| 0patch | https://0patch.com |
| ACROS Security | https://acrossecurity.com |
| https://twitter.com/mkolsek |
Patches were written for:
- Microsoft Office 2016 and 2019 click-to-run with all available updates (version 2508, build 19127.20302)
- Microsoft Office 2010 and 2013 with all available updates
Office 2016 and 2019 volume license received an official patch from Microsoft.
We'd like to thank Alberto Bruscino (https://x.com/ErPaciocco) for sharing vulnerability details and POC, which allowed us to create a patch for this issue and protect our users.
42 years after my father and I had assembled it, our first computer "Galaksija" has found a new home at @muzej, where diligent caretakers of our regional computer history will have it displayed for nostalgic and curious visitors.
Big thanks to @bsidesljubljana for allowing me to show Galaksija to conference attendees before handing it over to the museum.
Galaksija came as a DIY kit, requiring one to solder all components to the motherboard, assemble the keyboard, obtain additional chips from a small electronics shop in Austria, but most notably -- create one's own chassis. So each Galaksija is basically unique, ours having a wooden case for the computer, and a plastic box for the sound extension (attached at its back), both covered with black wallpaper.
With its 6 KB of memory, even with a built-in BASIC interpreter, I was forced to learn coding in Z80 assembly to get anything interesting done. A minor detail in retrospect, but without that, @0patch would likely not exist today as we're writing our security patches in assembler.
Thank you, dad, for bringing this machine to my life. It was a fun box with a huge impact for this 12-year-old then, as well as for thousands of @0patch users worldwide today.
It's a blog post I should have published months ago, but here we finally are.
"CVE-2025-59201 - Network Connection Status Indicator (NCSI) EoP"
Credit goes to t0zhang (on X) for the discovery.
👉 https://itm4n.github.io/cve-2025-59201-ncsi-eop/
I'd like to write more of those but it's so time-consuming. 😔
It’s been a while since I last dug into a Patch Tuesday release. With an extraordinarily high number of 177 CVEs, including 6 that were either already public or exploited in the wild, the October 2025 one seemed like a good opportunity to get back at it. The one I ended up investigating in depth was CVE-2025-59201, an elevation of privilege in the “Network Connection Status Indicator”.
0patch
Clément Labro