Description
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, cause denial of service, bypass security restrictions, spoof user interface, obtain sensitive information.
Below is a complete list of vulnerabilities:
- An elevation of privilege vulnerability in Windows PrintWorkflowUserSvc can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Remote Access Connection Manager can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Network Driver Interface Specification Driver can be exploited remotely to gain privileges.
- A denial of service vulnerability in Windows Local Session Manager (LSM) can be exploited remotely to cause denial of service.
- An elevation of privilege vulnerability in Windows Kernel can be exploited remotely to gain privileges.
- A spoofing vulnerability in NTLM Hash Disclosure can be exploited remotely to spoof user interface.
- An elevation of privilege vulnerability in DirectX Graphics Kernel can be exploited remotely to gain privileges.
- A spoofing vulnerability in Windows NTLM can be exploited remotely to spoof user interface.
- An integer overflow vulnerability in Dolby Digital Plus audio decoder can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Ancillary Function Driver for WinSock can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Storport.sys Driver can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Windows WLAN AutoConfig Service can be exploited remotely to obtain sensitive information.
- An information disclosure vulnerability in Windows Cryptographic Services can be exploited remotely to obtain sensitive information.
- A security feature bypass vulnerability in Windows BitLocker can be exploited remotely to bypass security restrictions.
- A remote code execution vulnerability in Windows Server Update Service (WSUS) can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Remote Desktop Services can be exploited remotely to gain privileges.
- A denial of service vulnerability in DirectX Graphics Kernel can be exploited remotely to cause denial of service.
- An information disclosure vulnerability in Windows Storage Management Provider can be exploited remotely to obtain sensitive information.
- An elevation of privilege vulnerability in Windows Connected Devices Platform Service can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Windows Active Directory Federation Services (ADFS) can be exploited remotely to obtain sensitive information.
- A remote code execution vulnerability in Inbox COM Objects (Global Memory) can be exploited remotely to execute arbitrary code.
- A denial of service vulnerability in Remote Procedure Call can be exploited remotely to cause denial of service.
- A remote code execution vulnerability in Windows URL Parsing can be exploited remotely to execute arbitrary code.
- An information disclosure vulnerability in Microsoft Failover Cluster can be exploited remotely to obtain sensitive information.
- A remote code execution vulnerability in Remote Desktop Protocol can be exploited remotely to execute arbitrary code.
- A spoofing vulnerability in Data Sharing Service can be exploited remotely to spoof user interface.
- An elevation of privilege vulnerability in Microsoft Brokering File System can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Bluetooth Service can be exploited remotely to gain privileges.
- A spoofing vulnerability in Virtual Secure Mode can be exploited remotely to spoof user interface.
- An elevation of privilege vulnerability in Windows Speech Runtime can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Device Association Broker Service can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Windows Kernel can be exploited remotely to obtain sensitive information.
- A spoofing vulnerability in Microsoft Windows File Explorer can be exploited remotely to spoof user interface.
- An elevation of privilege vulnerability in Windows Authentication can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Agere Modem Driver can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Resilient File System (ReFS) Deduplication Service can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Windows Routing and Remote Access Service (RRAS) can be exploited remotely to obtain sensitive information.
- An elevation of privilege vulnerability in Desktop Windows Manager can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Windows Management Services can be exploited remotely to obtain sensitive information.
- A denial of service vulnerability in Windows Search Service can be exploited remotely to cause denial of service.
- A denial of service vulnerability in Microsoft Graphics Component can be exploited remotely to cause denial of service.
- An information disclosure vulnerability in Storage Spaces Direct can be exploited remotely to obtain sensitive information.
- A security bypass vulnerability in SecureBoot in IGEL OS before 11 can be exploited remotely to bypass security restrictions.
- An information disclosure vulnerability in Windows ETL Channel can be exploited remotely to obtain sensitive information.
- An elevation of privilege vulnerability in Windows Resilient File System (ReFS) can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Remote Desktop Client can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in NtQueryInformation Token function (ntifs.h) can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Simple Search and Discovery Protocol (SSDP) Service can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Windows MapUrlToZone can be exploited remotely to obtain sensitive information.
- An information disclosure vulnerability in Windows Push Notification can be exploited remotely to obtain sensitive information.
- An elevation of privilege vulnerability in Windows COM+ Event System Service can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Error Reporting Service can be exploited remotely to gain privileges.
- A security bypass vulnerability in Windows Remote Desktop Protocol can be exploited remotely to bypass security restrictions.
- An elevation of privilege vulnerability in Microsoft Graphics Component can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Digital Media can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Management Services can be exploited remotely to gain privileges.
- A security feature bypass vulnerability in Windows Kernel can be exploited remotely to bypass security restrictions.
- A remote code execution vulnerability in Internet Information Services (IIS) Inbox COM Objects (Global Memory) can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows SMB Server can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in PowerShell can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Software Protection Platform (SPP) can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Network Connection Status Indicator (NCSI) can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Windows Connected Devices Platform Service (Cdpsvc) can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows NTFS can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Xbox IStorageService can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Microsoft Failover Cluster Virtual Driver can be exploited remotely to obtain sensitive information.
