Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: Fortra, Microsoft, and Health-ISAC have combined forces to claw back one of hackers' most prized attack tools, with massive takedowns.
March 7th, 2025 (about 1 month ago)
|
CVE-2025-24043 |
[dotnet-sos] Microsoft Security Advisory CVE-2025-24043 | WinDbg Remote Code Execution Vulnerability
Description: Microsoft Security Advisory CVE-2025-24043 | WinDbg Remote Code Execution Vulnerability
Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerability in WinDbg. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
Improper verification of cryptographic signature in SOS allows an authorized attacker to execute code over a network resulting in Remote Code Execution.
Announcement
Announcement for this issue can be found at https://github.com/dotnet/announcements/issues/346
Mitigation factors
Microsoft has not identified any mitigating factors for this vulnerability.
Affected Packages
The vulnerability affects any Microsoft .NET Core project if it uses any of affected packages versions listed below
WinDbg WinDbg
Package name
Affected version
Patched version
dotnet-sos
< 9.0.607501
9.0.607501
dotnet-dump
< 9.0.557512
9.0.607501
dotnet-debugger-extensions
9.0.557512
9.0.607601
Advisory FAQ
How do I know if I am affected?
If you you are using the affected version listed in affected packages, you're exposed to the vulnerability.
How do I fix the issue?
To fix the issue please install the latest version of WinDbg.
If your application references the vulnerable package, update the package reference to the patched version.
Other Information
Reporting Security Issues
If you have found a potential security issue, please email details to [email protected]....
EPSS Score: 0.03%
March 7th, 2025 (about 1 month ago)
|
|
CVE-2025-24043 |
Description: Microsoft Security Advisory CVE-2025-24043 | WinDbg Remote Code Execution Vulnerability
Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerability in WinDbg. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
Improper verification of cryptographic signature in SOS allows an authorized attacker to execute code over a network resulting in Remote Code Execution.
Announcement
Announcement for this issue can be found at https://github.com/dotnet/announcements/issues/346
Mitigation factors
Microsoft has not identified any mitigating factors for this vulnerability.
Affected Packages
The vulnerability affects any Microsoft .NET Core project if it uses any of affected packages versions listed below
WinDbg WinDbg
Package name
Affected version
Patched version
dotnet-sos
< 9.0.607501
9.0.607501
dotnet-dump
< 9.0.557512
9.0.607501
dotnet-debugger-extensions
9.0.557512
9.0.607601
Advisory FAQ
How do I know if I am affected?
If you you are using the affected version listed in affected packages, you're exposed to the vulnerability.
How do I fix the issue?
To fix the issue please install the latest version of WinDbg.
If your application references the vulnerable package, update the package reference to the patched version.
Other Information
Reporting Security Issues
If you have found a potential security issue, please email details to [email protected]....
EPSS Score: 0.03%
March 7th, 2025 (about 1 month ago)
|
|
CVE-2025-24043 |
Description: Microsoft Security Advisory CVE-2025-24043 | WinDbg Remote Code Execution Vulnerability
Executive summary
Microsoft is releasing this security advisory to provide information about a vulnerability in WinDbg. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
Improper verification of cryptographic signature in SOS allows an authorized attacker to execute code over a network resulting in Remote Code Execution.
Announcement
Announcement for this issue can be found at https://github.com/dotnet/announcements/issues/346
Mitigation factors
Microsoft has not identified any mitigating factors for this vulnerability.
Affected Packages
The vulnerability affects any Microsoft .NET Core project if it uses any of affected packages versions listed below
WinDbg WinDbg
Package name
Affected version
Patched version
dotnet-sos
< 9.0.607501
9.0.607501
dotnet-dump
< 9.0.557512
9.0.607501
dotnet-debugger-extensions
9.0.557512
9.0.607601
Advisory FAQ
How do I know if I am affected?
If you you are using the affected version listed in affected packages, you're exposed to the vulnerability.
How do I fix the issue?
To fix the issue please install the latest version of WinDbg.
If your application references the vulnerable package, update the package reference to the patched version.
Other Information
Reporting Security Issues
If you have found a potential security issue, please email details to [email protected]....
EPSS Score: 0.03%
March 7th, 2025 (about 1 month ago)
|
|
|
Description: Microsoft has disclosed details of a large-scale malvertising campaign that's estimated to have impacted over one million devices globally as part of what it said is an opportunistic attack designed to steal sensitive information.
The tech giant, which detected the activity in early December 2024, is tracking it under the broader umbrella Storm-0408, a moniker used for a set of threat actors
March 7th, 2025 (about 1 month ago)
|
|
|
Description: Microsoft has uncovered a large-scale malvertising campaign that compromised nearly one million devices worldwide, distributing information-stealing malware via GitHub. The attack, detected in early December 2024, originated from illegal streaming websites that redirected users through multiple malicious domains before delivering payloads hosted on GitHub, Dropbox, and Discord. Microsoft Threat Intelligence began tracking this campaign in …
The post Microsoft Says GitHub-Boosted Malware Campaign Infected 1 Million Devices appeared first on CyberInsider.
March 7th, 2025 (about 1 month ago)
|
|
|
Description: Microsoft says a North Korean hacking group tracked as Moonstone Sleet has deployed Qilin ransomware payloads in a limited number of attacks. [...]
March 7th, 2025 (about 1 month ago)
|
|
CVE-2024-57972 |
Description: A vulnerability in the pairing request method in Microsoft HoloLens 1 and 2 - Windows Holographic 10.0.17763.3046 through 10.0.22621.1244 allows remote attackers to cause a Denial of Service via the Device Portal framework.
EPSS Score: 2.28%
March 6th, 2025 (about 1 month ago)
|
|
|
Description: Microsoft has taken down an undisclosed number of GitHub repositories used in a massive malvertising campaign that impacted almost one million devices worldwide. [...]
March 6th, 2025 (about 1 month ago)
|
|
|
Description: Starting mid-March 2025, Microsoft will start prompting users of its Microsoft 365 apps for Windows to back up their files to OneDrive. [...]
March 6th, 2025 (about 1 month ago)
|