Microsoft has released security updates fixing 78 vulnerabilities across its products, including five actively exploited zero-day flaws. These updates address critical threats such as remote code execution and privilege escalation, enhancing overall cybersecurity resilience.
Affected: Microsoft Windows, Microsoft Edge, Microsoft Defender for Endpoint, Microsoft Azure DevOps.
Affected: Microsoft Windows, Microsoft Edge, Microsoft Defender for Endpoint, Microsoft Azure DevOps.
Keypoints
- Microsoft has patched 78 security flaws, including five zero-day vulnerabilities actively exploited in the wild.
- Among the vulnerabilities, 11 are rated Critical, and many involve remote code execution and privilege escalation.
- Notable exploits include flaws in the Scripting Engine, Windows DWM, CLFS driver, and WinSock driver.
- The vulnerabilities have been exploited in real-world attacks, prompting urgent security updates and CISA advisories.
- Additional patches address issues in Microsoft Defender for Endpoint, Azure DevOps, and require prompt application by organizations.
Read More: https://thehackernews.com/2025/05/microsoft-fixes-78-flaws-5-zero-days.html