security update

Microsoft has confirmed a use‑after‑free vulnerability in Microsoft Excel (tracked as CVE‑2025‑53735) that can lead to local code execution when a crafted spreadsheet is opened — a serious document‑based attack vector that demands immediate attention from IT teams and security‑minded users...

Title: What you need to know about August 12, 2025 — KB5063875 (OS Builds 22621.5768 / 22631.5768) Summary (TL;DR) Microsoft released the August 12, 2025 cumulative security update KB5063875 for Windows 11 (builds 22621.5768 for 22H2/23H2 servicing branch and 22631.5768 for the 23H2 ring). This...

Microsoft has published the August 12, 2025 cumulative security update for older Windows 11 branches — KB5063875, which updates OS Builds 22621.5768 and 22631.5768 — delivering a combined Latest Cumulative Update (LCU) and Servicing Stack Update (SSU) for devices still on Windows 11 versions...

Microsoft released the August 12, 2025 cumulative update for Windows 11 servicing branches that use OS builds 22621 and 22631 — published as KB5063875, updating systems to OS Build 22621.5768 / 22631.5768 — a standard Patch Tuesday security rollup that Microsoft bundles with a servicing-stack...

A heap‑based buffer overflow in Windows Hyper‑V allows a locally authorized attacker to elevate privileges on an affected host — administrators must treat this as a high‑priority patching and hardening task and verify vendor guidance before rolling changes into production. (msrc.microsoft.com)...

Microsoft’s Security Update Guide lists CVE‑2025‑53151 as a use‑after‑free vulnerability in the Windows kernel that can be abused by an authorized local user to elevate privileges on an affected system, and Microsoft’s published advisory directs administrators to install the supplied security...

Microsoft’s advisory confirms that a null pointer dereference in the Windows Ancillary Function Driver for WinSock (AFD.sys) can be triggered by a locally authorized attacker to elevate privileges to SYSTEM, creating a high-impact local elevation-of-privilege (EoP) risk for affected Windows...

Microsoft’s Security Response Center has published an advisory for CVE‑2025‑53140, a use‑after‑free vulnerability in the Windows Kernel Transaction Manager (KTM) that Microsoft says can be exploited by an authorized local attacker to elevate privileges on an affected system. (msrc.microsoft.com)...

CVE-2025-50164 — Heap-based buffer overflow in Windows RRAS: what admins need to know now TL;DR: Microsoft lists CVE-2025-50164 as a heap-based buffer‑overflow in the Windows Routing and Remote Access Service (RRAS) that can lead to remote code execution. Administrators should treat this as...

A critical security vulnerability, identified as CVE-2025-53767, has been discovered in Microsoft's Azure OpenAI service, potentially allowing attackers to escalate their privileges within affected systems. This flaw underscores the importance of robust security measures in cloud-based AI...

Here is a summary of the main points from the official Microsoft support article for the June 10, 2025—KB5060999 (OS Builds 22621.5472 and 22631.5472) cumulative update for Windows 11: Applies to Windows 11 Enterprise and Education, version 22H2 Windows 11 version 23H2, all editions...

A hush has fallen over the Windows and Linux communities as Microsoft issues a highly targeted update for Windows Subsystem for Linux (WSL), addressing a critical security vulnerability that, as of now, remains shrouded in secrecy. With only a vague clue—CVE-2025-53788—disclosed ahead of...

The August 2025 Security Update for Windows 11 marks a major inflection point for the operating system, introducing a suite of eight new features and several subtle—yet consequential—refinements across its interface, AI capabilities, and recovery tools. As Microsoft continues its measured...

In July 2025, Microsoft issued a critical alert regarding active cyberattacks targeting SharePoint servers used by businesses and government agencies for internal document sharing. These attacks exploit a previously unknown "zero-day" vulnerability, leaving tens of thousands of servers...

Here is a summary of the July 22, 2025—KB5062663 (OS Builds 22621.5699) Preview update for Windows 11 version 23H2: Key Highlights 1. Secure Boot Certificate Expiration Notice Secure Boot certificates used by most Windows devices are set to expire starting June 2026. If not updated, some...

Here is a summary of the KB5062660 Windows 11 update, based on official Microsoft changelogs and user reports: What was fixed regarding Windows Firewall? Issue: Users were getting repeated warnings and errors in the Event Viewer flagged as Event 2042 — "Config Read Failed" with the message...

A critical zero-day vulnerability in Microsoft's on-premises SharePoint Server has been actively exploited by cybercriminals and nation-state actors, prompting urgent warnings from Microsoft and cybersecurity experts. This flaw, identified as CVE-2025-53770 and CVE-2025-53771, allows...

Microsoft has released the KB5063689 Safe OS Dynamic Update for Windows 11, version 24H2, and Windows Server 2025, dated July 22, 2025. This update enhances the Windows Recovery Environment (WinRE), ensuring a more secure and reliable recovery process. Key Highlights: Windows Secure Boot...

Microsoft has released the KB5062663 update for Windows 11, encompassing OS Builds 22621.5699 and 22631.5699. This preview update focuses on enhancing system stability and addressing various issues reported by users. Key Fixes and Improvements: Resilient File System (ReFS) Memory Management: An...

The July 2025 security update for Windows Server 2019, identified as KB5062557, has introduced significant challenges for IT administrators managing failover clusters. Post-installation, numerous organizations have reported critical issues, including cluster service failures and repeated virtual...