heise PlusAbo
Anzeige

Microsoft: Attacks on Power Pages, Bing secured

Attackers targeted websites created with Power Pages. Malicious code could have slipped through the Bing vulnerability.

listen Print view
Symbolic image of a cyberattack with the words "Attack Successful" on a console

(Image: Gorodenkoff/Shutterstock.com)

1 min. read
Security
By

There were attacks on websites created with Microsoft's software-as-a-service platform Power Pages. Bing search was also vulnerable.

Automatically patched

In both cases, admins do not need to install security updates, as Microsoft claims to have secured the two online services themselves.

In a warning message about Power Pages, they write that attackers were able to bypass authentication and thus gain unauthorized access to websites (CVE-2025-24989 “high”). This is now no longer possible. Microsoft states that it has contacted customers affected by attacks with instructions on what to do. The extent of the attacks is currently unknown.

Videos by heise

Attackers could have executed malicious code via Bing due to a lack of authentication in the context of an unspecified critical function via network access(CVE-2025-21355 “high”). There are no indications of attacks at this point.

(des)

Don't miss any news – follow us on Facebook, LinkedIn or Mastodon.

This article was originally published in German. It was translated with technical assistance and editorially reviewed before publication.

Beliebte Bestenlisten

Alle Angebote
Newsletter heise-Bot heise-Bot Push Nachrichten Push Push-Nachrichten