Multiple vulnerabilities in Microsoft Windows

Description

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, gain privileges, execute arbitrary code, cause denial of service, spoof user interface.

Below is a complete list of vulnerabilities:

1. An information disclosure vulnerability in Remote Desktop Protocol Client can be exploited remotely to obtain sensitive information.
2. An elevation of privilege vulnerability in Windows Recovery Driver can be exploited remotely to gain privileges.
3. A remote code execution vulnerability in Windows Routing and Remote Access Service (RRAS) can be exploited remotely to execute arbitrary code.
4. Denial of service vulnerability in Local Security Authority Subsystem Service (LSASS) can be exploited remotely to cause denial of service.
5. An elevation of privilege vulnerability in Windows Remote Access Connection Manager can be exploited remotely to gain privileges.
6. An information disclosure vulnerability in Windows Storage Management Provider can be exploited remotely to obtain sensitive information.
7. Denial of service vulnerability in DHCP Server Service can be exploited remotely to cause denial of service.
8. A security feature bypass vulnerability in Windows Shortcut Files can be exploited remotely to bypass security restrictions.
9. An elevation of privilege vulnerability in Windows SMB Client can be exploited remotely to gain privileges.
10. Denial of service vulnerability in Windows Local Security Authority (LSA) can be exploited remotely to cause denial of service.
11. An elevation of privilege vulnerability in Win32k can be exploited remotely to gain privileges.
12. An elevation of privilege vulnerability in Windows Task Scheduler can be exploited remotely to gain privileges.
13. A remote code execution vulnerability in Windows Remote Desktop Services can be exploited remotely to execute arbitrary code.
14. An elevation of privilege vulnerability in Windows Netlogon can be exploited remotely to gain privileges.
15. An information disclosure vulnerability in Windows Virtualization-Based Security (VBS) can be exploited remotely to obtain sensitive information.
16. A spoofing vulnerability in Windows Security App can be exploited remotely to spoof user interface.
17. An elevation of privilege vulnerability in Windows Installer can be exploited remotely to gain privileges.
18. An elevation of privilege vulnerability in Windows Media can be exploited remotely to gain privileges.
19. A remote code execution vulnerability in Web Distributed Authoring and Versioning (WEBDAV) can be exploited remotely to execute arbitrary code.
20. A security feature bypass vulnerability in Windows App Control for Business can be exploited remotely to bypass security restrictions.
21. A remote code execution vulnerability in Windows Schannel can be exploited remotely to execute arbitrary code.
22. An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely to gain privileges.
23. An information disclosure vulnerability in Windows Storage Port Driver can be exploited remotely to obtain sensitive information.
24. A remote code execution vulnerability in Windows KDC Proxy Service (KPSSVC) can be exploited remotely to execute arbitrary code.
25. Denial of service vulnerability in Windows Standards-Based Storage Management Service can be exploited remotely to cause denial of service.

Original advisories

• CVE-2025-32715

• CVE-2025-32721
• CVE-2025-33066
• CVE-2025-32724
• CVE-2025-47955
• CVE-2025-32720
• CVE-2025-32719
• CVE-2025-32725
• CVE-2025-47160
• CVE-2025-32718
• CVE-2025-33050
• CVE-2025-33056
• CVE-2025-32712
• CVE-2025-33067
• CVE-2025-32710
• CVE-2025-33070
• CVE-2025-47969
• CVE-2025-33060
• CVE-2025-47956
• CVE-2025-33061
• CVE-2025-33062
• CVE-2025-3052
• CVE-2025-33075
• CVE-2025-24068
• CVE-2025-33073
• CVE-2025-32716
• CVE-2025-33052
• CVE-2025-33053
• CVE-2025-33069
• CVE-2025-33059
• CVE-2025-32714
• CVE-2025-33064
• CVE-2025-29828
• CVE-2025-33063
• CVE-2025-33055
• CVE-2025-32713
• CVE-2025-32722
• CVE-2025-33065
• CVE-2025-33058
• CVE-2025-24065
• CVE-2025-33071
• CVE-2025-33057
• CVE-2025-33068
• CVE-2025-24069

Related products

• Microsoft-Windows
• Microsoft-Windows-Server
• Microsoft-Windows-10
• Microsoft-Windows-Server-2016
• Microsoft-Windows-Server-2019
• Microsoft-Windows-11
• Microsoft-Remote-Desktop
• Microsoft-Windows-Server-2022

CVE list

• CVE-2025-24065
  high
• CVE-2025-24068
  high
• CVE-2025-24069
  high
• CVE-2025-29828
  critical
• CVE-2025-32710
  critical
• CVE-2025-32712
  critical
• CVE-2025-32713
  critical
• CVE-2025-32714
  critical
• CVE-2025-32715
  high
• CVE-2025-32716
  critical
• CVE-2025-32718
  critical
• CVE-2025-32719
  high
• CVE-2025-32720
  high
• CVE-2025-32721
  high
• CVE-2025-32722
  high
• CVE-2025-32724
  critical
• CVE-2025-32725
  critical
• CVE-2025-33050
  critical
• CVE-2025-33052
  high
• CVE-2025-33053
  critical
• CVE-2025-33055
  high
• CVE-2025-33056
  critical
• CVE-2025-33057
  high
• CVE-2025-33058
  high
• CVE-2025-33059
  high
• CVE-2025-33060
  high
• CVE-2025-33061
  high
• CVE-2025-33062
  high
• CVE-2025-33063
  high
• CVE-2025-33064
  critical
• CVE-2025-33065
  high
• CVE-2025-33066
  critical
• CVE-2025-33067
  critical
• CVE-2025-33068
  critical
• CVE-2025-33069
  high
• CVE-2025-33070
  critical
• CVE-2025-33071
  critical
• CVE-2025-33073
  critical
• CVE-2025-33075
  critical
• CVE-2025-47160
  high
• CVE-2025-47955
  critical
• CVE-2025-47956
  high
• CVE-2025-47969
  warning
• CVE-2025-3052
  critical

KB list

• 5058500
• 5058385
• 5058392
• 5058383
• 5058497
• 5058384
• 5058405
• 5058379
• 5058411
• 5058387
• 5060533
• 5060842
• 5060118
• 5060841
• 5060526
• 5060998
• 5060525
• 5060531
• 5060999
• 5061010

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com