Açıklama
Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, gain privileges, execute arbitrary code, cause denial of service.
Below is a complete list of vulnerabilities:
- An information disclosure vulnerability in Windows Routing and Remote Access Service (RRAS) can be exploited remotely to obtain sensitive information.
- An information disclosure vulnerability in Windows Imaging Component can be exploited remotely to obtain sensitive information.
- An information disclosure vulnerability in Windows Kernel Memory can be exploited remotely to obtain sensitive information.
- An information disclosure vulnerability in Windows Kernel-Mode Driver can be exploited remotely to obtain sensitive information.
- An elevation of privilege vulnerability in Windows Defender Firewall Service can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Hyper-V can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows TCP/IP Driver can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Ancillary Function Driver for WinSock can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Windows SMB Client can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Windows Routing and Remote Access Service (RRAS) can be exploited remotely to execute arbitrary code.
- A security feature bypass vulnerability in MapUrlToZone can be exploited remotely to bypass security restrictions.
- An elevation of privilege vulnerability in Windows Kernel can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Local Security Authority Subsystem Service can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in SPNEGO Extended Negotiation (NEGOEX) Security Mechanism can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows BitLocker can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Windows NTFS can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows NTLM can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Graphics Kernel can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows SMB can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows UI XAML Phone DatePickerFlyout can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Graphics Component can be exploited remotely to gain privileges.
- A denial of service vulnerability in Windows Connected Devices Platform Service (Cdpsvc) can be exploited remotely to cause denial of service.
- An elevation of privilege vulnerability in Microsoft DWM Core Library can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Connected Devices Platform Service can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows MultiPoint Services can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Windows Hyper-V can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in PowerShell Direct can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Windows Graphics Component can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Bluetooth Service can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Microsoft Virtual Hard Disk can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in DirectX Graphics Kernel can be exploited remotely to gain privileges.
- A denial of service vulnerability in HTTP.sys can be exploited remotely to cause denial of service.
- An elevation of privilege vulnerability in Windows Management Service can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows UI XAML Maps MapControlSettings can be exploited remotely to gain privileges.
Orijinal öneriler
- CVE-2025-54110
- CVE-2025-54107
- CVE-2025-54101
- CVE-2025-53808
- CVE-2025-54091
- CVE-2025-55225
- CVE-2025-54113
- CVE-2025-53806
- CVE-2025-54098
- CVE-2025-54918
- CVE-2025-53810
- CVE-2025-53803
- CVE-2025-54095
- CVE-2025-53797
- CVE-2025-54894
- CVE-2025-53798
- CVE-2025-54096
- CVE-2025-53796
- CVE-2025-54104
- CVE-2025-54912
- CVE-2025-54106
- CVE-2025-53799
- CVE-2025-54917
- CVE-2025-54097
- CVE-2025-54093
- CVE-2025-54916
- CVE-2025-54895
- CVE-2025-54915
- CVE-2025-55234
- CVE-2025-54109
- CVE-2025-55226
- CVE-2025-53804
- CVE-2025-54911
- CVE-2025-54094
- CVE-2025-54111
- CVE-2025-53807
- CVE-2025-54115
- CVE-2025-54114
- CVE-2025-55236
- CVE-2025-53801
- CVE-2025-54102
- CVE-2025-54116
- CVE-2025-55224
- CVE-2025-49734
- CVE-2025-55228
- CVE-2025-53800
- CVE-2025-53802
- CVE-2025-54112
- CVE-2025-54092
- CVE-2025-54919
- CVE-2025-55223
- CVE-2025-53805
- CVE-2025-54103
- CVE-2025-54913
Kötüye kullanma
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
İlgili ürünler
- Microsoft-Windows
- Microsoft-Windows-Server
- Microsoft-Windows-Server-2012
- Microsoft-Windows-Server-2008
- Microsoft-Windows-10
- Microsoft-Windows-11
CVE Listesi
- CVE-2025-49734 high
- CVE-2025-53796 high
- CVE-2025-53797 high
- CVE-2025-53798 high
- CVE-2025-53799 high
- CVE-2025-53800 critical
- CVE-2025-53801 critical
- CVE-2025-53802 high
- CVE-2025-53803 high
- CVE-2025-53804 high
- CVE-2025-53805 critical
- CVE-2025-53806 high
- CVE-2025-53807 high
- CVE-2025-53808 high
- CVE-2025-53810 high
- CVE-2025-54091 critical
- CVE-2025-54092 critical
- CVE-2025-54093 high
- CVE-2025-54094 high
- CVE-2025-54095 high
- CVE-2025-54096 high
- CVE-2025-54097 high
- CVE-2025-54098 critical
- CVE-2025-54099 high
- CVE-2025-54101 warning
- CVE-2025-54102 critical
- CVE-2025-54103 high
- CVE-2025-54104 high
- CVE-2025-54106 critical
- CVE-2025-54107 warning
- CVE-2025-54109 high
- CVE-2025-54110 critical
- CVE-2025-54111 critical
- CVE-2025-54112 high
- CVE-2025-54113 critical
- CVE-2025-54114 high
- CVE-2025-54115 high
- CVE-2025-54116 high
- CVE-2025-54894 critical
- CVE-2025-54895 critical
- CVE-2025-54911 high
- CVE-2025-54912 critical
- CVE-2025-54913 critical
- CVE-2025-54915 high
- CVE-2025-54916 critical
- CVE-2025-54917 warning
- CVE-2025-54918 critical
- CVE-2025-54919 critical
- CVE-2025-55223 high
- CVE-2025-55224 critical
- CVE-2025-55225 high
- CVE-2025-55226 high
- CVE-2025-55228 critical
- CVE-2025-55234 critical
- CVE-2025-55236 critical
KB Listesi
Daha fazlasını okuyun
Bölgenizde yayılan güvenlik açıklarının istatistiklerini öğrenin statistics.securelist.com
Bu güvenlik açığının açıklamasında bir tutarsızlık mı tespit ettiniz? Bize bildirin!