Multiple vulnerabilities in Microsoft Windows

Описание

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, gain privileges, execute arbitrary code, bypass security restrictions, spoof user interface, cause denial of service.

Below is a complete list of vulnerabilities:

1. An elevation of privilege vulnerability can be exploited remotely to gain privileges.
2. A remote code execution vulnerability in Windows exFAT File System can be exploited remotely to execute arbitrary code.
3. Security vulnerability can be exploited to bypass security restrictions.
4. A remote code execution vulnerability in Windows Remote Desktop Services can be exploited remotely to execute arbitrary code.
5. An elevation of privilege vulnerability in Windows Win32 Kernel Subsystem can be exploited remotely to gain privileges.
6. Use after free vulnerability in Microsoft Streaming Service can be exploited to cause denial of service or execute arbitrary code.
7. Use after free vulnerability in Windows Hyper-V can be exploited to cause denial of service or execute arbitrary code.
8. A remote code execution vulnerability can be exploited remotely to execute arbitrary code.
9. A spoofing vulnerability in NTLM Hash Disclosure can be exploited remotely to spoof user interface.
10. Information disclosure vulnerability in Windows USB Video Class System Driver can be exploited to obtain sensitive information.
11. A remote code execution vulnerability in Windows Telephony Service can be exploited remotely to execute arbitrary code.
12. An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely to gain privileges.
13. A remote code execution vulnerability in Windows Domain Name Service can be exploited remotely to execute arbitrary code.
14. A spoofing vulnerability in Microsoft Windows File Explorer can be exploited remotely to spoof user interface.
15. An elevation of privilege vulnerability in Microsoft Local Security Authority (LSA) Server can be exploited remotely to gain privileges.
16. Information disclosure vulnerability can be exploited to obtain sensitive information.
17. A remote code execution vulnerability in Windows Fast FAT File System Driver can be exploited remotely to execute arbitrary code.
18. An elevation of privilege vulnerability in Windows USB Video Class System Driver can be exploited remotely to gain privileges.
19. An information disclosure vulnerability in Windows NTFS can be exploited remotely to obtain sensitive information.
20. A remote code execution vulnerability in Windows NTFS can be exploited remotely to execute arbitrary code.
21. Security vulnerability in composition area can be exploited to bypass security restrictions.
22. A security feature bypass vulnerability in Microsoft Management Console can be exploited remotely to bypass security restrictions.
23. A remote code execution vulnerability in Remote Desktop Client can be exploited remotely to execute arbitrary code.

Первичный источник обнаружения

• CVE-2025-26645
  CVE-2025-24066
  CVE-2025-24993
  CVE-2025-24983
  CVE-2025-25008
  CVE-2025-24055
  CVE-2025-24056
  CVE-2025-24995
  CVE-2025-24054
  CVE-2025-21180
  CVE-2025-24051
  CVE-2025-21247
  CVE-2025-24071
  CVE-2025-24045
  CVE-2025-24994
  CVE-2025-24997
  CVE-2024-9157
  CVE-2025-24050
  CVE-2025-24987
  CVE-2025-24048
  CVE-2025-24996
  CVE-2025-24061
  CVE-2025-24059
  CVE-2025-24064
  CVE-2025-24992
  CVE-2025-24072
  CVE-2025-24067
  CVE-2025-24076
  CVE-2025-24991
  CVE-2025-24035
  CVE-2025-24984
  CVE-2025-24046
  CVE-2025-24985
  CVE-2025-24084
  CVE-2025-26633
  CVE-2025-24044
  CVE-2025-24988
  

Эксплуатация

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Microsoft-Windows
• Microsoft-Windows-Server
• Microsoft-Windows-10
• Microsoft-Windows-Server-2016
• Microsoft-Windows-Server-2019
• Microsoft-Windows-11
• Microsoft-Remote-Desktop
• Microsoft-Windows-Server-2022

Список CVE

• CVE-2024-9157
  critical
• CVE-2025-21180
  critical
• CVE-2025-21247
  warning
• CVE-2025-24035
  critical
• CVE-2025-24044
  critical
• CVE-2025-24045
  critical
• CVE-2025-24046
  critical
• CVE-2025-24048
  critical
• CVE-2025-24050
  critical
• CVE-2025-24051
  critical
• CVE-2025-24054
  high
• CVE-2025-24055
  warning
• CVE-2025-24056
  critical
• CVE-2025-24059
  critical
• CVE-2025-24061
  critical
• CVE-2025-24064
  critical
• CVE-2025-24066
  critical
• CVE-2025-24067
  critical
• CVE-2025-24071
  critical
• CVE-2025-24072
  critical
• CVE-2025-24076
  high
• CVE-2025-24084
  critical
• CVE-2025-24983
  high
• CVE-2025-24984
  warning
• CVE-2025-24985
  critical
• CVE-2025-24987
  high
• CVE-2025-24988
  high
• CVE-2025-24991
  high
• CVE-2025-24992
  high
• CVE-2025-24993
  critical
• CVE-2025-24994
  high
• CVE-2025-24995
  critical
• CVE-2025-24996
  high
• CVE-2025-24997
  warning
• CVE-2025-25008
  high
• CVE-2025-26633
  high
• CVE-2025-26645
  critical

Список KB

• 5053603
• 5053598
• 5053596
• 5053599
• 5053638
• 5053618
• 5053602
• 5053636
• 5053606
• 5053594

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com