October 14, 2025—KB5066780 (OS Build 25398.1913)

October 14, 2025—KB5066780 OS Build 25398.1913 Windows Secure Boot certificate expirationImportant: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. Microsoft has been updating these certificates on consumer and non-managed business devices for the pa...

[SECURITY] Fedora 42 Update: fcitx5-chewing-5.1.9-1.fc42

fcitx5-chewing is a Chewing Wrapper for Fcitx. Chewing is a set of free intelligent Chinese Phonetic IME...

EUVD-2017-17516

Malware in sbrugna...

EUVD-2013-3791

Malware in sbrugna...

EUVD-2020-2200

Malware in sbrugna...

EUVD-2017-11404

Malware in sbrugna...

EUVD-2011-2004

Malware in sbrugna...

EUVD-2016-8080

Malware in sbrugna...

EUVD-2017-17540

Malware in sbrugna...

CVE-2025-26450

In onInputEvent of IInputMethodSessionWrapper.java, there is a possible way for an untrusted app to inject key and motion events to the default IME due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction ...

CVE-2025-26450

In onInputEvent of IInputMethodSessionWrapper.java, there is a possible way for an untrusted app to inject key and motion events to the default IME due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction ...

CVE-2025-26450

CVE-2025-26450 affects Android-related code in onInputEvent of IInputMethodSessionWrapper.java. The issue allows an untrusted app to inject key and motion events to the default IME due to a missing permission check, enabling local privilege escalation with no additional privileges required. User ...

CVE-2025-26450

In onInputEvent of IInputMethodSessionWrapper.java, there is a possible way for an untrusted app to inject key and motion events to the default IME due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction ...

CVE-2025-49687 Windows Input Method Editor (IME) Elevation of Privilege Vulnerability

...

CVE-2025-47972 Windows Input Method Editor (IME) Elevation of Privilege Vulnerability

...

ASB-A-331730488

In onInputEvent of IInputMethodSessionWrapper.java, there is a possible way for an untrusted app to inject key and motion events to the default IME due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction ...

CVE-2020-0707

An elevation of privilege vulnerability exists when the Windows IME improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows IME Elevation of Privilege Vulnerability'...

February 25, 2025—KB5052077 (OS Build 19045.5555) Preview

February 25, 2025—KB5052077 OS Build 19045.5555 Preview Support for Windows 10 has ended on October 14, 2025 After October 14, 2025, Microsoft will no longer provide free software updates from Windows Update, technical assistance, or security fixes for Windows 10. Your PC will still work, but we...

CVE-2024-49079

Input Method Editor IME Remote Code Execution Vulnerability...

Patch Tuesday - October 2024

Microsoft is addressing 118 vulnerabilities this October 2024 Patch Tuesday. Microsoft has evidence of in-the-wild exploitation and/or public disclosure for five of the vulnerabilities published today, although it does not rate any of these as critical yet. Of those five, Microsoft lists two as...