There may be one fascinating already exploited vulnerability, he mentioned: CVE-2025-30397. This vulnerability (detailed above by Walters) is simply exploitable if Microsoft Edge is working in “Web Explorer” mode. By default, Edge just isn’t working in Web Explorer mode, however there could also be instances, particularly on workstations utilized by system directors and builders, the place it’s acceptable to allow this mode, Ullrich mentioned. Configuration administration ought to be used to stop this from taking place except it’s particularly required for a selected use case, he mentioned.
“Fortunately,” Ullrich added, “the vulnerability that, in my view, has probably the most ‘potential’ for attackers, CVE-2025-29831, is simply exploitable whereas the RDP service is restarted. Except the attacker is ready to set off a restart, this vulnerability will probably not be exploitable. But it surely but once more highlights the significance of RDP servers.”
SAP, Zoom patches
Individually, SAP launched 18 Safety Notes starting from crucial authorization points to distant code execution, info disclosure, and cross-site scripting.
