InsighthubNews
  • Home
  • World News
  • Politics
  • Celebrity
  • Environment
  • Business
  • Technology
  • Crypto
  • Sports
  • Gaming
Reading: Microsoft fixed 78 flaws and exploited five zero-days. CVSS 10 bug affects Azure DevOps servers
Share
Font ResizerAa
InsighthubNewsInsighthubNews
Search
  • Home
  • World News
  • Politics
  • Celebrity
  • Environment
  • Business
  • Technology
  • Crypto
  • Sports
  • Gaming
© 2024 All Rights Reserved | Powered by Insighthub News
InsighthubNews > Technology > Microsoft fixed 78 flaws and exploited five zero-days. CVSS 10 bug affects Azure DevOps servers
Technology

Microsoft fixed 78 flaws and exploited five zero-days. CVSS 10 bug affects Azure DevOps servers

May 14, 2025 6 Min Read
Share
Microsoft fixed 78 flaws and exploited five zero-days. CVSS 10 bug affects Azure DevOps servers
SHARE

On Tuesday, Microsoft shipped fixes to address a total of 78 security flaws across its lineup of software, including a set of five zero-days that are undergoing aggressive exploitation in the wild.

Of the 78 defects resolved by the tech giants, 11 are rated as important, 66 are rated as important, and one is rated as low severity. 28 of these vulnerabilities lead to remote code execution, of which 21 are privilege escalation bugs and 16 are classified as defects in disclosure.

The update adds to eight security flaws patched by the company in the Chromium-based Edge browser since the release of the update last month’s patch Tuesday.

Below are five vulnerabilities under aggressive exploitation in the wild –

  • CVE-2025-30397 (CVSS score: 7.5) – Script Engine Memory Corruption Vulnerability
  • CVE-2025-30400 (CVSS score: 7.8) – High privilege vulnerability in Microsoft Desktop Window Manager (DWM) Core Library
  • CVE-2025-32701 (CVSS score: 7.8) – High privilege vulnerability in Windows Common Log File System (CLFS) driver
  • CVE-2025-32706 (CVSS score: 7.8) – High privilege vulnerability for Windows Common Log File System Driver
  • CVE-2025-32709 (CVSS score: 7.8) – Windows Ancillary Function Driver for Elevation of Privilege Vulnerability in Winsock

The first three flaws are credited to Microsoft’s own threat intelligence team, but Google Threat Intelligence Group’s Benoit Sevens and Crowdstrike Advanced Research team have been recognized for the discovery of CVE-2025-32706. The anonymous researcher is acknowledged to have reported CVE-2025-32709.

“Another zero-day vulnerability has been identified in Microsoft Scripting Engine, a critical component used by Microsoft Explorer and Microsoft Edge’s Internet Explorer Mode,” says Alex Vovk, CEO and co-founder of Action1, about CVE-2025-30397.

See also  Meta starts the llamafirewall framework and stops AI jailbreak, injection, and safe code

“Attackers exploit the flaws via malicious web pages or scripts that misinterpret object types, resulting in memory corruption and arbitrary code execution in the context of the current user. If the user has administrative privileges, the attackers can gain full system control, allowing data theft, malware installation, and lateral movement across the network.

CVE-2025-30400 is the third privilege escalation flaw in the DWM core library weaponized in Wild since 2023. In May 2024, Microsoft issued a patch for CVE-2024-30051.

“Since 2022, Patch Tuesday has addressed the promotion of 26 privilege vulnerabilities in DWM,” said Satnam Narang, Senior Staff Research Engineer at Tenable, in a statement shared with Hacker News.

“In fact, the April 2025 release included fixes for the high privilege vulnerability of five DWM core libraries. Before CVE-2025-30400, only two DWM rises were exploited as zero days and zero days in CVE-2024-30051 and CVE-2023-36033 in 2023.”

CVE-2025-32701 and CVE-2025-32706 are the seventh and eighth privilege escalation flaws discovered in the CLFS components, which have been exploited in real attacks since 2022. Saudi Arabia.

CVE-2025-29824 is also said to have been exploited as zero-day by threat actors associated with the Play Ransomware family as part of an attack targeting an unnamed US organization.

Similarly, CVE-2025-32709 is a flaw in the third privilege escalation of the auxiliary feature driver as Winsock components were abused within a year after CVE-2024-38193 and CVE-2025-21418. It is noteworthy that the exploitation of CVE-2024-38193 is attributed to the North Korean-related Lazarus group.

