مایکروسافت اصلاحیههای امنیتی اکتبر ۲۰۲۵ را منتشر کرد که شامل بهروزرسانیهای امنیتی برای ۱۷۲ نقص از جمله شش آسیبپذیری روز صفر میشود.
جزئیات آسیبپذیری
بهروزرسانیهای سهشنبه ماه اکتبر، همچنین هشت آسیبپذیری «حیاتی» را برطرف میکنند که پنج مورد از آنها آسیبپذیریهای اجرای کد از راه دور و سه مورد آسیبپذیریهای ارتقا سطح دسترسی هستند.
تعداد باگها در هر رده از آسیبپذیریها به تفکیک به شرح زیر است:
- ۸۰ آسیبپذیری ارتقا سطح دسترسی
- ۱۱ آسیبپذیری عبور از راهکارهای امنیتی
- ۳۱ آسیبپذیری اجرای کد از راه دور
- ۲۸ آسیبپذیری افشای اطلاعات
- ۱۱ آسیبپذیری منع سرویس
- ۱۰ آسیبپذیری جعل
📌 لازم به ذکر است که تعداد نقصهای فوق شامل مواردی نمیشود که در Azure، Mariner، Microsoft Edge و سایر آسیبپذیریها در اوایل این ماه برطرف شدهاند.
❗گفتنی است که ویندوز ۱۰ به پایان پشتیبانی خود رسیده و این آخرین اصلاحیهای است که مایکروسافت بهروزرسانیهای امنیتی رایگان را برای این سیستم عامل معتبر ارائه میدهد.
جهت کسب اطلاعات بیشتر و دریافت و نصب وصلههای امنیتی ماه اکتبر به سایت مایکروسافت مراجعه کنید.
آسیبپذیریهای روز صفر
وصله امنیتی سهشنبه این ماه، دو نقص روز صفر افشا شده عمومی در Windows SMB Server و Microsoft SQL Server را برطرف میکند.
🔴 آسیبپذیریهای روز صفر تحت اکسپلویت فعال
[CVE-2025-24990]
🔺آسیبپذیری ارتقا سطح دسترسی در Windows Agere Modem Driver با شناسه CVE-2025-24990 و امتیاز 7.8
مایکروسافت گفت از آسیبپذیریهای موجود در درایور شخص ثالث مودم Agere که به صورت بومی با سیستم عاملهای پشتیبانی شده ویندوز ارائه میشود، آگاه است.
این اطلاعیهای مبنی بر حذف قریبالوقوع درایور ltmdm64.sys است. این درایور در بهروزرسانی تجمعی اکتبر حذف شده است. مایکروسافت هشدار داد که حذف این درایور باعث از کار افتادن سختافزار مودم Fax مرتبط خواهد شد.
[CVE-2025-59230]
🔺آسیبپذیری ارتقا سطح دسترسی در Windows Remote Access Connection Manager با شناسه CVE-2025-59230 و امتیاز 7.8
مایکروسافت نقص امنیتی Windows Remote Access Connection Manager را که برای به دست آوردن امتیازات SYSTEM مورد اکسپلویت قرار گرفته بود، برطرف کرد.
بنابر توضیحات مایکروسافت: کنترل دسترسی نامناسب در Windows Remote Access Connection Manager، امکان ارتقاء سطح دسترسی را به صورت محلی برای مهاجم احراز هویت شده فراهم میکند.
مایکروسافت گفت مهاجمان برای بهرهبرداری موفقیتآمیز از این نقص باید «مقدار قابل توجهی تلاش برای آمادهسازی یا اجرا» انجام دهند.
[CVE-2025-47827]
🔺آسیبپذیری عبور از Secure Boot در سیستمعامل IGEL قبل از 11 با شناسه CVE-2025-47827 و امتیاز 4.6
در وصلههای این ماه، مایکروسافت اصلاحیهای را برای نقص دور زدن Secure Boot در سیستم عامل IGEL ارائه کرده است. طبق گفته مایکروسافت : «در IGEL OS قبل از نسخه ۱۱، میتوان Secure Boot را دور زد زیرا ماژول igel-flash-driver به طور نامناسب امضای رمزنگاری را تأیید میکند. در نهایت، یک فایلسیستم روت دستکاری شده میتواند از یک فایل تصویر SquashFS تأیید نشده، نصب شود.»
این شناسه CVE از طرف MITRE اختصاص داده شده است. بهروزرسانیهای مستند ویندوز شامل بهروزرسانیهایی در IGEL OS هستند که این آسیبپذیری را برطرف میکنند. برای اطلاعات بیشتر به راهنمای بهروزرسانی امنیتی با عنوان «Security Update Guide Supports CVEs Assigned by Industry Partners» مراجعه کنید.
