🐛 COMMON VULNERABILITIES AND EXPOSURES 6[−]
21 FebCVE-2025-21325 Windows Secure Kernel Mode Elevation of Privilege VulnerabilityIn the Security Updates table, added Download and Article links for Windows Server 2025 (Server Core installation). Microsoft recommends that customers install the update to be fully protected from the vulnerability. Customers whose systems are configured to receive automatic upd…MSRC.MICROSOFT.COM
21 FebChromium: CVE-2025-0999 Heap buffer overflow in V8This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.MSRC.MICROSOFT.COM
21 FebChromium: CVE-2025-1006 Use after free in NetworkThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.MSRC.MICROSOFT.COM
21 FebChromium: CVE-2025-1426 Heap buffer overflow in GPUThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.MSRC.MICROSOFT.COM
21 FebCVE-2025-24989 Microsoft Power Pages Elevation of Privilege VulnerabilityFixed a typographical error. This is an information change only.MSRC.MICROSOFT.COM
21 FebCVE-2025-21401 Microsoft Edge (Chromium-based) Security Feature Bypass VulnerabilityUpdated acknowledgment. This is an informational change only.MSRC.MICROSOFT.COM
📢 SECURITY ADVISORIES 1[−]
21 FebWide World of Cyber: DeepSeek lobs an AI hand grenadeIn this episode of the Wide World of Cyber podcast Risky Business host Patrick Gray chats with SentinelOne’s Chris Krebs and Alex Stamos about AI, DeepSeek, and regulation. From its bad transport security to its Chinese ownership and the economic implications of China “entering t…RISKY.BIZ