"CVE-2025-60710, a link-following vulnerability in Windows that allows privilege escalation, was fully fixed a month after its disclosure in November 2025."
"CVE-2023-21529, a deserialization of untrusted data issue in Microsoft Exchange Server, allows an authenticated attacker to achieve remote code execution."
"CVE-2012-1854, an insecure library loading vulnerability in Microsoft Visual Basic for Applications, allows remote code execution and was first exploited almost 14 years ago."
"Microsoft's threat hunters warned that the Storm-1175 crime crew is exploiting the Exchange bug, plus 15 others, to gain initial access to organizations."
CISA has identified four Microsoft vulnerabilities currently being exploited, including CVE-2012-1854, which was first patched in 2012. CVE-2025-60710 and CVE-2023-36424 allow privilege escalation, while CVE-2023-21529 enables remote code execution. The latter has been linked to the Storm-1175 crime group, which uses it alongside other vulnerabilities for data theft and ransomware deployment. CISA has classified the ransomware use for all four vulnerabilities as 'unknown,' despite indications of exploitation for CVE-2023-21529.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]