Multiple vulnerabilities in Microsoft Windows

Описание

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, bypass security restrictions, execute arbitrary code, cause denial of service, obtain sensitive information.

Below is a complete list of vulnerabilities:

1. An elevation of privilege vulnerability in Windows Ancillary Function Driver for WinSock can be exploited remotely to gain privileges.
2. An elevation of privilege vulnerability in Windows Kernel can be exploited remotely to gain privileges.
3. A security feature bypass vulnerability in MapUrlToZone can be exploited remotely to bypass security restrictions.
4. An elevation of privilege vulnerability in Windows UI XAML Maps MapControlSettings can be exploited remotely to gain privileges.
5. A remote code execution vulnerability in Windows SMB Client can be exploited remotely to execute arbitrary code.
6. An elevation of privilege vulnerability in Windows Defender Firewall Service can be exploited remotely to gain privileges.
7. An elevation of privilege vulnerability in Windows Hyper-V can be exploited remotely to gain privileges.
8. An elevation of privilege vulnerability in Windows Connected Devices Platform Service can be exploited remotely to gain privileges.
9. An information disclosure vulnerability in Windows Routing and Remote Access Service (RRAS) can be exploited remotely to obtain sensitive information.
10. A remote code execution vulnerability in Windows Routing and Remote Access Service (RRAS) can be exploited remotely to execute arbitrary code.
11. An elevation of privilege vulnerability in DirectX Graphics Kernel can be exploited remotely to gain privileges.
12. An elevation of privilege vulnerability in Windows MultiPoint Services can be exploited remotely to gain privileges.
13. An elevation of privilege vulnerability in Windows NTLM can be exploited remotely to gain privileges.
14. An information disclosure vulnerability in Windows Kernel Memory can be exploited remotely to obtain sensitive information.
15. An elevation of privilege vulnerability in Windows Graphics Component can be exploited remotely to gain privileges.
16. An elevation of privilege vulnerability in Capability Access Management Service (camsvc) can be exploited remotely to gain privileges.
17. An elevation of privilege vulnerability in Microsoft DWM Core Library can be exploited remotely to gain privileges.
18. An elevation of privilege vulnerability in Local Security Authority Subsystem Service can be exploited remotely to gain privileges.
19. A denial of service vulnerability in Windows Connected Devices Platform Service (Cdpsvc) can be exploited remotely to cause denial of service.
20. An elevation of privilege vulnerability in Windows BitLocker can be exploited remotely to gain privileges.
21. A remote code execution vulnerability in Windows Graphics Component can be exploited remotely to execute arbitrary code.
22. An information disclosure vulnerability in Windows Imaging Component can be exploited remotely to obtain sensitive information.
23. A denial of service vulnerability in Local Security Authority Subsystem Service (LSASS) can be exploited remotely to cause denial of service.
24. A remote code execution vulnerability in Windows Hyper-V can be exploited remotely to execute arbitrary code.
25. An elevation of privilege vulnerability in Windows UI XAML Phone DatePickerFlyout can be exploited remotely to gain privileges.
26. An elevation of privilege vulnerability in Windows Management Service can be exploited remotely to gain privileges.
27. A remote code execution vulnerability in Graphics Kernel can be exploited remotely to execute arbitrary code.
28. An elevation of privilege vulnerability in Windows TCP/IP Driver can be exploited remotely to gain privileges.
29. An elevation of privilege vulnerability in Microsoft Brokering File System can be exploited remotely to gain privileges.
30. An elevation of privilege vulnerability in Microsoft Virtual Hard Disk can be exploited remotely to gain privileges.
31. An elevation of privilege vulnerability in Windows Bluetooth Service can be exploited remotely to gain privileges.
32. A remote code execution vulnerability in Windows NTFS can be exploited remotely to execute arbitrary code.
33. An elevation of privilege vulnerability in SPNEGO Extended Negotiation (NEGOEX) Security Mechanism can be exploited remotely to gain privileges.
34. An elevation of privilege vulnerability in Windows SMB can be exploited remotely to gain privileges.
35. An elevation of privilege vulnerability in PowerShell Direct can be exploited remotely to gain privileges.
36. A denial of service vulnerability in HTTP.sys can be exploited remotely to cause denial of service.
37. An information disclosure vulnerability in Windows Kernel-Mode Driver can be exploited remotely to obtain sensitive information.