This development will prompt the US Cybersecurity and Infrastructure Security Agency (CISA) to add all five vulnerabilities to its known Exploited Vulnerabilities (KEV) catalog, and require the fix to federal agencies by June 3, 2025.

See also  A new research paper questions the price of "tokens" in AI chat

Microsoft patch Tuesday update also addresses a privilege escalation bug in Microsoft Defender for endpoints on Linux (CVE-2025-26684, CVSS score: 6.7).

One of the two researchers, Stratascale researcher Rich Mirch, has been admitted to reporting the vulnerability, saying the issue is rooted in a Python helper script that contains a function (“grab_java_version()”) and determines the Java Runtime Environment (JRE) version.

“This function determines the location of the Java binaries on disk by checking /proc /Running the /exe symbolic link, then the Java -version command, Mirch explained. “The problem is that Java binaries can run from untrusted locations. A malicious local excellent user can create a process with the name Java or Javaw, which will ultimately run with root privileges to determine the version of the JRE.”

Another notable flaw is the spoofing vulnerability affecting the Microsoft Defender (CVE-2025-26685, CVSS score: 6.5) of the ID.

“The lateral movement path detection feature itself could potentially be exploited by the enemy,” Adam Barnett, lead software engineer at Rapid7, said in a statement. “The compromised credentials in this case are the credentials of the directory service account, and exploitation depends on achieving a fallback from Kerberos to NTLM.”

The maximum vulnerability is CVE-2025-29813 (CVSS score: 10.0). This is a privilege escalation flaw in Azure DevOps servers, allowing rogue attackers to increase privileges on the network. Microsoft said this drawback is already deployed in the cloud and there is no need for action on the part of the customer.

Software patches from other vendors

In addition to Microsoft, security updates have also been released by other vendors over the past few weeks, rectifying some vulnerabilities.

See also  Why language models are "lost" in conversation

Share This Article
Twitter Copy Link
Previous Article Dark and dark mobile has a new name in the legal issues of PC version Dark and dark mobile has a new name in the legal issues of PC version
Next Article mm Anaconda launches the first unified AI platform to redefine enterprise-grade AI development

Latest News

iPhone Spyware, Microsoft 0-Day, Tokenbreak Hack, AI Data Leaks, etc.

iPhone Spyware, Microsoft 0-Day, Tokenbreak Hack, AI Data Leaks, etc.

Some of the biggest security issues start quietly. There are…

June 16, 2025
mm

Why LLMS is thinking too much about simple puzzles, but give up on hard puzzles

Artificial intelligence has made incredible advances with large-scale language models…

June 15, 2025
JSFireTruck JavaScript Malware

Over 269,000 websites infected with JSFiretruck JavaScript malware

Cybersecurity researchers are paying attention to "large campaigns" that undermine…

June 15, 2025
You need to know what features you need with 6 new ChatGPT projects

You need to know what features you need with 6 new ChatGPT projects

The ChatGPT project has just received the most significant update…

June 14, 2025
AsyncRAT and Skuld Stealer

Discord Invite Link Hijacking offers Asyncrat and Skuld Stealer targeted at crypto wallets

The new malware campaign is taking advantage of the weaknesses…

June 14, 2025

You Might Also Like

mm
Technology

Are you feeling pressured to invest in AI? Good – you should be

7 Min Read
mm
Technology

How Openai’s O3 and O4-MINI models revolutionize visual analysis and coding

10 Min Read
LOSTKEYS Malware
Technology

Russian hacker deploying new Lostkeys malware using Clickfix FakeCaptcha

5 Min Read
mm
Technology

Recover and edit human images with AI

15 Min Read
InsighthubNews
InsighthubNews

Welcome to InsighthubNews, your reliable source for the latest updates and in-depth insights from around the globe. We are dedicated to bringing you up-to-the-minute news and analysis on the most pressing issues and developments shaping the world today.

  • Home
  • Celebrity
  • Environment
  • Business
  • Crypto
  • Home
  • World News
  • Politics
  • Celebrity
  • Environment
  • Business
  • Technology
  • Crypto
  • Sports
  • Gaming
  • World News
  • Politics
  • Technology
  • Sports
  • Gaming
  • About us
  • Contact Us
  • Disclaimer
  • Privacy Policy
  • Terms of Service
  • About us
  • Contact Us
  • Disclaimer
  • Privacy Policy
  • Terms of Service

© 2024 All Rights Reserved | Powered by Insighthub News

Welcome Back!

Sign in to your account

Lost your password?