Microsoft Plugs Security Leaks: Power Pages Flaw Squashed!

Microsoft patched a privilege escalation flaw in Power Pages, actively targeted by hackers. The vulnerability, CVE-2025-24989, allowed unauthorized access to elevate privileges. Affected users received cleanup guidance, while others can breathe easy—at least until the next exploit.

3P
Published: February 20, 2025 12:04 pmAdded: February 20, 2025 at 4:25 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Looks like Microsoft’s Power Pages had a bit too much power in the hands of sneaky hackers. While Bing was busy searching for vulnerabilities, Power Pages decided to open the gates for unauthorized visitors. But fear not, Microsoft has swooped in like a superhero, patching things up before more villains could exploit these digital loopholes. Talk about a Power Play!

Key Points:

  • Microsoft patched two critical vulnerabilities: CVE-2025-21355 and CVE-2025-24989.
  • CVE-2025-21355 affects Microsoft Bing and was reported by Nicolas Joly.
  • CVE-2025-24989 involves Power Pages and allows privilege escalation.
  • Raj Kumar from Microsoft reported the Power Pages flaw.
  • The Power Pages vulnerability is currently being exploited in the wild.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?