64Articles
5Categories
2025-03-11Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 57[−]
11 Mar KEV#StopRansomware: Medusa RansomwareSummary Note: This joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders detailing various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed…CISA.GOV
11 MarCVE-2025-24035 Windows Remote Desktop Services Remote Code Execution VulnerabilitySensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
11 MarCVE-2025-24044 Windows Win32 Kernel Subsystem Elevation of Privilege VulnerabilityUse after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 MarCVE-2025-24043 WinDbg Remote Code Execution VulnerabilityImproper verification of cryptographic signature in .NET allows an authorized attacker to execute code over a network.MSRC.MICROSOFT.COM
11 MarCVE-2025-24057 Microsoft Office Remote Code Execution VulnerabilityHeap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
11 MarCVE-2025-24070 ASP.NET Core and Visual Studio Elevation of Privilege VulnerabilityWeak authentication in ASP.NET Core & Visual Studio allows an unauthorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
11 MarCVE-2025-24077 Microsoft Word Remote Code Execution VulnerabilityUse after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
11 MarCVE-2025-24078 Microsoft Word Remote Code Execution VulnerabilityUse after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
11 MarCVE-2025-24079 Microsoft Word Remote Code Execution VulnerabilityUse after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
11 MarCVE-2025-24080 Microsoft Office Remote Code Execution VulnerabilityUse after free in Microsoft Office allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
11 MarCVE-2025-24081 Microsoft Excel Remote Code Execution VulnerabilityUse after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
11 MarCVE-2025-24082 Microsoft Excel Remote Code Execution VulnerabilityUse after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
11 MarCVE-2025-24083 Microsoft Office Remote Code Execution VulnerabilityUntrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
11 MarCVE-2025-24986 Azure Promptflow Remote Code Execution VulnerabilityImproper isolation or compartmentalization in Azure PromptFlow allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
11 MarCVE-2025-24987 Windows USB Video Class System Driver Elevation of Privilege VulnerabilityOut-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack.MSRC.MICROSOFT.COM
11 MarCVE-2025-24988 Windows USB Video Class System Driver Elevation of Privilege VulnerabilityOut-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack.MSRC.MICROSOFT.COM
11 MarCVE-2025-21180 Windows exFAT File System Remote Code Execution VulnerabilityHeap-based buffer overflow in Windows exFAT File System allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
11 MarCVE-2025-24995 Kernel Streaming WOW Thunk Service Driver Elevation of Privilege VulnerabilityHeap-based buffer overflow in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 MarCVE-2025-24996 NTLM Hash Disclosure Spoofing VulnerabilityExternal control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.MSRC.MICROSOFT.COM
11 MarCVE-2025-24997 DirectX Graphics Kernel File Denial of Service VulnerabilityNull pointer dereference in Windows Kernel Memory allows an authorized attacker to deny service locally.MSRC.MICROSOFT.COM
11 MarCVE-2025-24998 Visual Studio Elevation of Privilege VulnerabilityUncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 MarCVE-2025-25003 Visual Studio Elevation of Privilege VulnerabilityUncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 MarCVE-2025-21247 MapUrlToZone Security Feature Bypass VulnerabilityImproper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network.MSRC.MICROSOFT.COM
11 MarCVE-2025-21199 Azure Agent Installer for Backup and Site Recovery Elevation of Privilege VulnerabilityImproper privilege management in Azure Agent Installer allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 MarCVE-2025-24045 Windows Remote Desktop Services Remote Code Execution VulnerabilitySensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
11 MarCVE-2025-24046 Kernel Streaming Service Driver Elevation of Privilege VulnerabilityUse after free in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 MarCVE-2025-24048 Windows Hyper-V Elevation of Privilege VulnerabilityHeap-based buffer overflow in Role: Windows Hyper-V allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 MarCVE-2025-24050 Windows Hyper-V Elevation of Privilege VulnerabilityHeap-based buffer overflow in Role: Windows Hyper-V allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 MarCVE-2025-24051 Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityHeap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
11 MarCVE-2025-24054 NTLM Hash Disclosure Spoofing VulnerabilityExternal control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.MSRC.MICROSOFT.COM
11 MarCVE-2025-24055 Windows USB Video Class System Driver Information Disclosure VulnerabilityOut-of-bounds read in Windows USB Video Driver allows an authorized attacker to disclose information with a physical attack.MSRC.MICROSOFT.COM
11 MarCVE-2025-24056 Windows Telephony Service Remote Code Execution VulnerabilityHeap-based buffer overflow in Windows Telephony Server allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
11 MarCVE-2025-24059 Windows Common Log File System Driver Elevation of Privilege VulnerabilityIncorrect conversion between numeric types in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 MarCVE-2025-24061 Windows Mark of the Web Security Feature Bypass VulnerabilityProtection mechanism failure in Windows Mark of the Web (MOTW) allows an unauthorized attacker to bypass a security feature locally.MSRC.MICROSOFT.COM
11 MarCVE-2025-24064 Windows Domain Name Service Remote Code Execution VulnerabilityUse after free in DNS Server allows an unauthorized attacker to execute code over a network.MSRC.MICROSOFT.COM
