Solutions for:
Home Products
Small Business
Medium Business
Enterprise
Vulnerabilities Threats
Home Vulnerabilities

Multiple vulnerabilities in Microsoft Products (ESU)

Kaspersky ID:
KLA78972
Detect Date:
01/14/2025
Updated:
01/17/2025

Description

Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, obtain sensitive information, gain privileges, cause denial of service, spoof user interface.

Below is a complete list of vulnerabilities:

  1. A remote code execution vulnerability in Windows Telephony Service can be exploited remotely to execute arbitrary code.
  2. A security feature bypass vulnerability in MapUrlToZone can be exploited remotely to bypass security restrictions.
  3. An information disclosure vulnerability in Microsoft Message Queuing can be exploited remotely to obtain sensitive information.
  4. An elevation of privilege vulnerability in Active Directory Domain Services can be exploited remotely to gain privileges.
  5. An elevation of privilege vulnerability in Windows Digital Media can be exploited remotely to gain privileges.
  6. An information disclosure vulnerability in Windows BitLocker can be exploited remotely to obtain sensitive information.
  7. A security feature bypass vulnerability in Windows HTML Platforms can be exploited remotely to bypass security restrictions.
  8. An information disclosure vulnerability in Windows Smart Card Reader can be exploited remotely to obtain sensitive information.
  9. An information disclosure vulnerability in Windows Kerberos can be exploited remotely to obtain sensitive information.
  10. A denial of service vulnerability in Microsoft Message Queuing (MSMQ) can be exploited remotely to cause denial of service.
  11. An information disclosure vulnerability in Windows COM Server can be exploited remotely to obtain sensitive information.
  12. An information disclosure vulnerability in Windows Kernel Memory can be exploited remotely to obtain sensitive information.
  13. A denial of service vulnerability in Windows upnphost.dll can be exploited remotely to cause denial of service.
  14. A remote code execution vulnerability in Windows Remote Desktop Services can be exploited remotely to execute arbitrary code.
  15. A spoofing vulnerability in Windows NTLM can be exploited remotely to spoof user interface.
  16. An information disclosure vulnerability in Windows Cryptographic can be exploited remotely to obtain sensitive information.
  17. A denial of service vulnerability in Windows Remote Desktop Gateway (RD Gateway) can be exploited remotely to cause denial of service.
  18. A denial of service vulnerability in Windows Kerberos can be exploited remotely to cause denial of service.
  19. A spoofing vulnerability in Windows Themes can be exploited remotely to spoof user interface.
  20. A remote code execution vulnerability in Windows OLE can be exploited remotely to execute arbitrary code.
  21. A denial of service vulnerability in Windows MapUrlToZone can be exploited remotely to cause denial of service.
  22. A security feature bypass vulnerability in Secure Boot can be exploited remotely to bypass security restrictions.
  23. A remote code execution vulnerability in Microsoft Digest Authentication can be exploited remotely to execute arbitrary code.
  24. A denial of service vulnerability in Windows Event Tracing can be exploited remotely to cause denial of service.
  25. An elevation of privilege vulnerability in Windows Installer can be exploited remotely to gain privileges.
  26. An information disclosure vulnerability in Windows CSC Service can be exploited remotely to obtain sensitive information.
  27. A remote code execution vulnerability in BranchCache can be exploited remotely to execute arbitrary code.
  28. A remote code execution vulnerability in SPNEGO Extended Negotiation (NEGOEX) Security Mechanism can be exploited remotely to execute arbitrary code.
  29. An elevation of privilege vulnerability in Microsoft COM for Windows can be exploited remotely to gain privileges.
  30. Security vulnerability in composition area can be exploited to bypass security restrictions.
  31. A remote code execution vulnerability in GDI+ can be exploited remotely to execute arbitrary code.
  32. A remote code execution vulnerability in Windows Reliable Multicast Transport Driver (RMCAST) can be exploited remotely to execute arbitrary code.
  33. A denial of service vulnerability in IP Helper can be exploited remotely to cause denial of service.
  34. An elevation of privilege vulnerability in Windows CSC Service can be exploited remotely to gain privileges.
  35. A security feature bypass vulnerability in Secure Boot can be exploited remotely to obtain sensitive information.

