Windows Installer Information Disclosure Vulnerability

May 13, 2025 invoker category_news

Security Update News

Update Information

Title Windows Installer Information Disclosure Vulnerability
Update ID MS:CVE-2025-29837
Type mscve
Published 2025-05-13T07:00:00
Last Updated 2025-05-13T07:00:00

Security Impact

CVSS Score 5.5
Severity MEDIUM
Attack Vector LOCAL

Affected CVEs

  • CVE-2025-29837

Update Details

Improper link resolution before file access (‘link following’) in Windows Installer allows an authorized attacker to disclose information locally.

View Advisory Details

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.