Microsoft Patches Actively Exploited Power Pages Privilege Escalation Vulnerability

Published by The Hacker News on in Hacking
Tags: microsoft patches power pages vulnerability bing remote code execution CVE-2025-21355 CVE-2025-24989 critical rated flaws security updates cybersecurity threats software updates privilege escalation remote code execution vulnerability elevation of privilege active exploitation wild vulnerabilities
AI Analysis

r Microsoft has released security updates to address two critical-rated flaws in Bing and Power Pages. The vulnerabilities, CVE-2025-21355 and CVE-2025-24989, have been reported to be under active exploitation in the wild. The first flaw allows foemote code execution with a CVSS score of 8.6, while the second enables elevation of privilege with a score of 8.2. Users are advised to apply the updates immediately to prevent potential exploitation. This highlights the importance of regular software updates and the need for individuals to prioritize cybersecurity measures to protect against emerging threats.

Key Points

  • The severity of the vulnerabilities: How critical are these updates and what implications do they have for users?r
  • Impact on online services: Will these updates affect how Bing and Power Pages function, or will they remain operational?r
  • User responsibility: Should individuals take proactive measures to address these vulnerabilities, or is it solely the responsibility of Microsoft?

Original Article

Microsoft has released security updates to address two Critical-rated flaws impacting Bing and Power Pages, including one that has come under active exploitation in the wild. The vulnerabilities are listed below - CVE-2025-21355 (CVSS score: 8.6) - Microsoft Bing Remote Code Execution Vulnerability CVE-2025-24989 (CVSS score: 8.2) - Microsoft Power Pages Elevation of Privilege Vulnerability "

Source: The Hacker News

Share This Article

Hashtags for Sharing

Related Articles

Comments