- A security feature bypass vulnerability in Windows Hello can be exploited remotely to bypass security restrictions.
- An information disclosure vulnerability in Windows State Repository API Server File can be exploited remotely to obtain sensitive information.
- An elevation of privilege vulnerability in Windows Hyper-V can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Microsoft DWM Core Library can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows DWM Core Library can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Azure Local can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Windows Cloud Files Mini Filter Driver can be exploited remotely to obtain sensitive information.
- An information disclosure vulnerability in Windows Taskbar Live Preview can be exploited remotely to obtain sensitive information.
- An elevation of privilege vulnerability in Windows Cloud Files Mini Filter Driver can be exploited remotely to gain privileges.
- An out of bounds read vulnerability in TCG TPM2.0 can be exploited remotely to obtain sensitive information.
- An information disclosure vulnerability in Windows USB Video Class System Driver can be exploited remotely to obtain sensitive information.
- A tampering vulnerability in Windows SMB Client can be exploited remotely to spoof user interface.
- An elevation of privilege vulnerability in Windows Health and Optimized Experiences can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Virtualization-Based Security (VBS) Enclave can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Graphics Component can be exploited remotely to gain privileges.
Original advisories
- CVE-2025-59230
- CVE-2025-55339
- CVE-2025-59257
- CVE-2025-59187
- CVE-2025-59244
- CVE-2025-55678
- CVE-2025-55331
- CVE-2025-58729
- CVE-2025-59284
- CVE-2025-54957
- CVE-2025-58714
- CVE-2025-59192
- CVE-2025-55695
- CVE-2025-55685
- CVE-2025-58720
- CVE-2025-55682
- CVE-2025-59287
- CVE-2025-59202
- CVE-2025-55698
- CVE-2025-59185
- CVE-2025-55325
- CVE-2025-58727
- CVE-2025-55686
- CVE-2025-55691
- CVE-2025-59258
- CVE-2025-58734
- CVE-2025-59502
- CVE-2025-59295
- CVE-2025-59188
- CVE-2025-58737
- CVE-2025-59200
- CVE-2025-48004
- CVE-2025-59189
- CVE-2025-59289
- CVE-2025-48813
- CVE-2025-55330
- CVE-2025-58715
- CVE-2025-50152
- CVE-2025-55677
- CVE-2025-55699
- CVE-2025-58730
- CVE-2025-59214
- CVE-2025-59277
- CVE-2025-55688
- CVE-2025-58739
- CVE-2025-24052
- CVE-2025-59259
- CVE-2025-59206
- CVE-2025-55700
- CVE-2025-55701
- CVE-2025-55681
- CVE-2025-59204
- CVE-2025-55690
- CVE-2025-59198
- CVE-2025-24990
- CVE-2025-59275
- CVE-2025-59210
- CVE-2025-59195
- CVE-2025-59184
- CVE-2025-58733
- CVE-2025-47827
- CVE-2025-59197
- CVE-2025-55687
- CVE-2025-58736
- CVE-2025-55693
- CVE-2025-55683
- CVE-2025-58718
- CVE-2025-55696
- CVE-2025-55338
- CVE-2025-59196
- CVE-2025-59208
- CVE-2025-59209
- CVE-2025-58725
- CVE-2025-58732
- CVE-2025-47979
- CVE-2025-55692
- CVE-2025-55340
- CVE-2025-49708
- CVE-2025-50175
- CVE-2025-59193
- CVE-2025-59207
- CVE-2025-55332
- CVE-2025-55334
- CVE-2025-55337
- CVE-2025-55689
- CVE-2025-59282
- CVE-2025-59190
- CVE-2025-59194
- CVE-2025-58726
- CVE-2025-25004
- CVE-2025-58717
- CVE-2025-59199
- CVE-2025-59278
- CVE-2025-59191
- CVE-2025-59201
- CVE-2025-55326
- CVE-2025-59186
- CVE-2025-55335
- CVE-2025-53768
- CVE-2025-59242
- CVE-2025-59260
- CVE-2025-58728
- CVE-2025-53139
- CVE-2025-58738
- CVE-2025-59203
- CVE-2025-55328
- CVE-2025-59254
- CVE-2025-58731
- CVE-2025-59255
- CVE-2025-55697
- CVE-2025-55336
- CVE-2025-59294
- CVE-2025-55680
- CVE-2025-55333
- CVE-2025-59253
- CVE-2025-2884
- CVE-2025-55676
- CVE-2025-59280
- CVE-2025-59241
- CVE-2025-53717
- CVE-2025-59290
- CVE-2025-50174