🔴 آسیبپذیریهای روز صفر افشا شده عمومی:
[CVE-2025-0033]
🔺آسیبپذیری خرابی RMP در طول مقداردهی اولیه SNP با شناسه CVE-2025-0033 و امتیاز 8.2
مایکروسافت در حال کار بر روی رفع نقصی برای AMD است که میتواند بر یکپارچگی حافظه تأثیر بگذارد. این آسیبپذیری در پردازندههای AMD EPYC است که از Secure Encrypted Virtualization – Secure Nested Paging (SEV-SNP) استفاده میکنند و شامل یک وضعیت رقابتی (Race condition) در طول راهاندازی اولیه Reverse Map Table (RMP) است. این امر میتواند به هایپروایزر مخرب یا آسیبپذیر اجازه دهد تا ورودیهای RMP را قبل از قفل شدن تغییر دهد و به طور بالقوه بر یکپارچگی حافظه مهمان SEV-SNP تأثیر بگذارد.
این نقص امنیتی دادههای متنی ساده یا اسرار را افشا نمیکند و برای اکسپلویت نیاز به کنترل سطح بالای هایپروایزر دارد. در سراسر محصولات Azure Confidential Computing، چندین محافظ امنیتی برای جلوگیری از به خطر افتادن میزبان وجود دارد که ترکیبی از جداسازی، تأیید یکپارچگی و نظارت مداوم است. همه عملیات میزبان از مسیرهای مدیریتی حسابرسی شده و تأیید شده پیروی میکنند و دسترسی مدیریتی به شدت کنترل، محدود و ثبت شده است.
این حفاظتها در کنار هم، تهدید به خطر افتادن میزبان یا دستکاری غیرمجاز حافظه را کاهش میدهند و به اطمینان از حفظ محرمانگی و یکپارچگی workloadهای محرمانه و ماشینهای مجازی مشتری در میزبانهای Azure کمک میکنند. مایکروسافت اظهار کرد که بهروزرسانیهای امنیتی برای این آسیبپذیری در کلاسترهای مبتنی بر AMD شرکت Azure Confidential Computing (ACC) هنوز کامل نشده است. به محض آماده شدن بهروزرسانیها برای استقرار، مشتریان از طریق Azure Service Health Alerts مطلع خواهند شد.
[CVE-2025-24052]
🔺آسیبپذیری ارتقای سطح دسترسی در Windows Agere Modem Driver با شناسه CVE-2025-24052 و امتیاز 7.8
این آسیبپذیری که به نظر میرسد به طور عمومی افشا شده، مشابه CVE-2025-24990 است که در بالا توضیح داده شد. بر اساس تاکید مایکروسافت، نقص امنیتی مذکور بر همه نسخههای ویندوز تأثیر میگذارد و نیازی به استفاده از مودم برای سوءاستفاده از این نقص نیست.
“همه نسخههای پشتیبانی شده ویندوز میتوانند تحت تأثیر حمله اکسپلویت موفقیتآمیز از این نقص امنیتی قرار گیرند، حتی اگر مودم به طور فعال مورد استفاده قرار نگیرد.”
[CVE-2025-2884]
🔺آسیبپذیری خواندن خارج از محدوده در پیادهسازی مرجع TCG TPM2.0 با شناسه CVE-2025-2884 و امتیاز 5.3
مایکروسافت نقص TCG TPM 2.0 را که میتواند منجر به افشای اطلاعات یا منع سرویس TPM شود، برطرف کرده است. مایکروسافت تصریح کرد : “CVE-2025-2884 مربوط به یک آسیبپذیری در تابع کمکی CryptHmacSign پیادهسازی CG TPM2.0 Reference است که به دلیل عدم اعتبارسنجی طرح امضا با الگوریتم کلید امضا، در برابر خواندن خارج از محدوده آسیبپذیر است.”
این CVE را CERT/CC از طرف خود ایجاد کرده است. بهروزرسانیهای مستند شده ویندوز شامل بهروزرسانیهایی در پیادهسازی CG TPM2.0 Reference هستند که این آسیبپذیری را برطرف میکنند.
