Solutions for:
Home Products
Small Business
Medium Business
Enterprise
Vulnerabilities Threats
Home Vulnerabilities

Multiple vulnerabilities in Microsoft Windows

Kaspersky ID:
KLA85525
Detect Date:
07/08/2025
Updated:
07/28/2025

Description

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, execute arbitrary code, bypass security restrictions, cause denial of service, spoof user interface.

Below is a complete list of vulnerabilities:

  1. An elevation of privilege vulnerability in Microsoft Windows QoS Scheduler Driver can be exploited remotely to gain privileges.
  2. An information disclosure vulnerability in Windows Imaging Component can be exploited remotely to obtain sensitive information.
  3. An elevation of privilege vulnerability in Windows Universal Plug and Play (UPnP) Device Host can be exploited remotely to gain privileges.
  4. A remote code execution vulnerability in Windows Graphics Component can be exploited remotely to execute arbitrary code.
  5. A remote code execution vulnerability in Windows Routing and Remote Access Service (RRAS) can be exploited remotely to execute arbitrary code.
  6. An elevation of privilege vulnerability in Windows Fast FAT File System Driver can be exploited remotely to gain privileges.
  7. An elevation of privilege vulnerability in Windows Graphics Component can be exploited remotely to gain privileges.
  8. An elevation of privilege vulnerability in Workspace Broker can be exploited remotely to gain privileges.
  9. An elevation of privilege vulnerability in Windows Win32 Kernel Subsystem can be exploited remotely to gain privileges.
  10. An elevation of privilege vulnerability in Kernel Streaming WOW Thunk Service Driver can be exploited remotely to gain privileges.
  11. A remote code execution vulnerability in Windows KDC Proxy Service (KPSSVC) can be exploited remotely to execute arbitrary code.
  12. An elevation of privilege vulnerability in Credential Security Support Provider Protocol (CredSSP) can be exploited remotely to gain privileges.
  13. An elevation of privilege vulnerability in NTFS can be exploited remotely to gain privileges.
  14. An elevation of privilege vulnerability in Windows Event Tracing can be exploited remotely to gain privileges.
  15. An elevation of privilege vulnerability in Windows Transport Driver Interface (TDI) Translation Driver can be exploited remotely to gain privileges.
  16. An elevation of privilege vulnerability in Microsoft Virtual Hard Disk can be exploited remotely to gain privileges.
  17. An elevation of privilege vulnerability in Windows Ancillary Function Driver for WinSock can be exploited remotely to gain privileges.
  18. An elevation of privilege vulnerability in Win32k can be exploited remotely to gain privileges.
  19. A remote code execution vulnerability in Microsoft MPEG-2 Video Extension can be exploited remotely to execute arbitrary code.
  20. A security feature bypass vulnerability in Remote Desktop Licensing Service can be exploited remotely to bypass security restrictions.
  21. A remote code execution vulnerability in Remote Desktop Client can be exploited remotely to execute arbitrary code.
  22. An elevation of privilege vulnerability in HID Class Driver can be exploited remotely to gain privileges.
  23. An elevation of privilege vulnerability in Windows Shell can be exploited remotely to gain privileges.
  24. An elevation of privilege vulnerability in Windows Simple Search and Discovery Protocol (SSDP) Service can be exploited remotely to gain privileges.
  25. An elevation of privilege vulnerability in Windows Input Method Editor (IME) can be exploited remotely to gain privileges.
  26. An information disclosure vulnerability in Windows Transport Driver Interface (TDI) Translation Driver can be exploited remotely to obtain sensitive information.
  27. An information disclosure vulnerability in Windows User-Mode Driver Framework Host can be exploited remotely to obtain sensitive information.
  28. An elevation of privilege vulnerability in Universal Print Management Service can be exploited remotely to gain privileges.
  29. A remote code execution vulnerability in Microsoft Virtual Hard Disk can be exploited remotely to execute arbitrary code.
  30. Denial of service vulnerability in Windows Print Spooler can be exploited remotely to cause denial of service.
  31. A security feature bypass vulnerability in BitLocker can be exploited remotely to bypass security restrictions.
  32. An information disclosure vulnerability in Windows Kernel can be exploited remotely to obtain sensitive information.
