Kaspersky Threats

Description

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, execute arbitrary code, obtain sensitive information, spoof user interface.

Below is a complete list of vulnerabilities:

A denial of service vulnerability in Local Security Authority Subsystem Service (LSASS) can be exploited remotely to cause denial of service.
An elevation of privilege vulnerability in Windows Push Notifications Apps can be exploited remotely to gain privileges.
A remote code execution vulnerability in Windows Routing and Remote Access Service (RRAS) can be exploited remotely to execute arbitrary code.
A remote code execution vulnerability in GDI+ can be exploited remotely to execute arbitrary code.
A denial of service vulnerability in Windows Hyper-V can be exploited remotely to cause denial of service.
An elevation of privilege vulnerability in Windows StateRepository API Server file can be exploited remotely to gain privileges.
A remote code execution vulnerability in Windows SMB can be exploited remotely to execute arbitrary code.
A remote code execution vulnerability in Microsoft Message Queuing (MSMQ) can be exploited remotely to execute arbitrary code.
An elevation of privilege vulnerability in Windows Kernel can be exploited remotely to gain privileges.
An elevation of privilege vulnerability in Windows Kerberos can be exploited remotely to gain privileges.
An information disclosure vulnerability in Windows Routing and Remote Access Service (RRAS) can be exploited remotely to obtain sensitive information.
An elevation of privilege vulnerability in Desktop Windows Manager can be exploited remotely to gain privileges.
An elevation of privilege vulnerability in Windows Hyper-V can be exploited remotely to gain privileges.
A denial of service vulnerability in Windows Remote Desktop Services can be exploited remotely to cause denial of service.
A remote code execution vulnerability in Windows Media can be exploited remotely to execute arbitrary code.
An elevation of privilege vulnerability in Windows Cloud Files Mini Filter Driver can be exploited remotely to gain privileges.
An information disclosure vulnerability in Windows NTFS can be exploited remotely to obtain sensitive information.
An elevation of privilege vulnerability in Microsoft Brokering File System can be exploited remotely to gain privileges.
An elevation of privilege vulnerability in Windows Graphics Component can be exploited remotely to gain privileges.
A remote code execution vulnerability in Desktop Windows Manager can be exploited remotely to execute arbitrary code.
An elevation of privilege vulnerability in Windows PrintWorkflowUserSvc can be exploited remotely to gain privileges.
A remote code execution vulnerability in DirectX Graphics Kernel can be exploited remotely to execute arbitrary code.
An information disclosure vulnerability in Windows Distributed Transaction Coordinator (MSDTC) can be exploited remotely to obtain sensitive information.
A spoofing vulnerability in Windows Security App can be exploited remotely to spoof user interface.
An elevation of privilege vulnerability in Windows Installer can be exploited remotely to gain privileges.
An information disclosure vulnerability in Windows Storage Port Driver can be exploited remotely to obtain sensitive information.
An elevation of privilege vulnerability in Windows Ancillary Function Driver for WinSock can be exploited remotely to gain privileges.
An elevation of privilege vulnerability in Windows Kernel Transaction Manager can be exploited remotely to gain privileges.
A remote code execution vulnerability in Windows Graphics Component can be exploited remotely to execute arbitrary code.
An elevation of privilege vulnerability in Win32k can be exploited remotely to gain privileges.
An elevation of privilege vulnerability in Remote Access Point-to-Point Protocol (PPP) EAP-TLS can be exploited remotely to gain privileges.
A spoofing vulnerability in Microsoft Windows File Explorer can be exploited remotely to spoof user interface.
An elevation of privilege vulnerability in Kernel Streaming WOW Thunk Service Driver can be exploited remotely to gain privileges.
An information disclosure vulnerability in NT OS Kernel can be exploited remotely to obtain sensitive information.
A spoofing vulnerability in Remote Desktop can be exploited remotely to spoof user interface.
An elevation of privilege vulnerability in Windows NTLM can be exploited remotely to gain privileges.
An elevation of privilege vulnerability in DirectX Graphics Kernel can be exploited remotely to gain privileges.
A remote code execution vulnerability in Windows Hyper-V can be exploited remotely to execute arbitrary code.
A denial of service vulnerability in DirectX Graphics Kernel can be exploited remotely to cause denial of service.
An elevation of privilege vulnerability in Windows Connected Devices Platform Service can be exploited remotely to gain privileges.