جزئیات مربوط به آسیبپذیریهای برطرف شده در بهروزرسانیهای اکتبر ۲۰۲۵ در جدول زیر قابل مشاهده است:
| عنوان | شناسه آسیبپذیری (CVE ID) | عنوان آسیبپذیری ( CVE title) | شدت |
|---|---|---|---|
| .NET | CVE-2025-55247 | .NET Elevation of Privilege Vulnerability | Important |
| .NET, .NET Framework, Visual Studio | CVE-2025-55248 | .NET, .NET Framework, and Visual Studio Information Disclosure Vulnerability | Important |
| Active Directory Federation Services | CVE-2025-59258 | Windows Active Directory Federation Services (ADFS) Information Disclosure Vulnerability | Important |
| Agere Windows Modem Driver | CVE-2025-24990 | Windows Agere Modem Driver Elevation of Privilege Vulnerability | Important |
| Agere Windows Modem Driver | CVE-2025-24052 | Windows Agere Modem Driver Elevation of Privilege Vulnerability | Important |
| AMD Restricted Memory Page | CVE-2025-0033 | AMD CVE-2025-0033: RMP Corruption During SNP Initialization | Critical |
| ASP.NET Core | CVE-2025-55315 | ASP.NET Security Feature Bypass Vulnerability | Important |
| Azure Connected Machine Agent | CVE-2025-47989 | Azure Connected Machine Agent Elevation of Privilege Vulnerability | Important |
| Azure Connected Machine Agent | CVE-2025-58724 | Arc Enabled Servers – Azure Connected Machine Agent Elevation of Privilege Vulnerability | Important |
| Azure Entra ID | CVE-2025-59218 | Azure Entra ID Elevation of Privilege Vulnerability | Critical |
| Azure Entra ID | CVE-2025-59246 | Azure Entra ID Elevation of Privilege Vulnerability | Critical |
| Azure Local | CVE-2025-55697 | Azure Local Elevation of Privilege Vulnerability | Important |
| Azure Monitor | CVE-2025-55321 | Azure Monitor Log Analytics Spoofing Vulnerability | Critical |
| Azure Monitor Agent | CVE-2025-59285 | Azure Monitor Agent Elevation of Privilege Vulnerability | Important |
| Azure Monitor Agent | CVE-2025-59494 | Azure Monitor Agent Elevation of Privilege Vulnerability | Important |
| Azure PlayFab | CVE-2025-59247 | Azure PlayFab Elevation of Privilege Vulnerability | Critical |
| Confidential Azure Container Instances | CVE-2025-59292 | Azure Compute Gallery Elevation of Privilege Vulnerability | Critical |
| Confidential Azure Container Instances | CVE-2025-59291 | Confidential Azure Container Instances Elevation of Privilege Vulnerability | Critical |
| Connected Devices Platform Service (Cdpsvc) | CVE-2025-59191 | Windows Connected Devices Platform Service Elevation of Privilege Vulnerability | Important |
| Connected Devices Platform Service (Cdpsvc) | CVE-2025-55326 | Windows Connected Devices Platform Service (Cdpsvc) Remote Code Execution Vulnerability | Important |
| Connected Devices Platform Service (Cdpsvc) | CVE-2025-58719 | Windows Connected Devices Platform Service Elevation of Privilege Vulnerability | Important |
| Copilot | CVE-2025-59272 | Copilot Spoofing Vulnerability | Critical |
| Copilot | CVE-2025-59252 | M365 Copilot Spoofing Vulnerability | Critical |
| Copilot | CVE-2025-59286 | Copilot Spoofing Vulnerability | Critical |
| Data Sharing Service Client | CVE-2025-59200 | Data Sharing Service Spoofing Vulnerability | Important |
| Games | CVE-2025-59489 | MITRE: CVE-2025-59489 Unity Gaming Engine Editor vulnerability | Important |
| GitHub | CVE-2025-59288 | Playwright Spoofing Vulnerability | Moderate |
| Inbox COM Objects | CVE-2025-58735 | Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability | Important |
| Inbox COM Objects | CVE-2025-58732 | Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability | Important |
| Inbox COM Objects | CVE-2025-59282 | Internet Information Services (IIS) Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability | Important |
| Inbox COM Objects | CVE-2025-58733 | Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability | Important |
| Inbox COM Objects | CVE-2025-58734 | Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability | Important |
| Inbox COM Objects | CVE-2025-58738 | Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability | Important |
| Inbox COM Objects | CVE-2025-58731 | Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability | Important |
| Inbox COM Objects | CVE-2025-58730 | Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability | Important |
| Inbox COM Objects | CVE-2025-58736 | Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability | Important |
| Internet Explorer | CVE-2025-59295 | Windows URL Parsing Remote Code Execution Vulnerability | Important |
| JDBC Driver for SQL Server | CVE-2025-59250 | JDBC Driver for SQL Server Spoofing Vulnerability | Important |
| Mariner | CVE-2025-39943 | ksmbd: smbdirect: validate data_offset and data_length field of smb_direct_data_transfer | Critical |
| Mariner | CVE-2025-39946 | tls: make sure to abort the stream if headers are bogus | Moderate |
| Mariner | CVE-2025-39942 | ksmbd: smbdirect: verify remaining_data_length respects max_fragmented_recv_size | Moderate |
