Microsoft has published an advisory for CVE-2025-54110, a Windows Kernel vulnerability caused by an integer overflow or wraparound that can be triggered by a locally authorized attacker to achieve elevation of privilege to SYSTEM on affected machines; administrators should treat this as a...
A newly disclosed memory-corruption flaw in Microsoft Word—tracked as CVE-2025-53784—has been classified as a use-after-free vulnerability that can allow an attacker to execute code locally when a victim opens or previews a specially crafted document. Microsoft’s Security Update Guide lists this...