Overview On June 9, NSFOCUS CERT detected that Microsoft released a security update patch for June, fixing 206 security issues involving widely used products such as Windows, Microsoft Office, Microsoft Exchange Server, Visual Studio Code, Azure, etc., including remote code execution vulnerabilities, High-risk vulnerability types such as information leakage vulnerabilities...
Tag: Windows
Microsoft’s January Security Update of High-Risk Vulnerability Notice for Multiple Products
Overview On January 14, NSFOCUS CERT detected that Microsoft released the January Security Update patch, which fixed 112 security issues involving widely used products such as Windows, Microsoft Office, Microsoft SQL Server, Azure, etc., including high-risk vulnerability types such as privilege escalation and remote code execution. Among the vulnerabilities fixed...
Microsoft’s December Security Update of High-Risk Vulnerability Notice for Multiple Products
Overview On December 10, NSFOCUS CERT detected that Microsoft released the December Security Update patch, which fixed 57 security issues involving widely used products such as Windows, Microsoft Office, Microsoft Exchange Server, Azure, etc., including high-risk vulnerability types such as privilege escalation and remote code execution. Among the vulnerabilities fixed...
Microsoft’s November Security Update of High-Risk Vulnerability Notice for Multiple Products
Overview On November 12, NSFOCUS CERT detected that Microsoft released the November Security Update patch, which fixed 63 security issues involving widely used products such as Windows, Microsoft Office, Microsoft SQL Server, Azure, and Microsoft Visual Studio, including privilege escalation, high-risk vulnerability types such as remote code execution. Among the...
Microsoft’s September Security Update High-Risk Vulnerability Notice for Multiple Products
Overview On September 10, NSFOCUS CERT detected that Microsoft released the September Security Update patch, fixing 86 security issues involving widely used products such as Windows, Microsoft Office, Azure, and Microsoft SQL Server, including high-risk vulnerability types such as privilege escalation and remote code execution. Among the vulnerabilities fixed by...
Windows File Explorer Spoofing Vulnerability (CVE-2025-24071)
Overview Recently, NSFOCUS CERT detected that Microsoft released a security announcement and fixed the spoofing vulnerability of Windows File Explorer (CVE-2025-24071), with a CVSS score of 7.5. Due to the implicit trust and automatic file parsing behavior of .library-ms files by Windows Explorer, unauthenticated attackers can save files by constructing...