| Mariner | CVE-2025-39951 | um: virtio_uml: Fix use-after-free after put_device in probe | Moderate |
| Mariner | CVE-2025-39932 | smb: client: let smbd_destroy() call disable_work_sync(&info->post_send_credits_work) | Moderate |
| Mariner | CVE-2025-39949 | qed: Don’t collect too many protection override GRC elements | Moderate |
| Mariner | CVE-2025-39937 | net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer | Moderate |
| Mariner | CVE-2025-39955 | tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect(). | Moderate |
| Mariner | CVE-2025-39895 | sched: Fix sched_numa_find_nth_cpu() if mask offline | Moderate |
| Mariner | CVE-2025-11413 | GNU Binutils Linker elflink.c elf_link_add_object_symbols out-of-bounds | Moderate |
| Mariner | CVE-2025-11414 | GNU Binutils Linker elflink.c get_link_hash_entry out-of-bounds | Moderate |
| Mariner | CVE-2025-39938 | ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed | Moderate |
| Mariner | CVE-2025-11495 | GNU Binutils Linker elf64-x86-64.c elf_x86_64_relocate_section heap-based overflow | Moderate |
| Mariner | CVE-2025-39934 | drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ | Moderate |
| Mariner | CVE-2025-39929 | smb: client: fix smbdirect_recv_io leak in smbd_negotiate() error path | Moderate |
| Mariner | CVE-2025-39945 | cnic: Fix use-after-free bugs in cnic_delete_task | Important |
| Mariner | CVE-2025-39907 | mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer | Critical |
| Mariner | CVE-2025-39913 | tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork. | Moderate |
| Mariner | CVE-2025-39952 | wifi: wilc1000: avoid buffer overflow in WID string configuration | Important |
| Mariner | CVE-2025-39940 | dm-stripe: fix a possible integer overflow | Moderate |
| Mariner | CVE-2025-39953 | cgroup: split cgroup_destroy_wq into 3 workqueues | Moderate |
| Mariner | CVE-2023-53469 | af_unix: Fix null-ptr-deref in unix_stream_sendpage(). | Important |
| Mariner | CVE-2025-39914 | tracing: Silence warning when chunk allocation fails in trace_pid_write | Moderate |
| Mariner | CVE-2025-39905 | net: phylink: add lock for serializing concurrent pl->phydev writes with resolver | Moderate |
| Mariner | CVE-2025-39920 | pcmcia: Add error handling for add_interval() in do_validate_mem() | Moderate |
| Mariner | CVE-2025-39911 | i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path | Low |
| Mariner | CVE-2025-39958 | iommu/s390: Make attach succeed when the device was surprise removed | Low |
| Mariner | CVE-2025-8291 | ZIP64 End of Central Directory (EOCD) Locator record offset not checked | Moderate |
| Mariner | CVE-2025-39957 | wifi: mac80211: increase scan_ies_len for S1G | Low |
| Mariner | CVE-2025-46818 | Redis: Authenticated users can execute LUA scripts as a different user | Moderate |
| Mariner | CVE-2025-46817 | Lua library commands may lead to integer overflow and potential RCE | Important |
| Mariner | CVE-2022-50502 | mm: /proc/pid/smaps_rollup: fix no vma’s null-deref | Moderate |
| Mariner | CVE-2025-39944 | octeontx2-pf: Fix use-after-free bugs in otx2_sync_tstamp() | Important |
| Mariner | CVE-2025-11234 | Qemu-kvm: vnc websocket handshake use-after-free | Moderate |
| Mariner | CVE-2025-49844 | Redis Lua Use-After-Free may lead to remote code execution | Critical |
| Mariner | CVE-2025-10729 | Use-after-free vulnerability in Qt SVG qsvghandler.cpp allows denial of service via crafted SVG | Important |
| Mariner | CVE-2025-39961 | iommu/amd/pgtbl: Fix possible race while increase page table level | Moderate |
| Mariner | CVE-2025-61984 | ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. (A configuration file that provides a complete literal username is not categorized as an untrusted source.) | Low |
| Mariner | CVE-2025-46819 | Redis is vulnerable to DoS via specially crafted LUA scripts | Moderate |
| Mariner | CVE-2025-37727 | Elasticsearch Insertion of sensitive information in log file | Moderate |
| Mariner | CVE-2025-11412 | GNU Binutils Linker elflink.c bfd_elf_gc_record_vtentry out-of-bounds | Moderate |
| Mariner | CVE-2025-39931 | crypto: af_alg – Set merge to zero early in af_alg_sendmsg | Moderate |
| Mariner | CVE-2025-39933 | smb: client: let recv_done verify data_offset, data_length and remaining_data_length | Moderate |
| Mariner | CVE-2025-39947 | net/mlx5e: Harden uplink netdev access against device unbind | Moderate |
| Mariner | CVE-2025-61985 | ssh in OpenSSH before 10.1 allows the ‘\0’ character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used. | Low |
| Mariner | CVE-2025-10728 | Uncontrolled recursion in Qt SVG module | Important |
| Mariner | CVE-2025-39916 | mm/damon/reclaim: avoid divide-by-zero in damon_reclaim_apply_parameters() | Moderate |
| Mariner | CVE-2025-39902 | mm/slub: avoid accessing metadata when pointer is invalid in object_err() | Moderate |
