CVE-2025-49728 — Microsoft PC Manager: Cleartext storage of sensitive information (Security‑feature bypass, local)
Summary (TL;DR)
Microsoft has assigned CVE‑2025‑49728 to a vulnerability in Microsoft PC Manager where sensitive information is stored in cleartext, enabling a local, unauthorized...
Microsoft has published an advisory for CVE-2025-50170, a local elevation-of-privilege (EoP) vulnerability in the Windows Cloud Files Mini Filter Driver (cldflt.sys) that—when reached by a local, authorized attacker—can be abused to obtain higher privileges on affected machines. The flaw stems...