Description of the security update for Office Online Server: January 13, 2026 (KB5002824)

Description of the security update for Office Online Server: January 13, 2026 KB5002824 Summary This security update resolves Microsoft Excel Remote Code Execution vulnerability. To learn more about the vulnerability, see the following security advisories: Microsoft Common Vulnerabilities and...

OnePlus OxygenOS 安全漏洞

OnePlus OxygenOS is a smartphone operating system from Chinese company OnePlus. A security vulnerability exists in OnePlus OxygenOS, which stems from a lack of write access to multiple content providers and SQL injection in the update method of these providers, which could lead to the disclosure ...

Description of the security update for PowerPoint 2016: September 09, 2025 (KB5002779)

Description of the security update for PowerPoint 2016: September 09, 2025 KB5002779 Summary This security update resolves a Microsoft PowerPoint remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2025-54908.​​​​​​​...

Description of the security update for Word 2016: June 10, 2025 (KB5002710)

Description of the security update for Word 2016: June 10, 2025 KB5002710 Summary This security update resolves a Microsoft Word remote code execution vulnerability. To learn more about the vulnerability, see the following security advisories: Microsoft Common Vulnerabilities and Exposures...

Description of the security update for Excel 2016: June 10, 2025 (KB5002735)

Description of the security update for Excel 2016: June 10, 2025 KB5002735 Summary This security update resolves a Microsoft Excel remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2025-47165. Note: To apply this...

Description of the security update for Office 2016: April 8, 2025 (KB5002573)

Description of the security update for Office 2016: April 8, 2025 KB5002573 Summary This security update resolves a Microsoft Word security feature bypass vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2025-29816. Note: To apply this...

CVE-2025-27512 Zincati allows unprivileged access to rpm-ostree D-Bus `Deploy()` and `FinalizeDeployment()` methods

Zincati is an auto-update agent for Fedora CoreOS hosts. Zincati ships a polkit rule which allows the zincati system user to use the actions org.projectatomic.rpmostree1.deploy to deploy updates to the system and org.projectatomic.rpmostree1.finalize-deployment to reboot the system into the...

Alternate Method to Reverse Image Provisioning Services vDisks (XenServer Direct VHD Boot)

This article describes an alternate method to Reverse Image Provisioning Services vDisks XenServer Direct VHD Boot. Note : Reverse imaging a Provisioning Services PVS vDisk is not the only way to get a vDisk back to your hypervisor for updates. This article explains the versatility associated wit...

ROS-2-2153

2.2153 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: Vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia : 2...

KB5014164 - Description of the security update for SQL Server 2014 SP3 CU4: June 14, 2022

KB5014164 - Description of the security update for SQL Server 2014 SP3 CU4: June 14, 2022 Summary How to obtain and install the update More information File information Information about protection and security Summary An authenticated attacker could affect SQL Server memory when executing a...

[WP-H3] Centralization Risk: Funds can be frozen when critical key holders lose access to their keys

Lines of code Vulnerability details The current implementation requires trusted key holders DEFAULTADMINROLE of BribeVault to send transactions transferBribes to move funds from BribeVault to RewardDistributor before the users can get rewards from the contract. This introduces a high centralizati...

ROS-2-2192

2.2192 VLC vulnerabilities with specially designed playlists 1. Vulnerability description: A remote user can create a specially crafted file that can cause various issues. It is possible to trigger remote code execution through a specially created playlist and trick the user into interacting with...

ROS-2-2093

2.2093 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

KB5005112: Servicing stack update for Windows 10, version 1809: August 10, 2021

KB5005112: Servicing stack update for Windows 10, version 1809: August 10, 2021 Important: Windows 10, version 1809 reached end of service on May 11, 2021 for devices running the Enterprise, Education, and IoT Enterprise editions. After May 11, 2021, these devices will no longer be offered...

Description of the security update for Office 2016: September 8, 2020

Description of the security update for Office 2016: September 8, 2020 Summary This security update resolves a remote code execution vulnerability that exists in Microsoft Excel if the software does not correctly handle objects in memory. To learn more about the vulnerability, see Microsoft Common...

Servicing stack update for Windows 10: June 9, 2020

Servicing stack update for Windows 10: June 9, 2020 Applies to Windows 10 for 32-bit Systems Windows 10 for x64-based Systems SummaryThis update makes quality improvements to the servicing stack, which is the component that installs Windows updates. Servicing stack updates SSU makes sure that you...

MS16-107: Description of the security update for Word Automation Services on SharePoint Server 2013: September 13, 2016

MS16-107: Description of the security update for Word Automation Services on SharePoint Server 2013: September 13, 2016 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more...

October 2016 Preview of Monthly Quality Rollup for Windows Server 2012

October 2016 Preview of Monthly Quality Rollup for Windows Server 2012 The October 2016 Preview of Monthly Quality Rollup includes improvements and fixes for the Windows Server 2012 platform. We recommend that you apply this quality rollup as part of your regular maintenance routines. Improvement...

Servicing stack update for Windows 10, version 1903 and 1909: March 10, 2020

Servicing stack update for Windows 10, version 1903 and 1909: March 10, 2020 Summary This update makes quality improvements to the servicing stack, which is the component that installs Windows updates. Servicing stack updates SSU makes sure that you have a robust and reliable servicing stack so...

End of support for Office 2010

End of support for Office 2010 Support for Office 2010 ended on October 13, 2020 and there will be no extension and no extended security updates.Buy or try Microsoft 365 Tip: Not sure what version of Office you have? See Find details for other versions of Office to help you determine what version...