAC 2411 and poses a significant threat to enterprise infrastructure management systems worldwide.

2 days ago

New Windows RasMan zero-day flaw gets free, unofficial patches

Free unofficial patches are available for a new Windows zero-day vulnerability that allows attackers to crash the Remote Access Connection Manager (RasMan) service.

6 days ago

Privilege Escalation Flaw Found in Windows Remote Access Connection Manager

The vulnerabilities stem from distinct technical weaknesses in the Remote Access Connection Manager component.

6 days ago

Windows Remote Access Connection Manager Flaws Allow Privilege Escalation

Microsoft disclosed two elevation-of-privilege vulnerabilities in Windows Remote Access Connection Manager this week, both rated Important.

6 days ago

CVE-2025-62221 and CVE-2025-54100: Windows Elevation of Privilege and RCE Zero-Day Vulnerabilities Patched | SOC Prime

Explore details for CVE-2025-62221 and CVE-2025-54100 zero-day vulnerabilities in Windows products, with an in-depth analysis on our SOC Prime blog.

6 days ago

Warning, Cybercriminals Exploiting Windows and WinRAR Flaws

Urgent alert: Cybercriminals are exploiting critical Windows and WinRAR vulnerabilities. Discover how to protect your data before it’s too late.

6 days ago

Alert! Hackers targeting Windows and WinRAR vulnerabilities

The US cyber agency has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog.

1 week ago

Microsoft And CISA Issue Critical New Alert, Windows Attacks Confirmed

Do not wait; the attacks have already started, and Windows users are the target. Update now.

1 week ago

Windows Defender Firewall Service Vulnerability Lets Attackers Disclose Sensitive Data

Tracked as CVE-2025-62468, the vulnerability was publicly released on December 9, 2025, and has been assigned an "Important" severity rating by Microsoft.

1 week ago

Windows Defender Firewall Flaw Allows Attackers to Access Sensitive Data

Microsoft has officially addressed a new security vulnerability affecting the Windows Defender Firewall Servic allow threat actors to access sensitive information.

1 week ago

Windows PowerShell 0-Day Vulnerability Allows Attackers to Execute Malicious Code

Tracked as CVE-2025-54100, the flaw was publicly disclosed on December 9, 2025, and is classified by Microsoft as an “Important” remote code execution

1 week ago

Windows PowerShell 0-Day Vulnerability Let Attackers Execute Malicious Code

Microsoft has released a security update to fix a Windows PowerShell flaw that could let attackers run malicious code on a system

1 week ago

U.S. CISA adds Microsoft Windows and WinRAR flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Microsoft Windows and WinRAR flaws to its Known Exploited Vulnerabilities catalog.

1 week ago

Patch Tuesday: Microsoft EoP, NotePad++, Ivanti, Fortinet

Happy December Patch Tuesday to all who celebrate. This month's patch party includes one Microsoft flaw under exploitation, plus two others listed as publicly known – but just 57 CVEs in total from...

1 week ago

Microsoft Fixes Exploited Zero Day in Light Patch Tuesday

Proof-of-concept exploit code is publicly available for two other flaws in December's security updates.

1 week ago

Windows 11 December 2025 update fixes 57 flaws, one zero-day

Microsoft's December 2025 Windows 11 update addresses 57 vulnerabilities, including a critical zero-day privilege escalation flaw.

1 week ago

Microsoft releases Windows 10 KB5071546 extended security update

Microsoft has released the KB5071546 extended security update to resolve 57 security vulnerabilities, including three zero-day flaws.

1 week ago

Microsoft fixes Windows shortcut flaw exploited for years

Microsoft has quietly closed off a critical Windows shortcut file bug long abused by espionage and cybercrime networks. The flaw, tracked as CVE-2025-9491, allows malicious .lnk shortcut files to hide harmful...

2 weeks ago

Microsoft Silently Patches Windows LNK Flaw After Years of Active Exploitation

Microsoft fixes the Windows LNK flaw CVE-2025-9491, a bug exploited by multiple state groups since 2017.

2 weeks ago

November 2025 Cybersecurity Threat Advisory | Crowe UAE

Stay ahead of cyber threats with in-depth analysis of critical vulnerabilities, major attacks, and expert recommendations from the November 17–23, 2025 Threat Advisory. Learn about CVEs, brute-force surges, and proactive defense for your organization.

3 weeks ago

How NTLM is being abused in 2025 cyberattacks

This article covers NTLM relay, credential forwarding, and other NTLM-related vulnerabilities and cyberattacks discovered in 2025.

3 weeks ago

Windows Server Vulnerability Exploited: ShadowPad Malware Deployed

CVE-2025-59287 vulnerability in Windows Server Update Services exploited to deploy ShadowPad malware. Learn how attackers used this flaw to gain access.

3 weeks ago

Attackers deliver ShadowPad via newly patched WSUS RCE bug

Attackers exploited a patched WSUS flaw (CVE-2025-59287) to gain access, use PowerCat for a shell, and deploy the ShadowPad malware.

3 weeks ago

Attackers deliver ShadowPad via newly patched WSUS RCE bug

Attackers exploited a patched WSUS flaw (CVE-2025-59287) to gain access, use PowerCat for a shell, and deploy the ShadowPad malware.