  33. An elevation of privilege vulnerability in Windows TCP/IP Driver can be exploited remotely to gain privileges.
  34. Denial of service vulnerability in Windows Netlogon can be exploited remotely to cause denial of service.
  35. An information disclosure vulnerability in Windows GDI can be exploited remotely to obtain sensitive information.
  36. A remote code execution vulnerability in SPNEGO Extended Negotiation (NEGOEX) Security Mechanism can be exploited remotely to execute arbitrary code.
  37. An information disclosure vulnerability in Windows Storage Port Driver can be exploited remotely to obtain sensitive information.
  38. An information disclosure vulnerability in Windows Routing and Remote Access Service (RRAS) can be exploited remotely to obtain sensitive information.
  39. An elevation of privilege vulnerability in Windows MBT Transport Driver can be exploited remotely to gain privileges.
  40. A remote code execution vulnerability in Windows Hyper-V Discrete Device Assignment (DDA) can be exploited remotely to execute arbitrary code.
  41. An elevation of privilege vulnerability in Windows Virtualization-Based Security (VBS) Enclave can be exploited remotely to gain privileges.
  42. An elevation of privilege vulnerability in Microsoft Brokering File System can be exploited remotely to gain privileges.
  43. A security feature bypass vulnerability in Windows SmartScreen can be exploited remotely to bypass security restrictions.
  44. An elevation of privilege vulnerability in Windows Media can be exploited remotely to gain privileges.
  45. A tampering vulnerability in Windows StateRepository API Server file can be exploited remotely to spoof user interface.
  46. An elevation of privilege vulnerability in Windows Virtualization-Based Security (VBS) can be exploited remotely to gain privileges.
  47. A transient execution vulnerability in AMD processors can be exploited remotely to obtain sensitive information.
  48. An information disclosure vulnerability in Windows Secure Kernel Mode can be exploited remotely to obtain sensitive information.
  49. An elevation of privilege vulnerability in Capability Access Management Service (camsvc) can be exploited remotely to gain privileges.
  50. Denial of service vulnerability in Windows Hyper-V can be exploited remotely to cause denial of service.
  51. An elevation of privilege vulnerability in Microsoft PC Manager can be exploited remotely to gain privileges.
  52. An elevation of privilege vulnerability in Windows Notification can be exploited remotely to gain privileges.
  53. An elevation of privilege vulnerability in Windows AppX Deployment Service can be exploited remotely to gain privileges.
  54. A remote code execution vulnerability in Windows Miracast Wireless Display can be exploited remotely to execute arbitrary code.
  55. A remote code execution vulnerability in Windows Server Setup and Boot Event Collection can be exploited remotely to execute arbitrary code.
  56. An information disclosure vulnerability in Windows Cryptographic Services can be exploited remotely to obtain sensitive information.
  57. A spoofing vulnerability in Windows Storage can be exploited remotely to spoof user interface.
  58. A denial of service vulnerability in Windows Kerberos can be exploited remotely to cause denial of service.
  59. A spoofing vulnerability in Windows SMB Server can be exploited remotely to spoof user interface.
  60. A remote code execution vulnerability in Windows Connected Devices Platform Service can be exploited remotely to execute arbitrary code.
  61. An elevation of privilege vulnerability in Windows Update Service can be exploited remotely to gain privileges.
  62. Transient execution vulnerability in AMD processors can be exploited remotely to obtain sensitive information.
  63. An elevation of privilege vulnerability in Windows Search Service can be exploited remotely to gain privileges.
  64. A spoofing vulnerability in Remote Desktop can be exploited remotely to spoof user interface.
  65. Denial of service vulnerability in Windows Performance Recorder (WPR) can be exploited remotely to cause denial of service.
  66. An information disclosure vulnerability in Windows Hyper-V can be exploited remotely to obtain sensitive information.
  67. An elevation of privilege vulnerability in Windows Storage VSP Driver can be exploited remotely to gain privileges.
  68. An elevation of privilege vulnerability in Windows Connected Devices Platform Service can be exploited remotely to gain privileges.

