Kaspersky Threats

Описание

Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to gain privileges, bypass security restrictions, execute arbitrary code, cause denial of service, obtain sensitive information.

Below is a complete list of vulnerabilities:

An elevation of privilege vulnerability in Windows Ancillary Function Driver for WinSock can be exploited remotely to gain privileges.
An elevation of privilege vulnerability in Windows Kernel can be exploited remotely to gain privileges.
A security feature bypass vulnerability in MapUrlToZone can be exploited remotely to bypass security restrictions.
A remote code execution vulnerability in Windows SMB Client can be exploited remotely to execute arbitrary code.
An elevation of privilege vulnerability in Windows Defender Firewall Service can be exploited remotely to gain privileges.
An elevation of privilege vulnerability in Windows Hyper-V can be exploited remotely to gain privileges.
An information disclosure vulnerability in Windows Routing and Remote Access Service (RRAS) can be exploited remotely to obtain sensitive information.
A remote code execution vulnerability in Windows Routing and Remote Access Service (RRAS) can be exploited remotely to execute arbitrary code.
An elevation of privilege vulnerability in Windows NTLM can be exploited remotely to gain privileges.
An information disclosure vulnerability in Windows Kernel Memory can be exploited remotely to obtain sensitive information.
An elevation of privilege vulnerability in Local Security Authority Subsystem Service can be exploited remotely to gain privileges.
An elevation of privilege vulnerability in Windows BitLocker can be exploited remotely to gain privileges.
An information disclosure vulnerability in Windows Imaging Component can be exploited remotely to obtain sensitive information.
An elevation of privilege vulnerability in Windows TCP/IP Driver can be exploited remotely to gain privileges.
A remote code execution vulnerability in Windows NTFS can be exploited remotely to execute arbitrary code.
An elevation of privilege vulnerability in SPNEGO Extended Negotiation (NEGOEX) Security Mechanism can be exploited remotely to gain privileges.
An elevation of privilege vulnerability in Windows SMB can be exploited remotely to gain privileges.
A remote code execution vulnerability in Graphics Kernel can be exploited remotely to execute arbitrary code.
An information disclosure vulnerability in Windows Kernel-Mode Driver can be exploited remotely to obtain sensitive information.

Первичный источник обнаружения

Связанные продукты

Список CVE

CVE-2025-53796
high
CVE-2025-53797
high
CVE-2025-53798
high
CVE-2025-53799
high
CVE-2025-53803
high
CVE-2025-53804
high
CVE-2025-53806
high
CVE-2025-53808
high
CVE-2025-53810
high
CVE-2025-54091
critical
CVE-2025-54093
high
CVE-2025-54094
high
CVE-2025-54095
high
CVE-2025-54096
high
CVE-2025-54097
high
CVE-2025-54098
critical
CVE-2025-54099
high
CVE-2025-54101
warning
CVE-2025-54104
high
CVE-2025-54106
critical
CVE-2025-54107
warning
CVE-2025-54109
high
CVE-2025-54110
critical
CVE-2025-54113
critical
CVE-2025-54894
critical
CVE-2025-54895
critical
CVE-2025-54911
high
CVE-2025-54912
critical
CVE-2025-54915
high
CVE-2025-54916
critical
CVE-2025-54917
warning
CVE-2025-54918
critical
CVE-2025-55225
high
CVE-2025-55226
high
CVE-2025-55234
critical

Список KB

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com

Нашли неточность в описании этой уязвимости? Дайте нам знать!