Redmond, February 20, 2025 –Microsoft patched a critical RCE flaw in Bing, which was actively exploited. Attackers could have remotely executed malicious code.
Microsoft has rushed to patch a critical remote code execution (RCE) flaw in Bing, identified as CVE-2025-21355, which was actively exploited by attackers before the fix. This vulnerability, rated 8.6 on the CVSS scale, allowed unauthorized hackers to execute malicious code remotely, raising major concerns about user data security and potential system takeovers.
Microsoft confirmed that threat actors had already weaponized the flaw, though details on the extent of the attacks or affected users remain undisclosed. Security analysts warn that this kind of zero-day exploit could have enabled cybercriminals to manipulate Bing search results, inject malicious payloads, or launch widespread phishing campaigns.
Cybersecurity expert Nathaniel Morales said:
Exploiting a flaw in a major search engine like Bing is a hacker’s dream. Attackers could use it to push misinformation, steal data, or even execute large-scale cyberattacks.
Alongside the Bing exploit, Microsoft also patched CVE-2025-24989, a privilege escalation vulnerability in Power Pages, its low-code website-building platform. Attackers had been bypassing registration controls to gain unauthorized access, putting businesses using Power Pages at risk.
FBI cyber analyst Mike Herrington warned:
This attack highlights how even trusted platforms can become security liabilities.
Microsoft claims the Bing vulnerability has been fully mitigated, and affected users have been notified. However, security experts urge businesses and individuals to stay vigilant, update systems immediately, and monitor for suspicious activity.
If hackers can exploit Bing to inject malicious code, your online activity is at risk. Protect your data and privacy from unseen threats with ExpressVPN.
Other News At VPNRanks
Hey, wait!
Stay informed on the latest privacy updates, cybersecurity insights, and internet freedom news by following VPNRanks news daily! As your primary resource for critical updates in online security, we ensure you’re always in the know. Make VPNRanks your go-to guide for safeguarding your digital life.