Первичный источник обнаружения

• CVE-2025-54099
  CVE-2025-54110
  CVE-2025-54107
  CVE-2025-54913
  CVE-2025-54101
  CVE-2025-53808
  CVE-2025-54091
  CVE-2025-54102
  CVE-2025-55225
  CVE-2025-54113
  CVE-2025-53806
  CVE-2025-55223
  CVE-2025-54116
  CVE-2025-54098
  CVE-2025-54918
  CVE-2025-53810
  CVE-2025-53803
  CVE-2025-53800
  CVE-2025-54115
  CVE-2025-54095
  CVE-2025-54108
  CVE-2025-53797
  CVE-2025-54092
  CVE-2025-53801
  CVE-2025-54894
  CVE-2025-53798
  CVE-2025-54096
  CVE-2025-54114
  CVE-2025-54104
  CVE-2025-54912
  CVE-2025-53796
  CVE-2025-54919
  CVE-2025-54106
  CVE-2025-53799
  CVE-2025-53809
  CVE-2025-54917
  CVE-2025-53807
  CVE-2025-55224
  CVE-2025-54111
  CVE-2025-54103
  CVE-2025-55236
  CVE-2025-55228
  CVE-2025-54097
  CVE-2025-54093
  CVE-2025-54105
  CVE-2025-54112
  CVE-2025-53802
  CVE-2025-54916
  CVE-2025-54915
  CVE-2025-54895
  CVE-2025-55234
  CVE-2025-49734
  CVE-2025-54109
  CVE-2025-55226
  CVE-2025-53805
  CVE-2025-53804
  CVE-2025-54911
  CVE-2025-54094
  

Связанные продукты

• Microsoft-Windows-10
• Microsoft-Windows-Server-2016
• Microsoft-Windows-Server-2019
• Microsoft-Windows-11
• Microsoft-Windows-Server-2022

Список CVE

• CVE-2025-49734
  high
• CVE-2025-53796
  high
• CVE-2025-53797
  high
• CVE-2025-53798
  high
• CVE-2025-53799
  high
• CVE-2025-53800
  critical
• CVE-2025-53801
  critical
• CVE-2025-53802
  high
• CVE-2025-53803
  high
• CVE-2025-53804
  high
• CVE-2025-53805
  critical
• CVE-2025-53806
  high
• CVE-2025-53807
  high
• CVE-2025-53808
  high
• CVE-2025-53809
  high
• CVE-2025-53810
  high
• CVE-2025-54091
  critical
• CVE-2025-54092
  critical
• CVE-2025-54093
  high
• CVE-2025-54094
  high
• CVE-2025-54095
  high
• CVE-2025-54096
  high
• CVE-2025-54097
  high
• CVE-2025-54098
  critical
• CVE-2025-54099
  high
• CVE-2025-54101
  warning
• CVE-2025-54102
  critical
• CVE-2025-54103
  high
• CVE-2025-54104
  high
• CVE-2025-54105
  high
• CVE-2025-54106
  critical
• CVE-2025-54107
  warning
• CVE-2025-54108
  high
• CVE-2025-54109
  high
• CVE-2025-54110
  critical
• CVE-2025-54111
  critical
• CVE-2025-54112
  high
• CVE-2025-54113
  critical
• CVE-2025-54114
  high
• CVE-2025-54115
  high
• CVE-2025-54116
  high
• CVE-2025-54894
  critical
• CVE-2025-54895
  critical
• CVE-2025-54911
  high
• CVE-2025-54912
  critical
• CVE-2025-54913
  critical
• CVE-2025-54915
  high
• CVE-2025-54916
  critical
• CVE-2025-54917
  warning
• CVE-2025-54918
  critical
• CVE-2025-54919
  critical
• CVE-2025-55223
  high
• CVE-2025-55224
  critical
• CVE-2025-55225
  high
• CVE-2025-55226
  high
• CVE-2025-55228
  critical
• CVE-2025-55234
  critical
• CVE-2025-55236
  high

Список KB

• 5065429
• 5065430
• 5065427
• 5065428
• 5065426
• 5065425
• 5065432
• 5065431
• 5065474
• 5065306

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com