Kaspersky База Угроз

Описание

Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information, bypass security restrictions, cause denial of service, spoof user interface.

Below is a complete list of vulnerabilities:

A remote code execution vulnerability in PowerShell can be exploited remotely to execute arbitrary code.
An elevation of privilege vulnerability in Microsoft Message Queuing (MSMQ) can be exploited remotely to gain privileges.
An elevation of privilege vulnerability in Win32k can be exploited remotely to gain privileges.
An elevation of privilege vulnerability in Windows Client-Side Caching can be exploited remotely to gain privileges.
An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely to gain privileges.
An elevation of privilege vulnerability in Windows Remote Access Connection Manager can be exploited remotely to gain privileges.
An information disclosure vulnerability in Windows Routing and Remote Access Service (RRAS) can be exploited remotely to obtain sensitive information.
A remote code execution vulnerability in Windows Routing and Remote Access Service (RRAS) can be exploited remotely to execute arbitrary code.
A denial of service vulnerability in Windows Hyper-V can be exploited remotely to cause denial of service.
An elevation of privilege vulnerability in Windows Installer can be exploited remotely to gain privileges.
An elevation of privilege vulnerability in Microsoft Exchange Server can be exploited remotely to gain privileges.
A spoofing vulnerability in Microsoft Exchange Server can be exploited remotely to spoof user interface.
An elevation of privilege vulnerability in Windows DWM Core Library can be exploited remotely to gain privileges.
An elevation of privilege vulnerability in Windows Projected File System can be exploited remotely to gain privileges.
An elevation of privilege vulnerability in Windows Cloud Files Mini Filter Driver can be exploited remotely to gain privileges.
An elevation of privilege vulnerability in Windows File Explorer can be exploited remotely to gain privileges.
An elevation of privilege vulnerability in Windows Storage VSP Driver can be exploited remotely to gain privileges.
An elevation of privilege vulnerability in Windows Shell can be exploited remotely to gain privileges.
An information disclosure vulnerability in Windows DirectX can be exploited remotely to obtain sensitive information.
A denial of service vulnerability in DirectX Graphics Kernel can be exploited remotely to cause denial of service.
An elevation of privilege vulnerability in DirectX Graphics Kernel can be exploited remotely to gain privileges.

Первичный источник обнаружения

Эксплуатация

Public exploits exist for this vulnerability.

Связанные продукты

Список CVE

CVE-2025-54100
critical
CVE-2025-55233
critical
CVE-2025-59516
critical
CVE-2025-59517
critical
CVE-2025-62221
critical
CVE-2025-62454
critical
CVE-2025-62455
critical
CVE-2025-62457
critical
CVE-2025-62458
critical
CVE-2025-62461
critical
CVE-2025-62462
critical
CVE-2025-62463
high
CVE-2025-62464
critical
CVE-2025-62466
critical
CVE-2025-62467
critical
CVE-2025-62470
critical
CVE-2025-62472
critical
CVE-2025-62473
high
CVE-2025-62474
critical
CVE-2025-62549
critical
CVE-2025-62565
high
CVE-2025-62567
high
CVE-2025-62571
critical
CVE-2025-62573
high
CVE-2025-64658
critical
CVE-2025-64661
critical
CVE-2025-64666
critical
CVE-2025-64667
high
CVE-2025-64670
high
CVE-2025-64673
critical
CVE-2025-64678
critical
CVE-2025-64679
critical
CVE-2025-64680
critical

Список KB

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com

Нашли неточность в описании этой уязвимости? Дайте нам знать!