Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-24983 |
Description: Microsoft Windows Win32 Kernel Subsystem contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally.
CVSS: HIGH (7.0) EPSS Score: 1.91%
March 11th, 2025 (about 1 month ago)
|
|
CVE-2025-24984 |
Description: Microsoft Windows New Technology File System (NTFS) contains an insertion of sensitive Information into log file vulnerability that allows an authorized attacker to disclose information locally. An attacker who successfully exploited this vulnerability could potentially read portions of heap memory.
CVSS: MEDIUM (4.6) EPSS Score: 19.24%
March 11th, 2025 (about 1 month ago)
|
|
CVE-2025-24985 |
Description: Microsoft Windows Fast FAT File System Driver contains an integer overflow or wraparound vulnerability that allows an unauthorized attacker to execute code with a physical attack.
CVSS: HIGH (7.8) EPSS Score: 9.81%
March 11th, 2025 (about 1 month ago)
|
|
CVE-2025-24991 |
Description: Microsoft Windows New Technology File System (NTFS) contains an out-of-bounds read vulnerability that could allow for information disclosure.
CVSS: MEDIUM (5.5) EPSS Score: 2.97%
March 11th, 2025 (about 1 month ago)
|
|
CVE-2025-24993 |
Description: Microsoft Windows New Technology File System (NTFS) contains a heap-based buffer overflow vulnerability that could allow an authorized attacker to execute code locally.
CVSS: HIGH (7.8) EPSS Score: 4.05%
March 11th, 2025 (about 1 month ago)
|
|
Description: Microsoft announced that it will drop support for the Remote Desktop app (available via the Microsoft Store) on May 27 and replace it with its new Windows App. [...]
March 11th, 2025 (about 1 month ago)
|
|
Description: Microsoft has published guidance for users of Microsoft Publisher as it will no longer be supported after October 2026 and removed from Microsoft 365. [...]
March 10th, 2025 (about 1 month ago)
|
|
Description: Written by: Dhanesh Kizhakkinan, Nino Isakovic
Executive Summary
This blog post presents an in-depth exploration of Microsoft's Time Travel Debugging (TTD) framework, a powerful record-and-replay debugging framework for Windows user-mode applications. TTD relies heavily on accurate CPU instruction emulation to faithfully replay program executions. However, subtle inaccuracies within this emulation process can lead to significant security and reliability issues, potentially masking vulnerabilities or misleading critical investigations—particularly incident response and malware analysis—potentially causing analysts to overlook threats or draw incorrect conclusions. Furthermore, attackers can exploit these inaccuracies to intentionally evade detection or disrupt forensic analyses, severely compromising investigative outcomes.Â
The blog post examines specific challenges, provides historical context, and analyzes real-world emulation bugs, highlighting the critical importance of accuracy and ongoing improvement to ensure the effectiveness and reliability of investigative tooling. Ultimately, addressing these emulation issues directly benefits users by enhancing security analyses, improving reliability, and ensuring greater confidence in their debugging and investigative processes.
Overview
We begin with an introduction to TTD, detailing its use of a sophisticated CPU emulation layer powered by the Nirvana runtime engine. Nirvana translates guest instructions into host-level mi...
March 10th, 2025 (about 1 month ago)
|
|
|
Description: Microsoft has removed a compatibility hold that prevented some AutoCAD users from installing the Windows 11 2024 Update due to launch and crash issues. [...]
March 10th, 2025 (about 1 month ago)
|
|
|
March 10th, 2025 (about 1 month ago)
|