Multiple vulnerabilities in Microsoft Products (ESU)

Описание

Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information, spoof user interface, cause denial of service.

Below is a complete list of vulnerabilities:

1. An elevation of privilege vulnerability in Windows Installer can be exploited remotely to gain privileges.
2. An elevation of privilege vulnerability in Windows Push Notifications Apps can be exploited remotely to gain privileges.
3. A remote code execution vulnerability in Windows Routing and Remote Access Service (RRAS) can be exploited remotely to execute arbitrary code.
4. A remote code execution vulnerability in GDI+ can be exploited remotely to execute arbitrary code.
5. An elevation of privilege vulnerability in Windows Ancillary Function Driver for WinSock can be exploited remotely to gain privileges.
6. An elevation of privilege vulnerability in Windows Kernel Transaction Manager can be exploited remotely to gain privileges.
7. An elevation of privilege vulnerability in Windows Hyper-V can be exploited remotely to gain privileges.
8. An information disclosure vulnerability in Windows Routing and Remote Access Service (RRAS) can be exploited remotely to obtain sensitive information.
9. An elevation of privilege vulnerability in Win32k can be exploited remotely to gain privileges.
10. A remote code execution vulnerability in Microsoft Message Queuing (MSMQ) can be exploited remotely to execute arbitrary code.
11. An elevation of privilege vulnerability in Remote Access Point-to-Point Protocol (PPP) EAP-TLS can be exploited remotely to gain privileges.
12. A spoofing vulnerability in Microsoft Windows File Explorer can be exploited remotely to spoof user interface.
13. An elevation of privilege vulnerability in Windows Kernel can be exploited remotely to gain privileges.
14. An elevation of privilege vulnerability in Kernel Streaming WOW Thunk Service Driver can be exploited remotely to gain privileges.
15. An information disclosure vulnerability in NT OS Kernel can be exploited remotely to obtain sensitive information.
16. An elevation of privilege vulnerability in Desktop Windows Manager can be exploited remotely to gain privileges.
17. An elevation of privilege vulnerability in Windows NTLM can be exploited remotely to gain privileges.
18. An elevation of privilege vulnerability in DirectX Graphics Kernel can be exploited remotely to gain privileges.
19. A denial of service vulnerability in Windows Remote Desktop Services can be exploited remotely to cause denial of service.
20. An information disclosure vulnerability in Windows NTFS can be exploited remotely to obtain sensitive information.
21. An elevation of privilege vulnerability in Windows Graphics Component can be exploited remotely to gain privileges.
22. A remote code execution vulnerability in Desktop Windows Manager can be exploited remotely to execute arbitrary code.
23. An information disclosure vulnerability in Windows Distributed Transaction Coordinator (MSDTC) can be exploited remotely to obtain sensitive information.

Первичный источник обнаружения

• CVE-2025-50173
  CVE-2025-50155
  CVE-2025-50160
  CVE-2025-53766
  CVE-2025-49757
  CVE-2025-53725
  CVE-2025-49762
  CVE-2025-53140
  CVE-2025-53155
  CVE-2025-53137
  CVE-2025-53138
  CVE-2025-53132
  CVE-2025-50177
  CVE-2025-53134
  CVE-2025-53724
  CVE-2025-53154
  CVE-2025-53153
  CVE-2025-50162
  CVE-2025-50159
  CVE-2025-50154
  CVE-2025-53143
  CVE-2025-49761
  CVE-2025-53149
  CVE-2025-53136
  CVE-2025-50163
  CVE-2025-53144
  CVE-2025-53719
  CVE-2025-50153
  CVE-2025-53723
  CVE-2025-53778
  CVE-2025-53145
  CVE-2025-50156
  CVE-2025-53726
  CVE-2025-53135
  CVE-2025-53720
  CVE-2025-50164
  CVE-2025-53148
  CVE-2025-53722
  CVE-2025-50161
  CVE-2025-50158
  CVE-2025-49743
  CVE-2025-53152
  CVE-2025-53718
  CVE-2025-50167
  CVE-2025-50157
  CVE-2025-53147
  CVE-2025-50166
  CVE-2025-53141
  

Связанные продукты

• Microsoft-Windows
• Microsoft-Windows-Server
• Microsoft-Windows-Server-2012
• Microsoft-Windows-Server-2008

Список CVE

• CVE-2025-50173
  critical
• CVE-2025-50155
  critical
• CVE-2025-50160
  critical
• CVE-2025-53766
  critical
• CVE-2025-49757
  critical
• CVE-2025-53725
  critical
• CVE-2025-49762
  high
• CVE-2025-53140
  high
• CVE-2025-53155
  critical
• CVE-2025-53137
  high
• CVE-2025-53138
  high
• CVE-2025-53132
  critical
• CVE-2025-50177
  critical
• CVE-2025-53134
  high
• CVE-2025-53724
  critical
• CVE-2025-53154
  critical
• CVE-2025-53153
  high
• CVE-2025-50162
  critical
• CVE-2025-50159
  high
• CVE-2025-50154
  critical
• CVE-2025-53143
  critical
• CVE-2025-49761
  critical
• CVE-2025-53149
  critical
• CVE-2025-53136
  high
• CVE-2025-50163
  critical
• CVE-2025-53144
  critical
• CVE-2025-53719
  high
• CVE-2025-50153
  critical
• CVE-2025-53723
  critical
• CVE-2025-53778
  critical
• CVE-2025-53145
  critical
• CVE-2025-50156
  high
• CVE-2025-53726
  critical
• CVE-2025-53135
  high
• CVE-2025-53720
  critical
• CVE-2025-50164
  critical
• CVE-2025-53148
  high
• CVE-2025-53722
  critical
• CVE-2025-50161
  high
• CVE-2025-50158
  high
• CVE-2025-49743
  high
• CVE-2025-53152
  critical
• CVE-2025-53718
  high
• CVE-2025-50167
  high
• CVE-2025-50157
  high
• CVE-2025-53147
  high
• CVE-2025-50166
  high
• CVE-2025-53141
  critical

Список KB

• 5062597
• 5062632
• 5062619
• 5062624
• 5062592
• 5062618
• 5063948
• 5063950
• 5063927
• 5063888
• 5063947
• 5063906

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com