11 MarCVE-2025-24066 Kernel Streaming Service Driver Elevation of Privilege VulnerabilityHeap-based buffer overflow in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 MarCVE-2025-24067 Kernel Streaming Service Driver Elevation of Privilege VulnerabilityHeap-based buffer overflow in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 MarCVE-2025-24072 Microsoft Local Security Authority (LSA) Server Elevation of Privilege VulnerabilityUse after free in Microsoft Local Security Authority Server (lsasrv) allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 MarCVE-2025-24075 Microsoft Excel Remote Code Execution VulnerabilityStack-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
11 MarCVE-2025-24076 Microsoft Windows Cross Device Service Elevation of Privilege VulnerabilityImproper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 MarCVE-2025-24084 Windows Subsystem for Linux (WSL2) Kernel Remote Code Execution VulnerabilityUntrusted pointer dereference in Windows Subsystem for Linux allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
11 MarCVE-2025-24983 Windows Win32 Kernel Subsystem Elevation of Privilege VulnerabilityUse after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 MarCVE-2025-24984 Windows NTFS Information Disclosure VulnerabilityInsertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack.MSRC.MICROSOFT.COM
11 MarCVE-2025-24985 Windows Fast FAT File System Driver Remote Code Execution VulnerabilityInteger overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
11 MarCVE-2025-24991 Windows NTFS Information Disclosure VulnerabilityOut-of-bounds read in Windows NTFS allows an authorized attacker to disclose information locally.MSRC.MICROSOFT.COM
11 MarCVE-2025-24992 Windows NTFS Information Disclosure VulnerabilityBuffer over-read in Windows NTFS allows an unauthorized attacker to disclose information locally.MSRC.MICROSOFT.COM
11 MarCVE-2025-24993 Windows NTFS Remote Code Execution VulnerabilityHeap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
11 MarCVE-2025-24994 Microsoft Windows Cross Device Service Elevation of Privilege VulnerabilityImproper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 MarCVE-2025-24049 Azure Command Line Integration (CLI) Elevation of Privilege VulnerabilityImproper neutralization of special elements used in a command ('command injection') in Azure Command Line Integration (CLI) allows an unauthorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 MarCVE-2025-26627 Azure Arc Installer Elevation of Privilege VulnerabilityImproper neutralization of special elements used in a command ('command injection') in Azure Arc allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 MarCVE-2025-26629 Microsoft Office Remote Code Execution VulnerabilityUse after free in Microsoft Office allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
11 MarCVE-2025-26630 Microsoft Access Remote Code Execution VulnerabilityUse after free in Microsoft Office Access allows an unauthorized attacker to execute code locally.MSRC.MICROSOFT.COM
11 MarCVE-2025-26631 Visual Studio Code Elevation of Privilege VulnerabilityUncontrolled search path element in Visual Studio Code allows an authorized attacker to elevate privileges locally.MSRC.MICROSOFT.COM
11 MarCVE-2025-26633 Microsoft Management Console Security Feature Bypass VulnerabilityImproper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally.MSRC.MICROSOFT.COM
11 MarCVE-2025-26634 Windows Core Messaging Elevation of Privileges VulnerabilityHeap-based buffer overflow in Windows Core Messaging allows an authorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
11 MarCVE-2022-30170 Windows Credential Roaming Service Elevation of Privilege VulnerabilityIn the Security Updates table added Windows Server 2022, 23H2 Edition (Server Core installation) as it is affected by this vulnerability. Microsoft recommends that customers install the updates to be fully protected from the vulnerability. Customers whose systems are configured t…MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 1[−]
11 MarCritical Patches Issued for Microsoft Products, March 11, 2025Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, o…CISECURITY.ORG
🕵️ THREAT INTELLIGENCE 3[−]
11 MarSoft-Launching and Open Sourcing the Have I Been Pwned RebrandPresently sponsored by: 1Password Extended Access Management: Secure every sign-in for every app on every device. Designing the first logo for Have I Been Pwned was easy: I took a SQL injection pattern, wrote "have i been pwned?" after it and then, just to give it a tou…TROYHUNT.COM
11 MarAnnouncing Unit 42 Managed XSIAM — Redefining 24/7 Managed SecOpsPalo Alto Networks announces Unit 42 Managed XSIAM, a solution that provides 24/7 expert-led defense across every attack surface. The post Announcing Unit 42 Managed XSIAM — Redefining 24/7 Managed SecOps appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
11 MarPeter Sandman: Risk = Hazard + Outrage: Some Risk Communication Basicssubmitted by ashar to security_cpe 3 points | 0 comments https://vimeo.com/1055760460 Risk = Hazard + Outrage: Some Risk Communication Basics (and some COVID and H5N1 comments) Peter Sandman I give this lecture annually to Mike Osterholm’s University of Minnesota graduate course …INFOSEC.PUB
🌐 CYBER THREAT LANDSCAPE 1[−]
11 MarBeyond the Hook: A Technical Deep Dive into Modern Phishing MethodologiesA technical exploration of modern phishing tactics, from basic HTML pages to advanced MFA-bypassing techniques, with analysis of infrastructure setup and delivery methods used by phishers in 2025.QUARKSLAB.COM
📡 INFOSEC NEWS 2[−]
11 MarAI-Assisted Fake GitHub Repositories Fuel SmartLoader and LummaStealer DistributionIn this blog entry, we uncovered a campaign that uses fake GitHub repositories to distribute SmartLoader, which is then used to deliver Lumma Stealer and other malicious payloads. The campaign leverages GitHub’s trusted reputation to evade detection, using AI-generated content to…TRENDMICRO.COM
11 MarDon’t let cybercriminals steal your Spotify accountListen up, this is sure to be music to your ears – a few minutes spent securing your account today can save you a ton of trouble tomorrowWELIVESECURITY.COM