Tag Microsoft

Microsoft Addresses 130 Vulnerabilities, Including Critical Issues in SPNEGO and SQL Server

July 9, 2025
Endpoint Security / Vulnerability

In its first Patch Tuesday update of 2025, Microsoft has rolled out fixes for 130 vulnerabilities, marking a shift as no exploited security flaws were included in this batch. Notably, one flaw addressed had already been publicly disclosed. The update also tackles 10 additional non-Microsoft CVEs impacting Visual Studio, AMD, and the Chromium-based Edge browser. Among the patched vulnerabilities, 10 are classified as Critical, while the remainder are deemed Important. “This marks the end of an 11-month streak of fixing at least one zero-day exploitation,” noted Satnam Narang, Senior Staff Research Engineer at Tenable. The vulnerabilities include 53 related to privilege escalation, 42 for remote code execution, 17 for information disclosure, and 8 for security feature bypasses. Furthermore, the update builds on two other flaws previously fixed in the Edge browser since the last month’s Patch Tuesday.

Microsoft Addresses 130 Vulnerabilities, Highlighting Critical Flaws in SPNEGO and SQL Server On July 9, 2025, Microsoft released its Patch Tuesday updates, addressing a total of 130 vulnerabilities, including critical security flaws within the SPNEGO protocol and SQL Server. Notably, this month’s updates marked the first time in 2025 that…

Read More

Microsoft Addresses 130 Vulnerabilities, Including Critical Issues in SPNEGO and SQL Server

July 9, 2025
Endpoint Security / Vulnerability

In its first Patch Tuesday update of 2025, Microsoft has rolled out fixes for 130 vulnerabilities, marking a shift as no exploited security flaws were included in this batch. Notably, one flaw addressed had already been publicly disclosed. The update also tackles 10 additional non-Microsoft CVEs impacting Visual Studio, AMD, and the Chromium-based Edge browser. Among the patched vulnerabilities, 10 are classified as Critical, while the remainder are deemed Important. “This marks the end of an 11-month streak of fixing at least one zero-day exploitation,” noted Satnam Narang, Senior Staff Research Engineer at Tenable. The vulnerabilities include 53 related to privilege escalation, 42 for remote code execution, 17 for information disclosure, and 8 for security feature bypasses. Furthermore, the update builds on two other flaws previously fixed in the Edge browser since the last month’s Patch Tuesday.

AMD Alerts Users to New Transient Scheduler Vulnerabilities Affecting Various CPU Models

Date: July 10, 2025
Category: Vulnerability / Hardware Security

AMD has issued a warning regarding a fresh wave of vulnerabilities impacting a wide array of chipsets, posing risks of data exposure. These vulnerabilities, known as Transient Scheduler Attacks (TSA), exploit speculative execution timing under certain microarchitectural conditions, creating a potential side channel in the CPUs. “In some instances, attackers could leverage this timing data to extract information from different contexts, leading to data leaks,” AMD stated in its advisory. The vulnerabilities were identified through research conducted by Microsoft and ETH Zurich, which tested modern CPUs against speculative execution threats like Meltdown and Foreshadow by examining isolation among security domains, including virtual machines, kernels, and processes. Following responsible disclosure in June 2024, the vulnerabilities have been assigned the following CVE identifiers: CVE-2024-36350 (CVSS score: 5.6).

AMD Issues Warning on Vulnerabilities Affecting a Wide Range of CPUs In a recent advisory, semiconductor giant AMD has highlighted a new set of vulnerabilities that may compromise the security of various chipsets, potentially allowing unauthorized access to sensitive information. These vulnerabilities, grouped under the term Transient Scheduler Attacks (TSA),…

Read More

AMD Alerts Users to New Transient Scheduler Vulnerabilities Affecting Various CPU Models

Date: July 10, 2025
Category: Vulnerability / Hardware Security

AMD has issued a warning regarding a fresh wave of vulnerabilities impacting a wide array of chipsets, posing risks of data exposure. These vulnerabilities, known as Transient Scheduler Attacks (TSA), exploit speculative execution timing under certain microarchitectural conditions, creating a potential side channel in the CPUs. “In some instances, attackers could leverage this timing data to extract information from different contexts, leading to data leaks,” AMD stated in its advisory. The vulnerabilities were identified through research conducted by Microsoft and ETH Zurich, which tested modern CPUs against speculative execution threats like Meltdown and Foreshadow by examining isolation among security domains, including virtual machines, kernels, and processes. Following responsible disclosure in June 2024, the vulnerabilities have been assigned the following CVE identifiers: CVE-2024-36350 (CVSS score: 5.6).

