remote code execution vulnerabilities Archives

AppWizard

July 9, 2025

Activision pulls Call of Duty game after PC players are hacked

Activision has removed Call of Duty: WWII from the Microsoft Store and Game Pass due to security breaches affecting players. The game is offline while the publisher investigates reports of hacks experienced by PC users. It remains available on Steam and other consoles. Players have reported significant security threats, including a video from streamer Wrioh demonstrating hacking incidents. The version of the game on Microsoft’s platforms reportedly contained an outdated flaw.

Winsage

July 9, 2025

Microsoft Patch Tuesday, July 2025 Edition

Microsoft has released updates addressing 137 vulnerabilities across its Windows operating systems and supported software, with 14 classified as "critical." CVE-2025-49719 is a publicly disclosed information disclosure flaw affecting all SQL Server versions since 2016, posing a supply-chain risk due to its potential exploitation without authentication. SQL Server 2012 has reached its end of life, meaning no future security patches will be available. CVE-2025-47981 is a critical remote code execution vulnerability with a CVSS score of 9.8, affecting Windows clients and Windows Server. Microsoft also addressed four critical remote code execution vulnerabilities in its Office suite, including CVE-2025-49695 and CVE-2025-49696, which can be triggered through the Preview Pane. Other high-severity vulnerabilities include CVE-2025-49740, which could bypass Microsoft Defender SmartScreen, and CVE-2025-47178, allowing attackers to execute arbitrary SQL queries with minimal privileges. Adobe has also released security updates for various software, and users are advised to back up data before installing patches.

Winsage

June 11, 2025

Microsoft warns of 66 flaws to fix for this Patch Tuesday

Microsoft has announced a significant update addressing 66 vulnerabilities, including a zero-day vulnerability disclosed on the same day. Ten critical patches have been identified, with two currently being exploited. Microsoft is also patching older platforms like Windows Server 2008 and Internet Explorer. One critical vulnerability, CVE-2025-33053, has been exploited by the Stealth Falcon hacking group since March, allowing remote code execution via the WebDAV extension. Another critical vulnerability, CVE-2025-5419, affects the Chromium V8 JavaScript engine in Microsoft Edge. CVE-2025-33073 is an escalation of privilege vulnerability in the Windows SMB Client, with a CVSS score of 8.8. Four critical vulnerabilities in Microsoft Office include CVE-2025-47162, CVE-2025-47164, CVE-2025-47167, and CVE-2025-47953. Four critical remote code execution vulnerabilities include CVE-2025-47172, CVE-2025-29828, CVE-2025-32710, and CVE-2025-33071. Two elevation-of-privilege flaws are CVE-2025-47966 and CVE-2025-33070. Adobe has prioritized fixes for Adobe Commerce and Adobe's Experience Manager, addressing 254 CVEs. Adobe Acrobat users will receive ten fixes, including four critical ones. Fortinet has patched CVE-2023-42788 in FortiAnalyzer 7.4. SAP resolved 14 issues, with CVE-2025-42989 being the only critical patch, associated with the NetWeaver Application Server and a CVSS score of 9.6.

Winsage

May 14, 2025

Microsoft Scripting Engine 0-Day Vulnerability Enables Remote Code Execution Over Network

Microsoft has identified a memory corruption vulnerability in its Scripting Engine, designated as CVE-2025-30397. This vulnerability allows unauthorized remote code execution and is classified as “Important” under CWE-843 (Type Confusion). It was disclosed in the May 2025 Patch Tuesday updates and arises from improper handling of resource types. Exploitation occurs when a user clicks a specially crafted URL in Microsoft Edge's Internet Explorer Mode, potentially compromising system confidentiality, integrity, and availability. Although the attack complexity is high, successful exploitation has been confirmed in the wild. Microsoft has issued patches for all supported Windows versions, and users are advised to apply these updates and consider disabling Internet Explorer Mode to reduce risk.

Winsage

March 19, 2025

Hitachi Energy’s upgrade to Windows 11 on 89% of desktops

Hitachi Energy has migrated over 40,000 desktops to Windows 11 across 12 countries, starting with a pilot of 500 devices in November 2023 and full rollout beginning in March 2024, expected to complete by October 2024. The company assessed 45,335 devices, with 43,568 suitable for upgrade, and found 2,330 out of 3,034 applications compatible with Windows 11, achieving a 76% compatibility rate. Approximately 40,600 devices, nearly 90%, successfully transitioned to Windows 11, while the rest were upgraded to Windows 10. The migration utilized ManagementStudio integrated with various platforms for efficiency, with nearly 10,000 devices upgraded in May 2024. A pilot program tested the new OS with selected users to identify issues before broader deployment. Transitioning is crucial as Windows 10 approaches end-of-support, with Microsoft addressing numerous vulnerabilities in its updates.

Winsage

March 12, 2025

Zero Day Initiative — The March 2025 Security Update Review

In March 2025, Adobe released seven bulletins addressing 37 Common Vulnerabilities and Exposures (CVEs) across its software products, including Acrobat Reader, Illustrator, InDesign, and Substance 3D applications. Six vulnerabilities were reported through the Zero Day Initiative program. The Acrobat Reader patch resolves multiple Critical-rated code execution vulnerabilities, while Illustrator and InDesign patches also address critical issues. The Substance 3D Sampler patch fixes seven vulnerabilities, with some classified as Critical, and the other Substance 3D applications also received updates for code execution vulnerabilities. None of the vulnerabilities were publicly known or under active attack at the time of release. Microsoft released an update addressing 56 new CVEs across its products, totaling 67 when including third-party vulnerabilities. Six are rated as Critical, and 50 as Important. Notable vulnerabilities include CVE-2025-26633, a security feature bypass in the Microsoft Management Console, and critical remote code execution vulnerabilities CVE-2025-24993 and CVE-2025-24985 linked to Windows NTFS and Fast FAT file systems. CVE-2025-24984 and CVE-2025-24991 involve information disclosure vulnerabilities, with one requiring physical access and the other needing a specially crafted VHD. Immediate attention and deployment of patches for these vulnerabilities are essential.