| Mariner | CVE-2025-39923 | dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees | Moderate |
| Mariner | CVE-2025-39898 | e1000e: fix heap overflow in e1000_set_eeprom | Critical |
| Mariner | CVE-2025-39925 | can: j1939: implement NETDEV_UNREGISTER notification handler | Critical |
| Mariner | CVE-2025-39891 | wifi: mwifiex: Initialize the chan_stats array to zero | Moderate |
| Mariner | CVE-2025-39927 | ceph: fix race condition validating r_parent before applying state | Moderate |
| Mariner | CVE-2025-39901 | i40e: remove read access to debugfs files | Important |
| Mariner | CVE-2025-39910 | mm/vmalloc, mm/kasan: respect gfp mask in kasan_populate_vmalloc() | Critical |
| Mariner | CVE-2025-39909 | mm/damon/lru_sort: avoid divide-by-zero in damon_lru_sort_apply_parameters() | Moderate |
| Microsoft Brokering File System | CVE-2025-48004 | Microsoft Brokering File System Elevation of Privilege Vulnerability | Important |
| Microsoft Brokering File System | CVE-2025-59189 | Microsoft Brokering File System Elevation of Privilege Vulnerability | Important |
| Microsoft Configuration Manager | CVE-2025-55320 | Configuration Manager Elevation of Privilege Vulnerability | Important |
| Microsoft Configuration Manager | CVE-2025-59213 | Configuration Manager Elevation of Privilege Vulnerability | Important |
| Microsoft Defender for Linux | CVE-2025-59497 | Microsoft Defender for Linux Denial of Service Vulnerability | Important |
| Microsoft Edge (Chromium-based) | CVE-2025-11213 | Chromium: CVE-2025-11213 Inappropriate implementation in Omnibox | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2025-11210 | Chromium: CVE-2025-11210 Side-channel information leakage in Tab | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2025-11460 | Chromium: CVE-2025-11460 Use after free in Storage | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2025-11458 | Chromium: CVE-2025-11458 Heap buffer overflow in Sync | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2025-11215 | Chromium: CVE-2025-11215 Off by one error in V8 | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2025-11216 | Chromium: CVE-2025-11216 Inappropriate implementation in Storage | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2025-11208 | Chromium: CVE-2025-11208 Inappropriate implementation in Media | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2025-11212 | Chromium: CVE-2025-11212 Inappropriate implementation in Media | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2025-11211 | Chromium: CVE-2025-11211 Out of bounds read in Media | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2025-11205 | Chromium: CVE-2025-11205 Heap buffer overflow in WebGPU | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2025-11207 | Chromium: CVE-2025-11207 Side-channel information leakage in Storage | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2025-11209 | Chromium: CVE-2025-11209 Inappropriate implementation in Omnibox | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2025-11206 | Chromium: CVE-2025-11206 Heap buffer overflow in Video | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2025-11219 | Chromium: CVE-2025-11219 Use after free in V8 | Unknown |
| Microsoft Exchange Server | CVE-2025-59248 | Microsoft Exchange Server Spoofing Vulnerability | Important |
| Microsoft Exchange Server | CVE-2025-59249 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Important |
| Microsoft Exchange Server | CVE-2025-53782 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Important |
| Microsoft Failover Cluster Virtual Driver | CVE-2025-59260 | Microsoft Failover Cluster Virtual Driver Information Disclosure Vulnerability | Important |
| Microsoft Graphics Component | CVE-2025-59195 | Microsoft Graphics Component Denial of Service Vulnerability | Important |
| Microsoft Graphics Component | CVE-2016-9535 | MITRE CVE-2016-9535: LibTIFF Heap Buffer Overflow Vulnerability | Critical |
| Microsoft Graphics Component | CVE-2025-59261 | Windows Graphics Component Elevation of Privilege Vulnerability | Important |
| Microsoft Graphics Component | CVE-2025-49708 | Microsoft Graphics Component Elevation of Privilege Vulnerability | Critical |
| Microsoft Graphics Component | CVE-2025-59205 | Windows Graphics Component Elevation of Privilege Vulnerability | Important |
| Microsoft Office | CVE-2025-59229 | Microsoft Office Denial of Service Vulnerability | Important |
| Microsoft Office | CVE-2025-59227 | Microsoft Office Remote Code Execution Vulnerability | Critical |
| Microsoft Office | CVE-2025-59234 | Microsoft Office Remote Code Execution Vulnerability | Critical |
| Microsoft Office Excel | CVE-2025-59223 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office Excel | CVE-2025-59224 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office Excel | CVE-2025-59225 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office Excel | CVE-2025-59232 | Microsoft Excel Information Disclosure Vulnerability | Important |
