Microsoft – Page 3 – TheCyberThrone

CISA adds CVE-2025-53770 SharePoint Vulnerability to KEV

Summary A critical remote code execution (RCE) vulnerability has been discovered in Microsoft SharePoint Server (on-premises versions only). The vulnerability, tracked as CVE-2025-53770, allows unauthenticated attackers to execute arbitrary commands…

PravinKarthik July 21, 2025

Microsoft Patch Tuesday June 2025

Microsoft has rolled out its June 2025 Patch Tuesday updates, addressing 66 vulnerabilities across Windows, Office, and other key Microsoft products. This month’s security release includes 10 critical vulnerabilities, with…

PravinKarthik June 11, 2025

CISA Adds Microsoft and SAP NetWeaver Zero-Day to KEV Catalog

The Cybersecurity and Infrastructure Security Agency (CISA) has recently expanded its Known Exploited Vulnerabilities (KEV) Catalog, adding multiple Microsoft Patch Tuesday vulnerabilities and a critical zero-day flaw in SAP NetWeaver.…

PravinKarthik May 16, 2025

Microsoft Patch Tuesday May 2025

Microsoft has released its May 2025 Patch Tuesday updates, addressing 78 security vulnerabilities, including five actively exploited zero-day flaws. These updates cover Windows, Microsoft Office, Azure, Visual Studio, and other…

PravinKarthik May 14, 2025

CVE-2025-24054 Critical NTLM Hash Flaw

CVE-2025-24054 is a high-severity NTLM authentication vulnerability that allows attackers to leak NTLMv2-SSP (Security Support Provider) hashes through spoofing techniques. The exploitation relies on maliciously crafted .library-ms files, which can…

PravinKarthik April 17, 2025

CISA KEV Catalog Update Part II – April 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has recently updated its Known Exploited Vulnerabilities (KEV) Catalog, adding several critical vulnerabilities that are actively being exploited in cyberattacks across various industries.…

PravinKarthik April 9, 2025

CVE-2025-21377 NTLM Flaw Detailed out

CVE-2025-21377 is a security vulnerability in Microsoft Windows that stems from weaknesses in the implementation of the NTLM (NT LAN Manager) authentication protocol. This vulnerability exposes critical weaknesses in the…

PravinKarthik March 26, 2025

CVE-2025-24071 POC Exploit released for Microsoft Flaw

The CVE-2025-24071 vulnerability is a high security flaw identified in Windows File Explorer that allows attackers to steal NTLM hashed credentials from target systems without any user interaction. This vulnerability…

PravinKarthik March 21, 2025