- CVE-2025-58716
- CVE-2025-58735
- CVE-2025-59205
- CVE-2025-59261
- CVE-2025-58722
- CVE-2025-53150
- CVE-2025-55694
- CVE-2025-55679
- CVE-2025-58719
- CVE-2025-59211
Related products
- Microsoft-Windows-10
- Microsoft-Windows-Server-2019
- Microsoft-Windows-11
- Microsoft-Remote-Desktop
- Microsoft-Windows-Server-2022
- Microsoft-Windows-Server-2025
CVE list
- CVE-2025-47827 warning
- CVE-2025-2884 high
- CVE-2025-24052 critical
- CVE-2025-24990 critical
- CVE-2025-25004 high
- CVE-2025-47979 high
- CVE-2025-48004 high
- CVE-2025-48813 high
- CVE-2025-49708 critical
- CVE-2025-50152 critical
- CVE-2025-50174 high
- CVE-2025-50175 critical
- CVE-2025-53139 critical
- CVE-2025-53150 critical
- CVE-2025-53717 high
- CVE-2025-53768 critical
- CVE-2025-55325 high
- CVE-2025-55326 critical
- CVE-2025-55328 critical
- CVE-2025-55330 high
- CVE-2025-55331 high
- CVE-2025-55332 high
- CVE-2025-55333 high
- CVE-2025-55334 high
- CVE-2025-55335 high
- CVE-2025-55336 high
- CVE-2025-55337 high
- CVE-2025-55338 high
- CVE-2025-55339 critical
- CVE-2025-55340 high
- CVE-2025-55676 high
- CVE-2025-55677 critical
- CVE-2025-55678 high
- CVE-2025-55679 high
- CVE-2025-55680 critical
- CVE-2025-55681 high
- CVE-2025-55682 high
- CVE-2025-55683 high
- CVE-2025-55684 high
- CVE-2025-55685 high
- CVE-2025-55686 high
- CVE-2025-55687 high
- CVE-2025-55688 high
- CVE-2025-55689 high
- CVE-2025-55690 high
- CVE-2025-55691 high
- CVE-2025-55692 critical
- CVE-2025-55693 high
- CVE-2025-55694 critical
- CVE-2025-55695 high
- CVE-2025-55696 critical
- CVE-2025-55697 critical
- CVE-2025-55698 critical
- CVE-2025-55699 high
- CVE-2025-55700 high
- CVE-2025-55701 critical
- CVE-2025-58714 critical
- CVE-2025-58715 critical
- CVE-2025-58716 critical
- CVE-2025-58717 high
- CVE-2025-58718 critical
- CVE-2025-58719 warning
- CVE-2025-58720 critical
- CVE-2025-58722 critical
- CVE-2025-58725 high
- CVE-2025-58726 critical
- CVE-2025-58727 high
- CVE-2025-58728 critical
- CVE-2025-58729 high
- CVE-2025-58730 high
- CVE-2025-58731 high
- CVE-2025-58732 high
- CVE-2025-58733 high
- CVE-2025-58734 high
- CVE-2025-58735 high
- CVE-2025-58736 high
- CVE-2025-58737 high
- CVE-2025-58738 high
- CVE-2025-58739 high
- CVE-2025-59184 high
- CVE-2025-59185 high
- CVE-2025-59186 high
- CVE-2025-59187 critical
- CVE-2025-59188 high
- CVE-2025-59189 high
- CVE-2025-59190 high
- CVE-2025-59191 critical
- CVE-2025-59192 critical
- CVE-2025-59193 high
- CVE-2025-59194 high
- CVE-2025-59195 high
- CVE-2025-59196 high
- CVE-2025-59197 high
- CVE-2025-59198 warning
- CVE-2025-59199 critical
- CVE-2025-59200 critical
- CVE-2025-59201 critical
- CVE-2025-59202 high
- CVE-2025-59203 high
- CVE-2025-59204 high
- CVE-2025-59205 high
- CVE-2025-59206 high
- CVE-2025-59207 critical
- CVE-2025-59208 high
- CVE-2025-59209 high
- CVE-2025-59210 high
- CVE-2025-59211 high
- CVE-2025-59214 high
- CVE-2025-59230 critical
- CVE-2025-59241 critical
- CVE-2025-59242 critical
- CVE-2025-59244 high
- CVE-2025-59253 high
- CVE-2025-59254 critical
- CVE-2025-59255 critical
- CVE-2025-59257 high
- CVE-2025-59258 high
- CVE-2025-59259 high
- CVE-2025-59260 high
- CVE-2025-59261 high
- CVE-2025-59275 critical
- CVE-2025-59277 critical
- CVE-2025-59278 critical
- CVE-2025-59280 warning
- CVE-2025-59282 high
- CVE-2025-59284 warning
- CVE-2025-59287 critical
- CVE-2025-59289 high
- CVE-2025-59290 critical
- CVE-2025-59294 warning
- CVE-2025-59295 critical
- CVE-2025-59502 critical
- CVE-2025-54957 high
KB list
- 5065429
- 5065428
- 5065426
- 5065425
- 5065432
- 5065431
- 5065474
- 5065306
- 5066836
- 5066586
- 5066791
- 5066835
- 5066793
- 5066837
- 5066780
- 5066782
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!