| Microsoft Office Excel | CVE-2025-59235 | Microsoft Excel Information Disclosure Vulnerability | Important |
| Microsoft Office Excel | CVE-2025-59233 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office Excel | CVE-2025-59231 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office Excel | CVE-2025-59236 | Microsoft Excel Remote Code Execution Vulnerability | Critical |
| Microsoft Office Excel | CVE-2025-59243 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office PowerPoint | CVE-2025-59238 | Microsoft PowerPoint Remote Code Execution Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2025-59237 | Microsoft SharePoint Remote Code Execution Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2025-59228 | Microsoft SharePoint Remote Code Execution Vulnerability | Important |
| Microsoft Office Visio | CVE-2025-59226 | Microsoft Office Visio Remote Code Execution Vulnerability | Important |
| Microsoft Office Word | CVE-2025-59222 | Microsoft Word Remote Code Execution Vulnerability | Important |
| Microsoft Office Word | CVE-2025-59221 | Microsoft Word Remote Code Execution Vulnerability | Important |
| Microsoft PowerShell | CVE-2025-25004 | PowerShell Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2025-55701 | Windows Authentication Elevation of Privilege Vulnerability | Important |
| Microsoft Windows Codecs Library | CVE-2025-54957 | MITRE CVE-2025-54957: Integer overflow in Dolby Digital Plus audio decoder | Important |
| Microsoft Windows Search Component | CVE-2025-59198 | Windows Search Service Denial of Service Vulnerability | Important |
| Microsoft Windows Search Component | CVE-2025-59190 | Windows Search Service Denial of Service Vulnerability | Important |
| Microsoft Windows Search Component | CVE-2025-59253 | Windows Search Service Denial of Service Vulnerability | Important |
| Microsoft Windows Speech | CVE-2025-58715 | Windows Speech Runtime Elevation of Privilege Vulnerability | Important |
| Microsoft Windows Speech | CVE-2025-58716 | Windows Speech Runtime Elevation of Privilege Vulnerability | Important |
| Network Connection Status Indicator (NCSI) | CVE-2025-59201 | Network Connection Status Indicator (NCSI) Elevation of Privilege Vulnerability | Important |
| NtQueryInformation Token function (ntifs.h) | CVE-2025-55696 | NtQueryInformation Token function (ntifs.h) Elevation of Privilege Vulnerability | Important |
| Redis Enterprise | CVE-2025-59271 | Redis Enterprise Elevation of Privilege Vulnerability | Critical |
| Remote Desktop Client | CVE-2025-58718 | Remote Desktop Client Remote Code Execution Vulnerability | Important |
| Software Protection Platform (SPP) | CVE-2025-59199 | Software Protection Platform (SPP) Elevation of Privilege Vulnerability | Important |
| Storport.sys Driver | CVE-2025-59192 | Storport.sys Driver Elevation of Privilege Vulnerability | Important |
| TCG TPM2.0 | CVE-2025-2884 | Cert CC: CVE-2025-2884 Out-of-Bounds read vulnerability in TCG TPM2.0 reference implementation | Important |
| Virtual Secure Mode | CVE-2025-48813 | Virtual Secure Mode Spoofing Vulnerability | Important |
| Visual Studio | CVE-2025-55240 | Visual Studio Elevation of Privilege Vulnerability | Important |
| Visual Studio | CVE-2025-54132 | GitHub CVE-2025-54132: Arbitrary Image Fetch in Mermaid Diagram Tool | Important |
| Windows Ancillary Function Driver for WinSock | CVE-2025-58714 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | Important |
| Windows Ancillary Function Driver for WinSock | CVE-2025-59242 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | Important |
| Windows Authentication Methods | CVE-2025-59277 | Windows Authentication Elevation of Privilege Vulnerability | Important |
| Windows Authentication Methods | CVE-2025-59278 | Windows Authentication Elevation of Privilege Vulnerability | Important |
| Windows Authentication Methods | CVE-2025-59275 | Windows Authentication Elevation of Privilege Vulnerability | Important |
| Windows BitLocker | CVE-2025-55337 | Windows BitLocker Security Feature Bypass Vulnerability | Important |
| Windows BitLocker | CVE-2025-55332 | Windows BitLocker Security Feature Bypass Vulnerability | Important |
| Windows BitLocker | CVE-2025-55333 | Windows BitLocker Security Feature Bypass Vulnerability | Important |
| Windows BitLocker | CVE-2025-55330 | Windows BitLocker Security Feature Bypass Vulnerability | Important |
| Windows BitLocker | CVE-2025-55338 | Windows BitLocker Security Feature Bypass Vulnerability | Important |
| Windows BitLocker | CVE-2025-55682 | Windows BitLocker Security Feature Bypass Vulnerability | Important |
| Windows Bluetooth Service | CVE-2025-59290 | Windows Bluetooth Service Elevation of Privilege Vulnerability | Important |
| Windows Bluetooth Service | CVE-2025-58728 | Windows Bluetooth Service Elevation of Privilege Vulnerability | Important |