Original advisories

Related products

CVE list

  • CVE-2025-49730
    critical
  • CVE-2025-47980
    high
  • CVE-2025-48819
    high
  • CVE-2025-49742
    critical
  • CVE-2025-49673
    critical
  • CVE-2025-49721
    critical
  • CVE-2025-49732
    critical
  • CVE-2025-49665
    critical
  • CVE-2025-49667
    critical
  • CVE-2025-49675
    critical
  • CVE-2025-49735
    critical
  • CVE-2025-47987
    critical
  • CVE-2025-49663
    critical
  • CVE-2025-49678
    high
  • CVE-2025-49660
    critical
  • CVE-2025-49668
    critical
  • CVE-2025-49659
    critical
  • CVE-2025-47973
    critical
  • CVE-2025-49661
    critical
  • CVE-2025-49727
    high
  • CVE-2025-48806
    critical
  • CVE-2025-47971
    critical
  • CVE-2025-48814
    critical
  • CVE-2025-48817
    critical
  • CVE-2025-48816
    critical
  • CVE-2025-49679
    critical
  • CVE-2025-48815
    critical
  • CVE-2025-48805
    critical
  • CVE-2025-49687
    critical
  • CVE-2025-49674
    critical
  • CVE-2025-47985
    critical
  • CVE-2025-47976
    critical
  • CVE-2025-47998
    critical
  • CVE-2025-49688
    critical
  • CVE-2025-49669
    critical
  • CVE-2025-49753
    critical
  • CVE-2025-49672
    critical
  • CVE-2025-49657
    critical
  • CVE-2025-49658
    high
  • CVE-2025-49664
    high
  • CVE-2025-47986
    critical
  • CVE-2025-49683
    critical
  • CVE-2025-49722
    high
  • CVE-2025-48001
    high
  • CVE-2025-48808
    high
  • CVE-2025-49686
    critical
  • CVE-2025-49716
    critical
  • CVE-2025-47984
    critical
  • CVE-2025-48821
    high
  • CVE-2025-48804
    high
  • CVE-2025-47981
    critical
  • CVE-2025-49684
    high
  • CVE-2025-49681
    high
  • CVE-2025-47975
    high
  • CVE-2025-49689
    critical
  • CVE-2025-47996
    critical
  • CVE-2025-49676
    critical
  • CVE-2025-49671
    high
  • CVE-2025-48824
    critical
  • CVE-2025-49670
    high
  • CVE-2025-49729
    critical
  • CVE-2025-49733
    critical
  • CVE-2025-48822
    critical
  • CVE-2025-48818
    high
  • CVE-2025-48811
    high
  • CVE-2025-49693
    critical
  • CVE-2025-49740
    critical
  • CVE-2025-49682
    high
  • CVE-2025-49723
    critical
  • CVE-2025-47159
    critical
  • CVE-2025-48803
    high
  • CVE-2025-48809
    high
  • CVE-2025-49690
    high
  • CVE-2025-49744
    high
  • CVE-2025-47991
    critical
  • CVE-2025-47999
    high
  • CVE-2025-47993
    critical
  • CVE-2025-49725
    critical
  • CVE-2025-48810
    high
  • CVE-2025-47972
    critical
  • CVE-2025-48820
    critical
  • CVE-2025-49691
    critical
  • CVE-2025-49726
    critical
  • CVE-2025-49666
    high
  • CVE-2025-48823
    high
  • CVE-2025-49760
    warning
  • CVE-2025-48003
    high
  • CVE-2025-26636
    high
  • CVE-2025-48800
    high
  • CVE-2025-47978
    high
  • CVE-2025-48802
    high
  • CVE-2025-49677
    high
  • CVE-2025-49724
    critical
  • CVE-2025-48799
    critical
  • CVE-2025-49685
    high
  • CVE-2025-49694
    critical
  • CVE-2025-33054
    critical
  • CVE-2025-49680
    high
  • CVE-2025-48002
    high
  • CVE-2025-47982
    critical
  • CVE-2025-48000
    critical
  • CVE-2024-36350
    high
  • CVE-2024-36357
    high

KB list

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com

Found an inaccuracy in the description of this vulnerability? Let us know!
Kaspersky Next
Let’s go Next: redefine your business’s cybersecurity
Learn more
New Kaspersky!
Your digital life deserves complete protection!
Learn more
Related articles
21 April 2025
Kaspersky Daily
Update PyTorch ASAP | Kaspersky official blog
25 July 2025
Securelist
ToolShell: a story of five vulnerabilities in Microsoft SharePoint
21 July 2025
Securelist
The SOC files: Rumble in the jungle or APT41’s new target in Africa
17 July 2025
Securelist
GhostContainer backdoor: malware compromising Exchange servers of high-value organizations in Asia
14 July 2025
Securelist
Forensic journey: Breaking down the UserAssist artifact structure
10 July 2025
Securelist
Code highlighting with Cursor AI for $500,000
Found an inaccuracy in the description of this vulnerability?
If you found a new Threat or Vulnerability, please, let us know by email:
newvirus@kaspersky.com
Found a new Threat or Vulnerability?
If you found a new Threat or Vulnerability, please, let us know by email:
newvirus@kaspersky.com
Solutions for
Home Products
Small Business
Medium Business
Enterprise
Select language
Sorting
Kaspersky ID
Vulnerability
Detect date
Severity
Confirm changes?
Your message has been sent successfully.