{"id":214063,"date":"2025-05-15T01:15:36","date_gmt":"2025-05-15T06:15:36","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2025\/05\/microsoft-fixes-78-flaws-5-zero-days-exploited-cvss-10-bug-impacts-azure-devops-server"},"modified":"2025-05-15T01:15:36","modified_gmt":"2025-05-15T06:15:36","slug":"microsoft-fixes-78-flaws-5-zero-days-exploited-cvss-10-bug-impacts-azure-devops-server","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2025\/05\/microsoft-fixes-78-flaws-5-zero-days-exploited-cvss-10-bug-impacts-azure-devops-server","title":{"rendered":"Microsoft Fixes 78 Flaws, 5 Zero-Days Exploited; CVSS 10 Bug Impacts Azure DevOps Server"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/microsoft-fixes-78-flaws-5-zero-days-exploited-cvss-10-bug-impacts-azure-devops-server2.jpg\"><\/a><\/p>\n<p>\u201cAttackers can exploit the flaw via a malicious web page or script that causes the scripting engine to misinterpret object types, resulting in memory corruption and arbitrary code execution in the context of the current user. If the user has administrative privileges, attackers could gain full system control \u2013 enabling data theft, malware installation, and lateral movement across networks.\u201d<\/p>\n<p>CVE-2025\u201330400 is the third privilege escalation flaw in DWM Core Library to be weaponized in the wild since 2023. In May 2024, Microsoft issued patches for CVE-2024\u201330051, which Kaspersky <a href=\"https:\/\/thehackernews.com\/2024\/05\/microsoft-patches-61-flaws-including.html\" rel=\"noopener\" target=\"_blank\">said<\/a> was used in attacks distributing QakBot (aka Qwaking Mantis) malware.<\/p>\n<p>\u201cSince 2022, Patch Tuesday has addressed 26 elevation of privilege vulnerabilities in DWM,\u201d Satnam Narang, senior staff research engineer at Tenable, said in a statement shared with The Hacker News.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u201cAttackers can exploit the flaw via a malicious web page or script that causes the scripting engine to misinterpret object types, resulting in memory corruption and arbitrary code execution in the context of the current user. If the user has administrative privileges, attackers could gain full system control \u2013 enabling data theft, malware installation, and [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34],"tags":[],"class_list":["post-214063","post","type-post","status-publish","format-standard","hentry","category-cybercrime-malcode"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/214063","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=214063"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/214063\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=214063"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=214063"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=214063"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}