Описание
Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, execute arbitrary code, gain privileges, cause denial of service.
Below is a complete list of vulnerabilities:
- An information disclosure vulnerability in Remote Desktop Protocol Client can be exploited remotely to obtain sensitive information.
- A remote code execution vulnerability in Web Distributed Authoring and Versioning (WEBDAV) can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Installer can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Windows Routing and Remote Access Service (RRAS) can be exploited remotely to execute arbitrary code.
- Denial of service vulnerability in Local Security Authority Subsystem Service (LSASS) can be exploited remotely to cause denial of service.
- An elevation of privilege vulnerability in Windows Remote Access Connection Manager can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Windows Storage Management Provider can be exploited remotely to obtain sensitive information.
- A security feature bypass vulnerability in Windows Shortcut Files can be exploited remotely to bypass security restrictions.
- An elevation of privilege vulnerability in Windows SMB Client can be exploited remotely to gain privileges.
- Denial of service vulnerability in Windows Local Security Authority (LSA) can be exploited remotely to cause denial of service.
- An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Win32k can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Windows Remote Desktop Services can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Netlogon can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Windows KDC Proxy Service (KPSSVC) can be exploited remotely to execute arbitrary code.
- Denial of service vulnerability in Windows Standards-Based Storage Management Service can be exploited remotely to cause denial of service.
- An elevation of privilege vulnerability in Windows Media can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Windows Storage Port Driver can be exploited remotely to obtain sensitive information.
Первичный источник обнаружения
- CVE-2025-32715
CVE-2025-33053
CVE-2025-32714
CVE-2025-33064
CVE-2025-33066
CVE-2025-32724
CVE-2025-47955
CVE-2025-32720
CVE-2025-47160
CVE-2025-32718
CVE-2025-33056
CVE-2025-32713
CVE-2025-32712
CVE-2025-32710
CVE-2025-33070
CVE-2025-33060
CVE-2025-3052
CVE-2025-33075
CVE-2025-33071
CVE-2025-33057
CVE-2025-33068
CVE-2025-33073
CVE-2025-32716
CVE-2025-32722
Связанные продукты
- Microsoft-Windows
- Microsoft-Windows-Server
- Microsoft-Windows-Server-2012
- Microsoft-Windows-Server-2008
Список CVE
- CVE-2025-32710 critical
- CVE-2025-32712 critical
- CVE-2025-32713 critical
- CVE-2025-32714 critical
- CVE-2025-32715 high
- CVE-2025-32716 critical
- CVE-2025-32718 critical
- CVE-2025-32720 high
- CVE-2025-32722 high
- CVE-2025-32724 critical
- CVE-2025-33053 critical
- CVE-2025-33056 critical
- CVE-2025-33057 high
- CVE-2025-33060 high
- CVE-2025-33064 critical
- CVE-2025-33066 critical
- CVE-2025-33068 critical
- CVE-2025-33070 critical
- CVE-2025-33071 critical
- CVE-2025-33073 critical
- CVE-2025-33075 critical
- CVE-2025-47160 high
- CVE-2025-47955 critical
- CVE-2025-3052 critical
Список KB
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!