⚡ Weekly Overview — SharePoint Breach, Spyware Issues, IoT Exploits, DPRK Fraud, Crypto Threats, and More

📅 July 28, 2025

Some threats don’t breach the perimeter—they slip in through signed software, polished resumes, or approved vendors that remain hidden in plain sight. This week, the most significant dangers weren’t the ones making the most noise—they were the ones that looked the most legitimate. In a landscape where identity, trust, and tools are interconnected, the strongest attack vectors often appear entirely credible. Security teams now face the challenge of defending systems not only from intrusions but from the very essence of trust being weaponized.

Threat of the Week Microsoft SharePoint Breaches Linked to China — The repercussions of an attack wave targeting vulnerabilities in on-premises Microsoft SharePoint servers continue to intensify a week after the discovery of zero-day exploits, with over 400 organizations worldwide affected. These attacks have been connected to two notorious Chinese hacking groups, Linen Typhoon (APT27) and Violet Typhoon (APT31), along with a suspected China-based threat actor known as Storm-2603.

Weekly Recap — SharePoint Breach, Spyware, IoT Hijacks, DPRK Fraud, Crypto Drains, and More July 28, 2025 Cybersecurity threats are increasingly sneaking through the back door, penetrating defenses via seemingly legitimate vectors such as signed software, polished resumes, and authorized vendors that often remain unnoticed. This week underscored that the…

Read More

⚡ Weekly Overview — SharePoint Breach, Spyware Issues, IoT Exploits, DPRK Fraud, Crypto Threats, and More

📅 July 28, 2025

Some threats don’t breach the perimeter—they slip in through signed software, polished resumes, or approved vendors that remain hidden in plain sight. This week, the most significant dangers weren’t the ones making the most noise—they were the ones that looked the most legitimate. In a landscape where identity, trust, and tools are interconnected, the strongest attack vectors often appear entirely credible. Security teams now face the challenge of defending systems not only from intrusions but from the very essence of trust being weaponized.

Threat of the Week Microsoft SharePoint Breaches Linked to China — The repercussions of an attack wave targeting vulnerabilities in on-premises Microsoft SharePoint servers continue to intensify a week after the discovery of zero-day exploits, with over 400 organizations worldwide affected. These attacks have been connected to two notorious Chinese hacking groups, Linen Typhoon (APT27) and Violet Typhoon (APT31), along with a suspected China-based threat actor known as Storm-2603.

Microsoft Issues Warning About Vulnerability in Hybrid Exchange Deployments

Governance & Risk Management, Legacy Infrastructure Security CISA Issues Emergency Directive Mandating Federal Agencies Address Vulnerability Akshaya Asokan (asokan_akshaya), David Perera (@daveperera) • August 7, 2025 Image: Microsoft/Shutterstock/ISMG The Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive urging federal agencies to address a critical vulnerability affecting Microsoft…

Read MoreMicrosoft Issues Warning About Vulnerability in Hybrid Exchange Deployments

A Single Compromised Document Could Expose ‘Confidential’ Information Through ChatGPT

OpenAI’s Connectors Exposed: Researchers Uncover Vulnerability Recent developments in the realm of generative AI have caught the attention of cybersecurity experts, particularly regarding OpenAI’s ChatGPT. Unlike traditional chatbots, these AI models can connect with various data sources to provide tailored responses. ChatGPT, for instance, can access your Gmail, delve into…

Read MoreA Single Compromised Document Could Expose ‘Confidential’ Information Through ChatGPT

Severe Unpatched SharePoint Zero-Day Under Active Exploitation, Compromises Over 75 Company Servers