Original advisories

Exploitation

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

CVE list

  • CVE-2025-21240
    critical
  • CVE-2025-21329
    warning
  • CVE-2025-21220
    critical
  • CVE-2025-21293
    critical
  • CVE-2025-21244
    critical
  • CVE-2025-21327
    high
  • CVE-2025-21302
    critical
  • CVE-2025-21214
    warning
  • CVE-2025-21328
    warning
  • CVE-2025-21260
    high
  • CVE-2025-21303
    critical
  • CVE-2025-21269
    warning
  • CVE-2025-21312
    warning
  • CVE-2025-21242
    high
  • CVE-2025-21282
    critical
  • CVE-2025-21251
    critical
  • CVE-2025-21306
    critical
  • CVE-2025-21255
    high
  • CVE-2025-21272
    high
  • CVE-2025-21341
    high
  • CVE-2025-21316
    high
  • CVE-2025-21245
    critical
  • CVE-2025-21263
    high
  • CVE-2025-21252
    critical
  • CVE-2025-21249
    high
  • CVE-2025-21320
    high
  • CVE-2025-21409
    critical
  • CVE-2025-21300
    critical
  • CVE-2025-21273
    critical
  • CVE-2025-21229
    high
  • CVE-2025-21210
    warning
  • CVE-2025-21309
    critical
  • CVE-2025-21217
    high
  • CVE-2025-21321
    high
  • CVE-2025-21318
    high
  • CVE-2025-21226
    high
  • CVE-2025-21413
    critical
  • CVE-2025-21336
    high
  • CVE-2025-21278
    high
  • CVE-2025-21238
    critical
  • CVE-2025-21218
    critical
  • CVE-2025-21310
    high
  • CVE-2025-21223
    critical
  • CVE-2025-21324
    high
  • CVE-2025-21232
    high
  • CVE-2025-21230
    critical
  • CVE-2025-21389
    critical
  • CVE-2025-21308
    high
  • CVE-2025-21298
    critical
  • CVE-2025-21266
    critical
  • CVE-2025-21276
    critical
  • CVE-2025-21213
    warning
  • CVE-2025-21294
    critical
  • CVE-2025-21274
    high
  • CVE-2025-21331
    high
  • CVE-2025-21261
    high
  • CVE-2025-21319
    high
  • CVE-2025-21417
    critical
  • CVE-2025-21374
    high
  • CVE-2025-21265
    high
  • CVE-2025-21285
    critical
  • CVE-2025-21227
    high
  • CVE-2025-21233
    critical
  • CVE-2025-21270
    critical
  • CVE-2025-21296
    critical
  • CVE-2025-21295
    critical
  • CVE-2025-21281
    critical
  • CVE-2025-21297
    critical
  • CVE-2025-21243
    critical
  • CVE-2025-21339
    critical
  • CVE-2025-21290
    critical
  • CVE-2025-21268
    warning
  • CVE-2024-7344
    warning
  • CVE-2025-21258
    high
  • CVE-2025-21289
    critical
  • CVE-2025-21411
    critical
  • CVE-2025-21211
    high
  • CVE-2025-21189
    warning
  • CVE-2025-21237
    critical
  • CVE-2025-21277
    critical
  • CVE-2025-21288
    high
  • CVE-2025-21338
    critical
  • CVE-2025-21307
    critical
  • CVE-2025-21287
    critical
  • CVE-2025-21286
    critical
  • CVE-2025-21256
    high
  • CVE-2025-21332
    warning
  • CVE-2025-21246
    critical
  • CVE-2025-21228
    high
  • CVE-2025-21231
    critical
  • CVE-2025-21250
    critical
  • CVE-2025-21378
    critical
  • CVE-2025-21236
    critical
  • CVE-2025-21215
    warning
  • CVE-2025-21305
    critical

KB list

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com

Found an inaccuracy in the description of this vulnerability? Let us know!
Kaspersky Next
Let’s go Next: redefine your business’s cybersecurity
Learn more
New Kaspersky!
Your digital life deserves complete protection!
Learn more
Related articles
17 January 2025
Securelist
Mercedes-Benz Head Unit security research report
06 January 2025
Securelist
EAGERBEE, with updated and novel components, targets the Middle East
27 December 2024
Securelist
Threat landscape for industrial automation systems in Q3 2024
23 December 2024
Securelist
Cloud Atlas seen using a new tool in its attacks
20 December 2024
Securelist
BellaCPP: Discovering a new BellaCiao variant written in C++
19 December 2024
Securelist
Attackers exploiting a patched FortiClient EMS vulnerability in the wild
Found an inaccuracy in the description of this vulnerability?
If you found a new Threat or Vulnerability, please, let us know by email:
newvirus@kaspersky.com
Found a new Threat or Vulnerability?
If you found a new Threat or Vulnerability, please, let us know by email:
newvirus@kaspersky.com
Solutions for
Home Products
Small Business
Medium Business
Enterprise
Select language
Sorting
Kaspersky ID
Vulnerability
Detect date
Severity
Confirm changes?
Your message has been sent successfully.