Kaspersky ID:
KLA85521
Detect Date:
07/08/2025
Updated:
07/09/2025

Description

Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, execute arbitrary code, bypass security restrictions, cause denial of service.

Below is a complete list of vulnerabilities:

  1. An elevation of privilege vulnerability in Microsoft Windows QoS Scheduler Driver can be exploited remotely to gain privileges.
  2. An information disclosure vulnerability in Windows Imaging Component can be exploited remotely to obtain sensitive information.
  3. An elevation of privilege vulnerability in Windows Universal Plug and Play (UPnP) Device Host can be exploited remotely to gain privileges.
  4. A remote code execution vulnerability in Windows Graphics Component can be exploited remotely to execute arbitrary code.
  5. A remote code execution vulnerability in Windows Routing and Remote Access Service (RRAS) can be exploited remotely to execute arbitrary code.
  6. An elevation of privilege vulnerability in Windows Fast FAT File System Driver can be exploited remotely to gain privileges.
  7. An elevation of privilege vulnerability in Windows Graphics Component can be exploited remotely to gain privileges.
  8. An elevation of privilege vulnerability in Workspace Broker can be exploited remotely to gain privileges.
  9. An elevation of privilege vulnerability in Windows Win32 Kernel Subsystem can be exploited remotely to gain privileges.
  10. An elevation of privilege vulnerability in Kernel Streaming WOW Thunk Service Driver can be exploited remotely to gain privileges.
  11. A remote code execution vulnerability in Windows KDC Proxy Service (KPSSVC) can be exploited remotely to execute arbitrary code.
  12. An elevation of privilege vulnerability in Credential Security Support Provider Protocol (CredSSP) can be exploited remotely to gain privileges.
  13. An elevation of privilege vulnerability in NTFS can be exploited remotely to gain privileges.
  14. An elevation of privilege vulnerability in Windows Event Tracing can be exploited remotely to gain privileges.
  15. An elevation of privilege vulnerability in Windows Transport Driver Interface (TDI) Translation Driver can be exploited remotely to gain privileges.
  16. An elevation of privilege vulnerability in Microsoft Virtual Hard Disk can be exploited remotely to gain privileges.
  17. An elevation of privilege vulnerability in Windows Ancillary Function Driver for WinSock can be exploited remotely to gain privileges.
  18. An elevation of privilege vulnerability in Win32k can be exploited remotely to gain privileges.
  19. A remote code execution vulnerability in Microsoft MPEG-2 Video Extension can be exploited remotely to execute arbitrary code.
  20. A security feature bypass vulnerability in Remote Desktop Licensing Service can be exploited remotely to bypass security restrictions.
  21. A remote code execution vulnerability in Remote Desktop Client can be exploited remotely to execute arbitrary code.
  22. An elevation of privilege vulnerability in HID Class Driver can be exploited remotely to gain privileges.
  23. An elevation of privilege vulnerability in Windows Shell can be exploited remotely to gain privileges.
  24. An elevation of privilege vulnerability in Windows Simple Search and Discovery Protocol (SSDP) Service can be exploited remotely to gain privileges.
  25. An elevation of privilege vulnerability in Windows Input Method Editor (IME) can be exploited remotely to gain privileges.
  26. An information disclosure vulnerability in Windows Transport Driver Interface (TDI) Translation Driver can be exploited remotely to obtain sensitive information.
  27. An information disclosure vulnerability in Windows User-Mode Driver Framework Host can be exploited remotely to obtain sensitive information.
  28. An elevation of privilege vulnerability in Universal Print Management Service can be exploited remotely to gain privileges.
  29. A remote code execution vulnerability in Microsoft Virtual Hard Disk can be exploited remotely to execute arbitrary code.
  30. Denial of service vulnerability in Windows Print Spooler can be exploited remotely to cause denial of service.
  31. A security feature bypass vulnerability in BitLocker can be exploited remotely to bypass security restrictions.
  32. An information disclosure vulnerability in Windows Kernel can be exploited remotely to obtain sensitive information.
  33. An elevation of privilege vulnerability in Windows TCP/IP Driver can be exploited remotely to gain privileges.
  34. Denial of service vulnerability in Windows Netlogon can be exploited remotely to cause denial of service.
  35. An information disclosure vulnerability in Windows GDI can be exploited remotely to obtain sensitive information.
  36. A remote code execution vulnerability in SPNEGO Extended Negotiation (NEGOEX) Security Mechanism can be exploited remotely to execute arbitrary code.
  37. An information disclosure vulnerability in Windows Storage Port Driver can be exploited remotely to obtain sensitive information.
  38. An information disclosure vulnerability in Windows Routing and Remote Access Service (RRAS) can be exploited remotely to obtain sensitive information.
  39. An elevation of privilege vulnerability in Windows MBT Transport Driver can be exploited remotely to gain privileges.

Original advisories

Related products

CVE list

  • CVE-2025-49730
    critical
  • CVE-2025-47980
    high
  • CVE-2025-48819
    high
  • CVE-2025-49742
    critical
  • CVE-2025-49673
    critical
  • CVE-2025-49721
    critical
  • CVE-2025-49732
    critical
  • CVE-2025-49665
    critical
  • CVE-2025-49667
    critical
  • CVE-2025-49675
    critical
  • CVE-2025-49735
    critical
  • CVE-2025-47987
    critical
  • CVE-2025-49663
    critical
  • CVE-2025-49678
    high
  • CVE-2025-49660
    critical
  • CVE-2025-49668
    critical
  • CVE-2025-49659
    critical
  • CVE-2025-47973
    critical
  • CVE-2025-49661
    critical
  • CVE-2025-49727
    high
  • CVE-2025-48806
    critical
  • CVE-2025-47971
    critical
  • CVE-2025-48814
    critical
  • CVE-2025-48817
    critical
  • CVE-2025-48816
    critical
  • CVE-2025-49679
    critical
  • CVE-2025-48815
    critical
  • CVE-2025-48805
    critical
  • CVE-2025-49687
    critical
  • CVE-2025-49674
    critical
  • CVE-2025-47985
    critical
  • CVE-2025-47976
    critical
  • CVE-2025-47998
    critical
  • CVE-2025-49688
    critical
  • CVE-2025-49669
    critical
  • CVE-2025-49753
    critical
  • CVE-2025-49672
    critical
  • CVE-2025-49657
    critical
  • CVE-2025-49658
    high
  • CVE-2025-49664
    high
  • CVE-2025-47986
    critical
  • CVE-2025-49683
    critical
  • CVE-2025-49722
    high
  • CVE-2025-48001
    high
  • CVE-2025-48808
    high
  • CVE-2025-49686
    critical
  • CVE-2025-49716
    high
  • CVE-2025-47984
    critical
  • CVE-2025-48821
    high
  • CVE-2025-48804
    high
  • CVE-2025-47981
    critical
  • CVE-2025-49684
    high
  • CVE-2025-49681
    high
  • CVE-2025-47975
    high
  • CVE-2025-49689
    critical
  • CVE-2025-47996
    critical
  • CVE-2025-49676
    critical
  • CVE-2025-49671
    high
  • CVE-2025-48824
    critical
  • CVE-2025-49670
    critical
  • CVE-2025-49729
    critical

KB list

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com

Found an inaccuracy in the description of this vulnerability? Let us know!
Kaspersky Next
Let’s go Next: redefine your business’s cybersecurity
Learn more
New Kaspersky!
Your digital life deserves complete protection!
Learn more
Confirm changes?
Your message has been sent successfully.