Read Time:5 Second
Patch Tuesday saw Microsoft fix eight zero-days, three of which are being actively exploited
Daily Archives: January 15, 2025
ZDI-25-028: Microsoft Office Word RTF File Parsing Memory Corruption Remote Code Execution Vulnerability
Read Time:17 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2025-21298.
ZDI-25-029: Microsoft Windows Installer Service Link Following Local Privilege Escalation Vulnerability
Read Time:16 Second
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2025-21331.
ZDI-25-030: Microsoft Office Word DOCX File Parsing Uninitialized Pointer Remote Code Execution Vulnerability
Read Time:17 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2025-21363.
git-lfs-3.6.1-1.fc41
Read Time:7 Second
FEDORA-2025-1de066b8af
Packages in this update:
git-lfs-3.6.1-1.fc41
Update description:
Update to latest version
Fix CVE-2024-53263
git-lfs-3.6.1-1.fc40
Read Time:7 Second
FEDORA-2025-50deb0acd5
Packages in this update:
git-lfs-3.6.1-1.fc40
Update description:
Update to latest version
Fix CVE-2024-53263