July 20, 2025
Zero-Day / Vulnerability

A serious security flaw in Microsoft SharePoint Server has been weaponized in an ongoing, large-scale exploitation campaign. The zero-day vulnerability, identified as CVE-2025-53770 (CVSS score: 9.8), is a variant of CVE-2025-49704 (CVSS score: 8.8), which was addressed by Microsoft in their July 2025 Patch Tuesday updates. Microsoft explained that “deserialization of untrusted data in on-premises Microsoft SharePoint Server enables unauthorized attackers to execute code over a network,” as detailed in an advisory released on July 19, 2025. The company is actively preparing a comprehensive update to mitigate this issue. Viettel Cyber Security is credited with discovering and reporting the flaw through Trend Micro’s Zero Day Initiative (ZDI). Additionally, Microsoft has acknowledged awareness of ongoing attacks related to this vulnerability.

Critical Unpatched SharePoint Zero-Day Under Active Exploitation, Compromises Over 75 Company Servers July 20, 2025 In an alarming development, a critical zero-day vulnerability in Microsoft SharePoint Server has been actively exploited in a large-scale attack campaign, leading to the breach of more than 75 company servers. This vulnerability, designated as…

Read More

Severe Unpatched SharePoint Zero-Day Under Active Exploitation, Compromises Over 75 Company Servers

July 20, 2025
Zero-Day / Vulnerability

A serious security flaw in Microsoft SharePoint Server has been weaponized in an ongoing, large-scale exploitation campaign. The zero-day vulnerability, identified as CVE-2025-53770 (CVSS score: 9.8), is a variant of CVE-2025-49704 (CVSS score: 8.8), which was addressed by Microsoft in their July 2025 Patch Tuesday updates. Microsoft explained that “deserialization of untrusted data in on-premises Microsoft SharePoint Server enables unauthorized attackers to execute code over a network,” as detailed in an advisory released on July 19, 2025. The company is actively preparing a comprehensive update to mitigate this issue. Viettel Cyber Security is credited with discovering and reporting the flaw through Trend Micro’s Zero Day Initiative (ZDI). Additionally, Microsoft has acknowledged awareness of ongoing attacks related to this vulnerability.

Microsoft Issues Critical Patch for SharePoint RCE Vulnerability Targeted in Ongoing Cyber Attacks

July 21, 2025
Server Security / Vulnerability

On Sunday, Microsoft released vital security updates to address an actively exploited vulnerability in SharePoint and provided details on another flaw that now has “more robust protections.” The company acknowledged it is “aware of active attacks targeting on-premises SharePoint Server customers by exploiting vulnerabilities partially addressed by the July Security Update.” The exploited vulnerability, tracked as CVE-2025-53770 (CVSS score: 9.8), involves remote code execution due to the deserialization of untrusted data in on-premises versions of Microsoft SharePoint Server. The newly identified issue is a spoofing vulnerability (CVE-2025-53771, CVSS score: 7.1), discovered and reported by Viettel Cyber Security and an anonymous researcher. The flaw is linked to inadequate restrictions on pathnames, leading to potential path traversal in Microsoft Office SharePoint…

Microsoft Issues Urgent Security Patch for Critical SharePoint Vulnerability Amid Ongoing Cyber Attacks On July 21, 2025, Microsoft released critical security updates aimed at addressing a serious vulnerability in SharePoint that is currently being exploited in ongoing cyber attacks targeting on-premises customers. The company revealed that it is aware of…

Read More

Microsoft Issues Critical Patch for SharePoint RCE Vulnerability Targeted in Ongoing Cyber Attacks

July 21, 2025
Server Security / Vulnerability

On Sunday, Microsoft released vital security updates to address an actively exploited vulnerability in SharePoint and provided details on another flaw that now has “more robust protections.” The company acknowledged it is “aware of active attacks targeting on-premises SharePoint Server customers by exploiting vulnerabilities partially addressed by the July Security Update.” The exploited vulnerability, tracked as CVE-2025-53770 (CVSS score: 9.8), involves remote code execution due to the deserialization of untrusted data in on-premises versions of Microsoft SharePoint Server. The newly identified issue is a spoofing vulnerability (CVE-2025-53771, CVSS score: 7.1), discovered and reported by Viettel Cyber Security and an anonymous researcher. The flaw is linked to inadequate restrictions on pathnames, leading to potential path traversal in Microsoft Office SharePoint…