| Windows Bluetooth Service | CVE-2025-59289 | Windows Bluetooth Service Elevation of Privilege Vulnerability | Important |
| Windows Cloud Files Mini Filter Driver | CVE-2025-55680 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | Important |
| Windows Cloud Files Mini Filter Driver | CVE-2025-55336 | Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability | Important |
| Windows COM | CVE-2025-58725 | Windows COM+ Event System Service Elevation of Privilege Vulnerability | Important |
| Windows Connected Devices Platform Service | CVE-2025-58727 | Windows Connected Devices Platform Service Elevation of Privilege Vulnerability | Important |
| Windows Core Shell | CVE-2025-59185 | NTLM Hash Disclosure Spoofing Vulnerability | Important |
| Windows Core Shell | CVE-2025-59244 | NTLM Hash Disclosure Spoofing Vulnerability | Important |
| Windows Cryptographic Services | CVE-2025-58720 | Windows Cryptographic Services Information Disclosure Vulnerability | Important |
| Windows Device Association Broker service | CVE-2025-50174 | Windows Device Association Broker Service Elevation of Privilege Vulnerability | Important |
| Windows Device Association Broker service | CVE-2025-55677 | Windows Device Association Broker Service Elevation of Privilege Vulnerability | Important |
| Windows Digital Media | CVE-2025-53150 | Windows Digital Media Elevation of Privilege Vulnerability | Important |
| Windows Digital Media | CVE-2025-50175 | Windows Digital Media Elevation of Privilege Vulnerability | Important |
| Windows DirectX | CVE-2025-55678 | DirectX Graphics Kernel Elevation of Privilege Vulnerability | Important |
| Windows DirectX | CVE-2025-55698 | DirectX Graphics Kernel Denial of Service Vulnerability | Important |
| Windows DWM | CVE-2025-58722 | Microsoft DWM Core Library Elevation of Privilege Vulnerability | Important |
| Windows DWM | CVE-2025-55681 | Desktop Windows Manager Elevation of Privilege Vulnerability | Important |
| Windows DWM Core Library | CVE-2025-59255 | Windows DWM Core Library Elevation of Privilege Vulnerability | Important |
| Windows DWM Core Library | CVE-2025-59254 | Microsoft DWM Core Library Elevation of Privilege Vulnerability | Important |
| Windows Error Reporting | CVE-2025-55692 | Windows Error Reporting Service Elevation of Privilege Vulnerability | Important |
| Windows Error Reporting | CVE-2025-55694 | Windows Error Reporting Service Elevation of Privilege Vulnerability | Important |
| Windows ETL Channel | CVE-2025-59197 | Windows ETL Channel Information Disclosure Vulnerability | Important |
| Windows Failover Cluster | CVE-2025-59188 | Microsoft Failover Cluster Information Disclosure Vulnerability | Important |
| Windows Failover Cluster | CVE-2025-47979 | Microsoft Failover Cluster Information Disclosure Vulnerability | Important |
| Windows File Explorer | CVE-2025-59214 | Microsoft Windows File Explorer Spoofing Vulnerability | Important |
| Windows File Explorer | CVE-2025-58739 | Microsoft Windows File Explorer Spoofing Vulnerability | Important |
| Windows Health and Optimized Experiences Service | CVE-2025-59241 | Windows Health and Optimized Experiences Elevation of Privilege Vulnerability | Important |
| Windows Hello | CVE-2025-53139 | Windows Hello Security Feature Bypass Vulnerability | Important |
| Windows High Availability Services | CVE-2025-59184 | Storage Spaces Direct Information Disclosure Vulnerability | Important |
| Windows Hyper-V | CVE-2025-55328 | Windows Hyper-V Elevation of Privilege Vulnerability | Important |
| Windows Kernel | CVE-2025-55679 | Windows Kernel Information Disclosure Vulnerability | Important |
| Windows Kernel | CVE-2025-55683 | Windows Kernel Information Disclosure Vulnerability | Important |
| Windows Kernel | CVE-2025-59207 | Windows Kernel Elevation of Privilege Vulnerability | Important |
| Windows Kernel | CVE-2025-55334 | Windows Kernel Security Feature Bypass Vulnerability | Important |
| Windows Kernel | CVE-2025-59186 | Windows Kernel Information Disclosure Vulnerability | Important |
| Windows Kernel | CVE-2025-55693 | Windows Kernel Elevation of Privilege Vulnerability | Important |
| Windows Kernel | CVE-2025-59194 | Windows Kernel Elevation of Privilege Vulnerability | Important |
| Windows Kernel | CVE-2025-59187 | Windows Kernel Elevation of Privilege Vulnerability | Important |
| Windows Kernel | CVE-2025-50152 | Windows Kernel Elevation of Privilege Vulnerability | Important |
| Windows Kernel | CVE-2025-55699 | Windows Kernel Information Disclosure Vulnerability | Important |
| Windows Local Session Manager (LSM) | CVE-2025-58729 | Windows Local Session Manager (LSM) Denial of Service Vulnerability | Important |
| Windows Local Session Manager (LSM) | CVE-2025-59257 | Windows Local Session Manager (LSM) Denial of Service Vulnerability | Important |
| Windows Local Session Manager (LSM) | CVE-2025-59259 | Windows Local Session Manager (LSM) Denial of Service Vulnerability | Important |
