Thursday, February 13, 2025

Analysis of a Flaw in Microsoft's Patch for "copy2pwn" (CVE-2024-38213)

This is a story of a temporarily flawed Microsoft patch. CVE-2024-38213 is a vulnerability that causes files copied from WebDAV shared fold...
Tuesday, February 11, 2025

Micropatches Released for Microsoft Outlook Remote Code Execution Vulnerability (CVE-2025-21357)

January 2025 Windows updates brought a fix for CVE-2025-21357 , a remote code execution vulnerability in Microsoft Outlook. This vulnerabil...
Friday, February 7, 2025

Micropatches Released for Active Directory Certificate Services Elevation of Privilege Vulnerability (CVE-2024-49019)

November 2024 Windows updates brought a fix for CVE-2024-49019 , a privilege escalation vulnerability allowing, under specific conditions, ...

Micropatches Released for Windows OLE Remote Code Execution (CVE-2025-21298)

    January 2025 Windows updates brought a fix for CVE-2025-21298 , a memory corruption issue in Windows OLE data processing that can be ex...
Tuesday, February 4, 2025

Micropatches Released for Windows Task Scheduler Elevation of Privilege Vulnerability (CVE-2024-49039)

  November 2024 Windows updates brought a fix for CVE-2024-49039 , a local privilege escalation issue allowing low-integrity code running on...
Monday, February 3, 2025

Micropatches Released for NTLM Hash Disclosure Spoofing Vulnerability (CVE-2024-43451)

  November 2024 Windows updates brought a fix for CVE-2024-43451 , an NTLM hash disclosure vulnerability that allows an attacker to obtain u...
Tuesday, January 14, 2025

Micropatches Released for Windows "LDAPNightmare" Denial of Service Vulnerability (CVE-2024-49113)

December 2024 Windows Updates brought a patch for CVE-2024-49113 a.k.a. "LDAPNightmare", a denial of service vulnerability in Win...