rce

Microsoft’s September 2025 Patch Tuesday shipped a wide-ranging set of fixes addressing 80 CVEs across Windows, Office, virtualization, and platform components — with eight rated Critical and 72 rated Important — and included several high-profile fixes for SMB, NTLM, NTFS, Office, SharePoint...

Microsoft’s September Patch Tuesday arrived with a broad set of fixes and a matching set of detection updates from Cisco Talos — including a new Snort ruleset — aimed at the most likely-to-be-exploited flaws this month. The update package contains dozens of CVEs spanning Windows core components...

Microsoft’s advisory link for CVE-2025-54908 points to a PowerPoint use‑after‑free that “allows an unauthorized attacker to execute code locally,” but that specific CVE number could not be corroborated in public vulnerability trackers at the time of verification; when attempting to load the...

Microsoft’s Security Response Center has published an advisory for CVE-2025-54907, describing a heap-based buffer overflow in Microsoft Office Visio that can allow an unauthorized attacker to execute code in the context of the user who opens a malicious file. This is a document‑parser...

Microsoft has published an advisory for CVE-2025-54906, a Microsoft Office vulnerability described as a “free of memory not on the heap” condition that can lead to local remote‑code‑execution (RCE) when a user opens or previews a specially crafted Office document; Microsoft lists the...

Microsoft’s SharePoint on-premises ecosystem is once again at the center of a high-risk security incident: an untrusted-deserialization remote code execution (RCE) class of weaknesses is being actively exploited against internet-facing SharePoint Server deployments, and an exact CVE identifier...

Microsoft has published an advisory for CVE-2025-54896: a use-after-free vulnerability in Microsoft Office Excel that, when exploited via a specially crafted workbook, can lead to code execution in the context of the user who opens the file. This class of bug is a recurring and high-consequence...

Microsoft’s advisory for CVE-2025-54895 warns that an integer overflow or wraparound in the SPNEGO Extended Negotiation (NEGOEX) security mechanism can be triggered by an authorized local actor to elevate privileges, turning a legitimate local account into a pathway to SYSTEM-level control if...

A newly disclosed vulnerability affecting Windows' Routing and Remote Access Service (RRAS) can allow remote attackers to execute code against unpatched RRAS hosts — administrators must treat any RRAS-enabled servers exposed to untrusted networks as high-priority for patching, isolation, and...

Microsoft’s advisory identifies CVE-2025-54101 as a use‑after‑free vulnerability in the Windows SMBv3 Client that can be triggered over a network and may allow an attacker to execute arbitrary code in the context of the affected process. This is a serious client‑side remote code execution (RCE)...

Rockwell Automation’s FactoryTalk Optix has a newly publicized vulnerability that demands immediate attention from OT and IT teams: a lack of URI sanitization in the product’s embedded MQTT broker allows remote loading of Mosquitto plugins and can lead to remote code execution (RCE), affecting...

CISA’s latest update to the Known Exploited Vulnerabilities (KEV) Catalog adds three actively exploited flaws — a Linux kernel TOCTOU race condition, an Android Runtime issue, and a high‑impact Sitecore deserialization vulnerability — forcing organizations that track KEV and federal agencies...

CISA’s September 2, 2025 bulletin that released four new Industrial Control Systems (ICS) advisories is a stark reminder that operational technology (OT) and energy-sector devices remain high-value targets—and that defenders must move faster than vendors and attackers to close windows of...

CISA has added CVE-2025-57819 — an authentication‑bypass and SQL‑injection chain that can lead to remote code execution in Sangoma FreePBX — to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of active exploitation and urging immediate remediation. (cisa.gov) Background...

India’s national cybersecurity agency has issued a high‑severity warning about a broad set of vulnerabilities across Microsoft products — a multi‑component risk that demands immediate patching and tighter operational controls from both home users and enterprise IT teams. (cert-in.org.in)...

BeyondTrust’s release of the 2023 Microsoft Vulnerabilities Report — framed as the 10th‑anniversary edition — is both a retrospective and a warning: the last decade of Microsoft vulnerability disclosures has delivered recurring patterns that disproportionately affect Windows Server environments...

INVT’s VT‑Designer and HMITool — two engineering and HMI utilities widely used in industrial and building automation environments — are the subject of a coordinated vulnerability disclosure that assigns multiple high‑severity remote code execution (RCE) flaws to file‑parsing logic in both...

Microsoft’s Internet Information Services (IIS) and its relationship with Windows Server have resurfaced in recent reporting as a nexus of operational pain and security risk — a story that blends a high‑volume patch cycle, at least one serious authentication vulnerability, and persistent...

Cyble’s latest weekly scan shows a dizzying pace of disclosures and exploitation: researchers tracked 908 new vulnerabilities in the last seven days and report that more than 188 of those already have publicly available proofs‑of‑concept (PoCs), tightening the window defenders have to respond...

Microsoft’s Security Response Center has published an advisory for CVE-2025-55231 describing a race‑condition vulnerability in the Windows storage management stack that, according to the vendor entry, can be abused to achieve remote code execution — a high‑impact outcome that requires immediate...