Winsage

March 11, 2025

Microsoft March 2025 Patch Tuesday fixes 7 zero-days, 57 flaws

Microsoft released security updates on March 2025 Patch Tuesday, addressing 57 vulnerabilities, including six classified as critical related to remote code execution. The vulnerabilities are categorized as follows: 23 Elevation of Privilege, 3 Security Feature Bypass, 23 Remote Code Execution, 4 Information Disclosure, 1 Denial of Service, and 3 Spoofing. The updates specifically address six actively exploited zero-day vulnerabilities and one publicly disclosed zero-day vulnerability. The zero-day vulnerabilities include: 1. CVE-2025-24983 - Elevation of Privilege in Windows Win32 Kernel Subsystem. 2. CVE-2025-24984 - Information Disclosure in Windows NTFS. 3. CVE-2025-24985 - Remote Code Execution in Windows Fast FAT File System Driver. 4. CVE-2025-24991 - Information Disclosure in Windows NTFS. 5. CVE-2025-24993 - Remote Code Execution in Windows NTFS. 6. CVE-2025-26633 - Security Feature Bypass in Microsoft Management Console. The publicly disclosed zero-day is: - CVE-2025-26630 - Remote Code Execution in Microsoft Access. A comprehensive list of resolved vulnerabilities includes various CVE IDs and their respective titles and severities, with several vulnerabilities affecting Microsoft Office products, Windows components, and Azure services.

Winsage

February 12, 2025

You Should Install This Windows Security Patch Right Away

Microsoft's February 2025 Patch Tuesday security update addresses 55 security vulnerabilities across the Windows platform, including: - 22 remote code execution vulnerabilities - 19 elevation of privilege vulnerabilities - 9 denial of service vulnerabilities - 3 spoofing vulnerabilities - 2 security feature bypass vulnerabilities - 1 information disclosure vulnerability Among these, four vulnerabilities are classified as critical zero-day vulnerabilities, with two requiring immediate attention. 1. CVE-2025-21194: A security feature bypass vulnerability related to Microsoft Surface devices, potentially allowing unauthorized access to Windows virtual machines. 2. CVE-2025-21377: An NTLM hash disclosure spoofing vulnerability that could allow attackers to retrieve plain-text passwords by interacting with a malicious file. The other two zero-day vulnerabilities confirmed to be actively exploited are: 1. CVE-2025-21391: A Windows storage elevation of privilege vulnerability that enables deletion of targeted files on a user's computer. 2. CVE-2025-21418: A vulnerability that allows attackers to gain elevated system privileges within Windows. Users are advised to install the patch promptly to protect their systems.

Winsage

February 12, 2025

Microsoft Patch Tuesday February 2025 – 61 Vulnerabilities Fixed, 3 Actively Exploited in the Wild

Microsoft's February Patch Tuesday update addresses 61 vulnerabilities, including 25 critical Remote Code Execution (RCE) vulnerabilities. Three of these are zero-days, actively exploited before the update: 1. CVE-2023-24932: Secure Boot security feature bypass requiring physical access or administrative rights. 2. CVE-2025-21391: Windows Storage elevation of privilege vulnerability that could lead to data deletion. 3. CVE-2025-21418: Vulnerability in Windows Ancillary Function Driver for WinSock allowing privilege escalation. Critical vulnerabilities include: - CVE-2025-21376: Windows LDAP RCE vulnerability. - CVE-2025-21379: RCE vulnerability in DHCP Client Service. - CVE-2025-21381: RCE vulnerability in Microsoft Excel. The update also addresses additional vulnerabilities related to remote code execution, elevation of privilege, denial of service, security feature bypass, spoofing, and information disclosure across various Microsoft products. Microsoft advises immediate application of the updates to mitigate risks.

Winsage

February 12, 2025

Microsoft Patch Tuesday February 2025: 61 Vulnerabilities Including 25 RCE’s Fixed

Microsoft released its February 2025 Patch Tuesday security updates, addressing over 61 vulnerabilities across its products. The updates include: - 25 Remote Code Execution vulnerabilities - 14 Elevation of Privilege vulnerabilities - 6 Denial of Service vulnerabilities - 4 Security Feature Bypass vulnerabilities - 2 Spoofing vulnerabilities - 1 Information Disclosure vulnerability Notable critical vulnerabilities include: - CVE-2025-21376: Remote code execution risk via LDAP protocol. - CVE-2025-21379: Flaw in DHCP client service allowing system compromise via crafted network packets. - CVE-2025-21381, CVE-2025-21386, CVE-2025-21387: Multiple vulnerabilities in Microsoft Excel enabling code execution through specially crafted files. - CVE-2025-21406, CVE-2025-21407: Vulnerabilities in Windows Telephony Service allowing remote code execution. Two vulnerabilities confirmed as actively exploited: - CVE-2023-24932: Bypass of Secure Boot protections. - CVE-2025-21391: Elevated privileges on affected systems. - CVE-2025-21418: Gain SYSTEM privileges through exploitation. Other notable fixes include vulnerabilities in Visual Studio and Microsoft Office that could lead to remote code execution. Users can apply updates via Windows Update, Microsoft Update Catalog, or WSUS. Microsoft emphasizes the urgency of these updates due to the active exploitation of certain vulnerabilities.