| Windows Management Services | CVE-2025-59193 | Windows Management Services Elevation of Privilege Vulnerability | Important |
| Windows Management Services | CVE-2025-59204 | Windows Management Services Information Disclosure Vulnerability | Important |
| Windows MapUrlToZone | CVE-2025-59208 | Windows MapUrlToZone Information Disclosure Vulnerability | Important |
| Windows NDIS | CVE-2025-55339 | Windows Network Driver Interface Specification Driver Elevation of Privilege Vulnerability | Important |
| Windows NTFS | CVE-2025-55335 | Windows NTFS Elevation of Privilege Vulnerability | Important |
| Windows NTLM | CVE-2025-59284 | Windows NTLM Spoofing Vulnerability | Important |
| Windows PrintWorkflowUserSvc | CVE-2025-55331 | Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | Important |
| Windows PrintWorkflowUserSvc | CVE-2025-55689 | Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | Important |
| Windows PrintWorkflowUserSvc | CVE-2025-55685 | Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | Important |
| Windows PrintWorkflowUserSvc | CVE-2025-55686 | Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | Important |
| Windows PrintWorkflowUserSvc | CVE-2025-55690 | Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | Important |
| Windows PrintWorkflowUserSvc | CVE-2025-55684 | Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | Important |
| Windows PrintWorkflowUserSvc | CVE-2025-55688 | Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | Important |
| Windows PrintWorkflowUserSvc | CVE-2025-55691 | Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | Important |
| Windows Push Notification Core | CVE-2025-59209 | Windows Push Notification Information Disclosure Vulnerability | Important |
| Windows Push Notification Core | CVE-2025-59211 | Windows Push Notification Information Disclosure Vulnerability | Important |
| Windows Remote Access Connection Manager | CVE-2025-59230 | Windows Remote Access Connection Manager Elevation of Privilege Vulnerability | Important |
| Windows Remote Desktop | CVE-2025-58737 | Remote Desktop Protocol Remote Code Execution Vulnerability | Important |
| Windows Remote Desktop Protocol | CVE-2025-55340 | Windows Remote Desktop Protocol Security Feature Bypass | Important |
| Windows Remote Desktop Services | CVE-2025-59202 | Windows Remote Desktop Services Elevation of Privilege Vulnerability | Important |
| Windows Remote Procedure Call | CVE-2025-59502 | Remote Procedure Call Denial of Service Vulnerability | Moderate |
| Windows Resilient File System (ReFS) | CVE-2025-55687 | Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability | Important |
| Windows Resilient File System (ReFS) Deduplication Service | CVE-2025-59210 | Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability | Important |
| Windows Resilient File System (ReFS) Deduplication Service | CVE-2025-59206 | Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability | Important |
| Windows Routing and Remote Access Service (RRAS) | CVE-2025-58717 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability | Important |
| Windows Routing and Remote Access Service (RRAS) | CVE-2025-55700 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability | Important |
| Windows Secure Boot | CVE-2025-47827 | MITRE CVE-2025-47827: Secure Boot bypass in IGEL OS before 11 | Important |
| Windows Server Update Service | CVE-2025-59287 | Windows Server Update Service (WSUS) Remote Code Execution Vulnerability | Critical |
| Windows SMB Client | CVE-2025-59280 | Windows SMB Client Tampering Vulnerability | Important |
| Windows SMB Server | CVE-2025-58726 | Windows SMB Server Elevation of Privilege Vulnerability | Important |
| Windows SSDP Service | CVE-2025-59196 | Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability | Important |
| Windows StateRepository API | CVE-2025-59203 | Windows State Repository API Server File Information Disclosure Vulnerability | Important |
| Windows Storage Management Provider | CVE-2025-55325 | Windows Storage Management Provider Information Disclosure Vulnerability | Important |
| Windows Taskbar Live | CVE-2025-59294 | Windows Taskbar Live Preview Information Disclosure Vulnerability | Important |
| Windows USB Video Driver | CVE-2025-55676 | Windows USB Video Class System Driver Information Disclosure Vulnerability | Important |
| Windows Virtualization-Based Security (VBS) Enclave | CVE-2025-53717 | Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability | Important |
| Windows WLAN Auto Config Service | CVE-2025-55695 | Windows WLAN AutoConfig Service Information Disclosure Vulnerability | Important |
| Xbox | CVE-2025-53768 | Xbox IStorageService Elevation of Privilege Vulnerability | Important |
| XBox Gaming Services | CVE-2025-59281 | Xbox Gaming Services Elevation of Privilege Vulnerability | Important |
