Assessing the risk of the February security updates
Assessing the risk of the February security updates
Today we released twelve security bulletins. Three have a maximum severity rating of Critical and nine have a maximum severity rating of Important. This release addresses three publicly disclosed vulnerabilities. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment. Bulletin Most likely attack vector Max Bulletin Severity Max Exploit-ability Likely first 30 days impact Platform mitigations and key notes MS11-003(IE) Victim browses to a malicious webpage.Son Yazılar
- CVE-2025-0612 | Google Chrome up to 132.0.6834.83 V8 out-of-bounds
- CVE-2025-0611 | Google Chrome up to 132.0.6834.83 V8 heap-based overflow
- CVE-2024-9310 | TCAS Collision Avoidance Systems 7.1 reliance on untrusted inputs in a security decision (icsa-25-021-01)
- CVE-2025-0651 | Cloudflare WARP up to 2023.3.381.0 on Windows WARP Service privileges management
- CVE-2025-23047 | Cilium up to 1.14.17/1.15.11/1.16.4 header information disclosure (GHSA-h78m-j95m-5356)
- CVE-2024-55957 | Thermo Fisher Scientific Xcalibur up to 3.1 SP9/4.7 on Windows Driver Packages access control
- CVE-2025-24398 | Bitbucket Server Integration Plugin up to 4.1.3 on Jenkins cross-site request forgery
- CVE-2025-24403 | Azure Service Fabric Plugin up to 1.6 on Jenkins permission
- CVE-2025-24397 | GitLab Plugin up to 1.9.6 on Jenkins permission
- CVE-2025-24399 | OpenId Connect Authentication Plugin up to 4.438.440.v3f5f201de5dc on Jenkins improper authentication