Original advisories

CVE-2025-53716
CVE-2025-50155
CVE-2025-50160
CVE-2025-53766
CVE-2025-49751
CVE-2025-53789
CVE-2025-50169
CVE-2025-53143
CVE-2025-53151
CVE-2025-53144
CVE-2025-53779
CVE-2025-53719
CVE-2025-50153
CVE-2025-53723
CVE-2025-53145
CVE-2025-50156
CVE-2025-53726
CVE-2025-50164
CVE-2025-53148
CVE-2025-53722
CVE-2025-53131
CVE-2025-50170
CVE-2025-50158
CVE-2025-53142
CVE-2025-49743
CVE-2025-53152
CVE-2025-53133
CVE-2025-50176
CVE-2025-50167
CVE-2025-50157
CVE-2025-50166
CVE-2025-53769
CVE-2025-50173
CVE-2025-49757
CVE-2025-53725
CVE-2025-53156
CVE-2025-49762
CVE-2025-53140
CVE-2025-53155
CVE-2025-53137
CVE-2025-50165
CVE-2025-53138
CVE-2025-53132
CVE-2025-50177
CVE-2025-53134
CVE-2025-53724
CVE-2025-53154
CVE-2025-53153
CVE-2025-50162
CVE-2025-50159
CVE-2025-50154
CVE-2025-49761
CVE-2025-53149
CVE-2025-53136
CVE-2025-50168
CVE-2025-50171
CVE-2025-53141
CVE-2025-53778
CVE-2025-53135
CVE-2025-53720
CVE-2025-50161
CVE-2025-53718
CVE-2025-48807
CVE-2025-50172
CVE-2025-53147
CVE-2025-50163
CVE-2025-53721

CVE list

CVE-2025-50173
critical
CVE-2025-50155
critical
CVE-2025-50160
critical
CVE-2025-53766
critical
CVE-2025-49757
critical
CVE-2025-53725
critical
CVE-2025-49762
high
CVE-2025-53140
high
CVE-2025-53155
critical
CVE-2025-53137
high
CVE-2025-53138
high
CVE-2025-53132
critical
CVE-2025-50177
critical
CVE-2025-53134
high
CVE-2025-53724
critical
CVE-2025-53154
critical
CVE-2025-53153
high
CVE-2025-50162
critical
CVE-2025-50159
high
CVE-2025-50154
critical
CVE-2025-53143
critical
CVE-2025-49761
critical
CVE-2025-53149
critical
CVE-2025-53136
high
CVE-2025-50163
critical
CVE-2025-53144
critical
CVE-2025-53719
high
CVE-2025-50153
critical
CVE-2025-53723
critical
CVE-2025-53778
critical
CVE-2025-53145
critical
CVE-2025-50156
high
CVE-2025-53726
critical
CVE-2025-53135
high
CVE-2025-53720
critical
CVE-2025-50164
critical
CVE-2025-53148
high
CVE-2025-53722
critical
CVE-2025-50161
high
CVE-2025-50158
high
CVE-2025-49743
high
CVE-2025-53152
critical
CVE-2025-53718
high
CVE-2025-50167
high
CVE-2025-50157
high
CVE-2025-53147
high
CVE-2025-50166
high
CVE-2025-53141
critical
CVE-2025-53716
high
CVE-2025-49751
high
CVE-2025-53789
critical
CVE-2025-50169
critical
CVE-2025-53151
critical
CVE-2025-53779
high
CVE-2025-53131
critical
CVE-2025-50170
critical
CVE-2025-53142
high
CVE-2025-53133
critical
CVE-2025-50176
critical
CVE-2025-53769
high
CVE-2025-53156
high
CVE-2025-50165
critical
CVE-2025-50168
critical
CVE-2025-50171
critical
CVE-2025-48807
critical
CVE-2025-50172
high
CVE-2025-53721
high

KB list

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com

Found an inaccuracy in the description of this vulnerability? Let us know!

Multiple vulnerabilities in Microsoft Windows