MSRC Reports
@msrcreports
61 subscribers
3.01K links
Microsoft Security Response Center Reports
(Unofficial).

Reports usually come in bursts, because that's just how Microsoft releases them.
Download Telegram
About
Blog
Apps
Platform
Join
MSRC Reports
61 subscribers
MSRC Reports
Chromium: CVE-2025-3066 Use after free in Navigations

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-3066
25 views
MSRC Reports
Chromium: CVE-2025-3073 Inappropriate implementation in Autofill

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-3073
23 views
MSRC Reports
CVE-2025-29815 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Use after free in Microsoft Edge (Chromium-based) allows an authorized attacker to execute code over a network.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29815
22 views
MSRC Reports
Chromium: CVE-2025-3067 Inappropriate implementation in Custom Tabs

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-3067
20 views
MSRC Reports
Chromium: CVE-2025-3068 Inappropriate implementation in Intents

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-3068
19 views
MSRC Reports
Chromium: CVE-2025-3069 Inappropriate implementation in Extensions

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-3069
19 views
MSRC Reports
Chromium: CVE-2025-3070 Insufficient validation of untrusted input in Extensions

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-3070
18 views
MSRC Reports
Chromium: CVE-2025-3071 Inappropriate implementation in Navigations

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-3071
19 views
MSRC Reports
Chromium: CVE-2025-3072 Inappropriate implementation in Custom Tabs

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-3072
23 views
MSRC Reports
Chromium: CVE-2025-3074 Inappropriate implementation in Downloads

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-3074
24 views
MSRC Reports
CVE-2025-25001 Microsoft Edge for iOS Spoofing Vulnerability

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-25001
23 views
MSRC Reports
CVE-2025-25000 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-25000
28 views
MSRC Reports
CVE-2025-29810 Active Directory Domain Services Elevation of Privilege Vulnerability

The security updates for Windows 10 for 32-bit Systems and Windows 10 for x64-based Systems are now available. See the Security Updates table for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29810
24 views
MSRC Reports
CVE-2025-29809 Windows Kerberos Security Feature Bypass Vulnerability

The security updates for Windows 10 for 32-bit Systems and Windows 10 for x64-based Systems are now available. See the Security Updates table for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29809
23 views
MSRC Reports
CVE-2025-27738 Windows Resilient File System (ReFS) Information Disclosure Vulnerability

The security updates for Windows 10 for 32-bit Systems and Windows 10 for x64-based Systems are now available. See the Security Updates table for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27738
23 views
MSRC Reports
CVE-2025-27737 Windows Security Zone Mapping Security Feature Bypass Vulnerability

The security updates for Windows 10 for 32-bit Systems and Windows 10 for x64-based Systems are now available. See the Security Updates table for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27737
21 views
MSRC Reports
CVE-2025-27735 Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability

The security updates for Windows 10 for 32-bit Systems and Windows 10 for x64-based Systems are now available. See the Security Updates table for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27735
19 views
MSRC Reports
CVE-2025-27733 NTFS Elevation of Privilege Vulnerability

The security updates for Windows 10 for 32-bit Systems and Windows 10 for x64-based Systems are now available. See the Security Updates table for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27733
19 views
MSRC Reports
CVE-2025-27727 Windows Installer Elevation of Privilege Vulnerability

The security updates for Windows 10 for 32-bit Systems and Windows 10 for x64-based Systems are now available. See the Security Updates table for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27727
19 views
MSRC Reports
CVE-2025-27491 Windows Hyper-V Remote Code Execution Vulnerability

The security updates for Windows 10 for 32-bit Systems and Windows 10 for x64-based Systems are now available. See the Security Updates table for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27491
21 views
MSRC Reports
CVE-2025-27489 Azure Local Elevation of Privilege Vulnerability

The security updates for Windows 10 for 32-bit Systems and Windows 10 for x64-based Systems are now available. See the Security Updates table for more information.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27489
23 views