Solutions for:
Home Products
Small Business
Medium Business
Enterprise
Vulnerabilities Threats
Home Vulnerabilities

Mulitple vulnerabilities in Microsoft Products (ESU)

Kaspersky ID:
KLA89277
Detect Date:
10/14/2025
Updated:
10/16/2025

Description

Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, bypass security restrictions, execute arbitrary code, spoof user interface, cause denial of service.

Below is a complete list of vulnerabilities:

  1. An elevation of privilege vulnerability in Windows Authentication can be exploited remotely to gain privileges.
  2. An information disclosure vulnerability in Microsoft Failover Cluster can be exploited remotely to obtain sensitive information.
  3. A remote code execution vulnerability in Remote Desktop Protocol can be exploited remotely to execute arbitrary code.
  4. A remote code execution vulnerability in Inbox COM Objects (Global Memory) can be exploited remotely to execute arbitrary code.
  5. A security bypass vulnerability in SecureBoot in IGEL OS before 11 can be exploited remotely to bypass security restrictions.
  6. An elevation of privilege vulnerability in Windows Remote Access Connection Manager can be exploited remotely to gain privileges.
  7. An elevation of privilege vulnerability in Network Connection Status Indicator (NCSI) can be exploited remotely to gain privileges.
  8. An elevation of privilege vulnerability in Windows Resilient File System (ReFS) can be exploited remotely to gain privileges.
  9. An elevation of privilege vulnerability in Windows Kernel can be exploited remotely to gain privileges.
  10. A spoofing vulnerability in NTLM Hash Disclosure can be exploited remotely to spoof user interface.
  11. An elevation of privilege vulnerability in DirectX Graphics Kernel can be exploited remotely to gain privileges.
  12. A denial of service vulnerability in Windows Local Session Manager (LSM) can be exploited remotely to cause denial of service.
  13. An elevation of privilege vulnerability in Windows Ancillary Function Driver for WinSock can be exploited remotely to gain privileges.
  14. An elevation of privilege vulnerability in Windows NTFS can be exploited remotely to gain privileges.
  15. A remote code execution vulnerability in Remote Desktop Client can be exploited remotely to execute arbitrary code.
  16. An elevation of privilege vulnerability in Windows Simple Search and Discovery Protocol (SSDP) Service can be exploited remotely to gain privileges.
  17. An information disclosure vulnerability in Windows MapUrlToZone can be exploited remotely to obtain sensitive information.
  18. An information disclosure vulnerability in Windows Push Notification can be exploited remotely to obtain sensitive information.
  19. An elevation of privilege vulnerability in Windows COM+ Event System Service can be exploited remotely to gain privileges.
  20. An information disclosure vulnerability in Windows WLAN AutoConfig Service can be exploited remotely to obtain sensitive information.
  21. A spoofing vulnerability in Microsoft Windows File Explorer can be exploited remotely to spoof user interface.
  22. An elevation of privilege vulnerability in Windows Error Reporting Service can be exploited remotely to gain privileges.
  23. An elevation of privilege vulnerability in Windows Agere Modem Driver can be exploited remotely to gain privileges.
  24. An information disclosure vulnerability in Windows Routing and Remote Access Service (RRAS) can be exploited remotely to obtain sensitive information.
  25. A denial of service vulnerability in Windows Search Service can be exploited remotely to cause denial of service.
  26. A remote code execution vulnerability in Windows Server Update Service (WSUS) can be exploited remotely to execute arbitrary code.
  27. An elevation of privilege vulnerability in Windows Remote Desktop Services can be exploited remotely to gain privileges.
  28. A tampering vulnerability in Windows SMB Client can be exploited remotely to spoof user interface.
  29. An elevation of privilege vulnerability in Windows Graphics Component can be exploited remotely to gain privileges.
  30. A remote code execution vulnerability in Internet Information Services (IIS) Inbox COM Objects (Global Memory) can be exploited remotely to execute arbitrary code.
  31. An information disclosure vulnerability in Windows Active Directory Federation Services (ADFS) can be exploited remotely to obtain sensitive information.
  32. An elevation of privilege vulnerability in Windows SMB Server can be exploited remotely to gain privileges.
  33. An elevation of privilege vulnerability in PowerShell can be exploited remotely to gain privileges.
  34. A remote code execution vulnerability in Windows URL Parsing can be exploited remotely to execute arbitrary code.

Original advisories

Related products

CVE list

  • CVE-2025-47827
    warning
  • CVE-2025-24052
    critical
  • CVE-2025-24990
    critical
  • CVE-2025-25004
    high
  • CVE-2025-55335
    high
  • CVE-2025-55678
    high
  • CVE-2025-55687
    high
  • CVE-2025-55692
    critical
  • CVE-2025-55695
    high
  • CVE-2025-55700
    high
  • CVE-2025-55701
    critical
  • CVE-2025-58714
    critical
  • CVE-2025-58717
    high
  • CVE-2025-58718
    critical
  • CVE-2025-58725
    high
  • CVE-2025-58726
    critical
  • CVE-2025-58729
    high
  • CVE-2025-58730
    high
  • CVE-2025-58732
    high
  • CVE-2025-58733
    high
  • CVE-2025-58735
    high
  • CVE-2025-58736
    high
  • CVE-2025-58737
    high
  • CVE-2025-58739
    high
  • CVE-2025-59185
    high
  • CVE-2025-59187
    critical
  • CVE-2025-59188
    high
  • CVE-2025-59190
    high
  • CVE-2025-59196
    high
  • CVE-2025-59198
    warning
  • CVE-2025-59201
    critical
  • CVE-2025-59202
    high
  • CVE-2025-59205
    high
  • CVE-2025-59208
    high
  • CVE-2025-59209
    high
  • CVE-2025-59211
    high
  • CVE-2025-59214
    high
  • CVE-2025-59230
    critical
  • CVE-2025-59242
    critical
  • CVE-2025-59244
    high
  • CVE-2025-59253
    high
  • CVE-2025-59258
    high
  • CVE-2025-59259
    high
  • CVE-2025-59275
    critical
  • CVE-2025-59277
    critical
  • CVE-2025-59278
    critical
  • CVE-2025-59280
    warning
  • CVE-2025-59282
    high
  • CVE-2025-59287
    critical
  • CVE-2025-59295
    critical

KB list

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com

Found an inaccuracy in the description of this vulnerability? Let us know!
Kaspersky Next
Let’s go Next: redefine your business’s cybersecurity
Learn more
New Kaspersky!
Your digital life deserves complete protection!
Learn more
Related articles
21 April 2025
Kaspersky Daily
Update PyTorch ASAP | Kaspersky official blog
15 October 2025
Securelist
Maverick: a new banking Trojan abusing WhatsApp in a mass-scale distribution
15 October 2025
Securelist
Mysterious Elephant: a growing threat
14 October 2025
Securelist
Signal in the noise: what hashtags reveal about hacktivism in 2025
14 October 2025
Securelist
The king is dead, long live the king! Windows 10 EOL and Windows 11 forensic artifacts
06 October 2025
Securelist
How we trained an ML model to detect DLL hijacking
Found an inaccuracy in the description of this vulnerability?
If you found a new Threat or Vulnerability, please, let us know by email:
newvirus@kaspersky.com
Found a new Threat or Vulnerability?
If you found a new Threat or Vulnerability, please, let us know by email:
newvirus@kaspersky.com
Solutions for
Home Products
Small Business
Medium Business
Enterprise
Select language
Sorting
Kaspersky ID
Vulnerability
Detect date
Severity
Confirm changes?
Your message has been sent successfully.