3 weeks ago

ShadowPad Backdoor Exploits WSUS Zero-Day to Breach Enterprise Environments

The ShadowPad malware explodes in the wild exploiting a WSUS zero-day (CVE-2025-59287) to gain full system access on Windows servers.

3 weeks ago

ShadowPad Malware Actively Exploits WSUS Vulnerability for Full System Access

ShadowPad malware is being delivered through an actively exploited WSUS vulnerability, granting attackers full system access.

3 weeks ago

Critical Vulnerability in Azure Bastion Let Attackers Bypass Authentication and Escalate privileges

Microsoft addressed a flaw in Azure Bastion, that allows attackers to bypass authentication and escalate privileges to administrative levels.

4 weeks ago

Critical Azure Bastion Vulnerability Lets Attackers Bypass Login and Escalate Privileges

A critical authentication bypass vulnerability in Azure Bastion, its managed remote access service.

4 weeks ago

Chinese Hackers Exploiting WSUS Remote Code Execution Vulnerability to Deploy ShadowPad Malware

Chinese-backed hackers exploit CVE-2025-59287 in WSUS to push ShadowPad, using the flaw for system-level access.

4 weeks ago

Critical Vulnerability in Azure Bastion Scores 10! When RDP and SSH in the Cloud Are Checkmated

Learn about the critical vulnerability in Azure Bastion, CVE-2025-49752, that allows authentication bypass and privilege escalation. Update now to protect your VMs.

4 weeks ago

Critical Vulnerability in Azure Bastion Scores 10! When RDP and SSH in the Cloud Are Checkmated

Learn about the critical vulnerability in Azure Bastion, CVE-2025-49752, that allows authentication bypass and privilege escalation. Update now to protect your VMs.

4 weeks ago

Chinese Hackers Exploiting WSUS Remote Code Execution Vulnerability to Deploy ShadowPad Malware

Security researchers at the AhnLab Security Intelligence Center (ASEC) have uncovered a sophisticated cyberattack campaign targeting Microsoft Windows Server Update Services.

4 weeks ago

Chinese Hackers Exploiting WSUS Remote Code Execution Vulnerability to Deploy ShadowPad Malware

Security researchers at the AhnLab Security Intelligence Center (ASEC) have uncovered a sophisticated cyberattack campaign targeting Microsoft Windows Server Update Services.

4 weeks ago

Windows Graphics Flaw Lets Hackers Take Over with Just One Image

A flaw in the Windows Graphics Component that enables attackers to seize complete control of computers using nothing more than a crafted image file.

4 weeks ago

Windows Graphics Flaw Lets Hackers Take Over with Just One Image

A flaw in the Windows Graphics Component that enables attackers to seize complete control of computers using nothing more than a crafted image file.

4 weeks ago

Critical Microsoft Alert — Update Windows 10, 11 And Server Right Now

Microsoft has confirmed a zero-day vulnerability in the Windows Kernel that attackers have already exploited to gain system privileges. Act now.

U.S. CISA adds WatchGuard Firebox, Microsoft Windows, and Gladinet Triofox flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds WatchGuard Firebox, Microsoft Windows, and Gladinet Triofox flaws to its Known Exploited Vulnerabilities catalog.

CVE-2025-62215: Microsoft Patches Windows Kernel Zero-Day Vulnerability Under Active Exploitation | SOC Prime

Explore CVE-2025-62215 analysis, a critical Windows kernel zero-day under active exploitation, with the details on the SOC Prime blog.

Update now: November Patch Tuesday fixes Windows zero-day exploited in the wild

This month’s Windows update closes several major security holes, including one that’s already being used by attackers. Make sure your PC is up to date.

Microsoft Fixes 63 Security Flaws, Including a Windows Kernel Zero-Day Under Active Attack

Microsoft fixes 63 flaws, including an exploited Windows Kernel zero-day and a critical RCE bug.

Patch Tuesday: Microsoft fixes actively exploited Windows kernel vulnerability (CVE-2025-62215) - Help Net Security

Microsoft fixed some 60+ vulnerabilities on this Patch Tuesday, among them an actively exploited Windows Kernel flaw (CVE-2025-62215).

Windows Kernel 0-Day Vulnerability Actively Exploited in the Wild to Escalate Privileges

Microsoft's exploitability index lists "Exploitation Detected," indicating real-world use despite the absence of public disclosure.​

Microsoft Patch Tuesday addresses 63 defects, including one actively exploited zero-day

Researchers warn that although exploitation of the zero-day is complex, a functional exploit exists in the wild.

Patch Now: Microsoft Flags Zero-Day & Zero-Click Bugs

Security teams may have a less burdensome rollout in November after October's Goliath Patch Tuesday, but shouldn't wait on priority fixes.

Chinese hackers target Western diplomats using hard-to-patch Windows shortcut flaw

Chinese UNC6384 campaign cleverly exploits Windows .LNK vulnerability, security company finds.

Chinese hackers target European diplomatic agencies (including Italy)

Hackers from the China-linked UNC6384 group are conducting a cyberespionage campaign against European diplomatic and government agencies by exploiting a Windows vulnerability.