Solutions for:
Home Products
Small Business
Medium Business
Enterprise
Vulnerabilities Threats
Home Vulnerabilities

Multiple vulnerabilities in Microsoft Windows

Kaspersky ID:
KLA80105
Detect Date:
02/11/2025
Updated:
03/25/2025

Description

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, cause denial of service, bypass security restrictions, spoof user interface.

Below is a complete list of vulnerabilities:

  1. An elevation of privilege vulnerability can be exploited remotely to gain privileges.
  2. A remote code execution vulnerability in Windows Telephony Service can be exploited remotely to execute arbitrary code.
  3. An elevation of privilege vulnerability in Windows Resilient File System (ReFS) Deduplication Service can be exploited remotely to gain privileges.
  4. A remote code execution vulnerability in Windows Routing and Remote Access Service (RRAS) can be exploited remotely to execute arbitrary code.
  5. An elevation of privilege vulnerability in Windows Disk Cleanup Tool can be exploited remotely to gain privileges.
  6. A denial of service vulnerability in Internet Connection Sharing (ICS) can be exploited remotely to cause denial of service.
  7. A remote code execution vulnerability in Microsoft Digest Authentication can be exploited remotely to execute arbitrary code.
  8. A denial of service vulnerability in Windows Deployment Services can be exploited remotely to cause denial of service.
  9. A denial of service vulnerability in Windows Kerberos can be exploited remotely to cause denial of service.
  10. A denial of service vulnerability in Windows Active Directory Domain Services API can be exploited remotely to cause denial of service.
  11. A denial of service vulnerability in DHCP Client Service can be exploited remotely to cause denial of service.
  12. An elevation of privilege vulnerability in Windows Win32 Kernel Subsystem can be exploited remotely to gain privileges.
  13. An elevation of privilege vulnerability in Windows Setup Files Cleanup can be exploited remotely to gain privileges.
  14. An elevation of privilege vulnerability in Windows Storage can be exploited remotely to gain privileges.
  15. An elevation of privilege vulnerability in Windows NTFS can be exploited remotely to gain privileges.
  16. An elevation of privilege vulnerability in Kernel Streaming WOW Thunk Service Driver can be exploited remotely to gain privileges.
  17. A security feature bypass vulnerability in Windows Kernel can be exploited remotely to bypass security restrictions.
  18. An elevation of privilege vulnerability in Windows Installer can be exploited remotely to gain privileges.
  19. A spoofing vulnerability in NTLM Hash Disclosure can be exploited remotely to spoof user interface.
  20. An elevation of privilege vulnerability in Windows Ancillary Function Driver for WinSock can be exploited remotely to gain privileges.
  21. A remote code execution vulnerability in DHCP Client Service can be exploited remotely to execute arbitrary code.
  22. A denial of service vulnerability in Microsoft Message Queuing (MSMQ) can be exploited remotely to cause denial of service.
  23. A remote code execution vulnerability in Windows Lightweight Directory Access Protocol (LDAP) can be exploited remotely to execute arbitrary code.
  24. A tampering vulnerability in Windows Remote Desktop Configuration Service can be exploited remotely to spoof user interface.
  25. A remote code execution vulnerability in Windows Telephony Server can be exploited remotely to execute arbitrary code.

Original advisories

Related products

CVE list

  • CVE-2025-21414
    high
  • CVE-2025-21407
    critical
  • CVE-2025-21182
    high
  • CVE-2025-21410
    critical
  • CVE-2025-21420
    critical
  • CVE-2025-21216
    high
  • CVE-2025-21369
    critical
  • CVE-2025-21347
    high
  • CVE-2025-21212
    high
  • CVE-2025-21358
    critical
  • CVE-2025-21350
    high
  • CVE-2025-21183
    high
  • CVE-2025-21351
    critical
  • CVE-2025-21352
    high
  • CVE-2025-21179
    warning
  • CVE-2025-21367
    critical
  • CVE-2025-21419
    high
  • CVE-2025-21200
    critical
  • CVE-2025-21371
    critical
  • CVE-2025-21391
    high
  • CVE-2025-21337
    warning
  • CVE-2025-21190
    critical
  • CVE-2025-21375
    critical
  • CVE-2025-21184
    high
  • CVE-2025-21368
    critical
  • CVE-2025-21359
    critical
  • CVE-2025-21373
    critical
  • CVE-2025-21254
    high
  • CVE-2025-21377
    high
  • CVE-2025-21418
    critical
  • CVE-2025-21379
    high
  • CVE-2025-21181
    critical
  • CVE-2025-21376
    critical
  • CVE-2025-21349
    high
  • CVE-2025-21208
    critical
  • CVE-2025-21406
    critical
  • CVE-2025-21201
    critical

KB list

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com

Found an inaccuracy in the description of this vulnerability? Let us know!
Kaspersky Next
Let’s go Next: redefine your business’s cybersecurity
Learn more
New Kaspersky!
Your digital life deserves complete protection!
Learn more
Related articles
25 March 2025
Securelist
Operation ForumTroll: APT attack with Google Chrome zero-day exploit chain
25 March 2025
Securelist
Financial cyberthreats in 2024
21 March 2025
Securelist
Threat landscape for industrial automation systems in Q4 2024
19 March 2025
Securelist
Arcane stealer: We want all your data
13 March 2025
Securelist
Head Mare and Twelve join forces to attack Russian entities
12 March 2025
Securelist
Incident response analyst report 2024
Found an inaccuracy in the description of this vulnerability?
If you found a new Threat or Vulnerability, please, let us know by email:
newvirus@kaspersky.com
Found a new Threat or Vulnerability?
If you found a new Threat or Vulnerability, please, let us know by email:
newvirus@kaspersky.com
Solutions for
Home Products
Small Business
Medium Business
Enterprise
Select language
Sorting
Kaspersky ID
Vulnerability
Detect date
Severity
Confirm changes?
Your message has been sent successfully.