Последний Patch Tuesday для Windows 10: 172 патча и шесть 0-day

@Anti-Malware.ru
#Игры#Мода
Последний Patch Tuesday для Windows 10: 172 патча и шесть 0-day

Прошёл октябрьский вторник патчей от Microsoft, и в этот раз у Редмонда получилось особенно насыщенно: компания закрыла 172 уязвимости, включая шесть 0-day, которые уже активно использовались злоумышленниками или были публично раскрыты.

Из общего числа багов восемь признаны «критическими» — пять из них позволяют выполнить код удалённо, а три дают повышение привилегий. Больше всего традиционно уязвимостей, приводящих к повышению прав, — 80 штук.

Категории исправленных уязвимостей:

  • 80 — повышение привилегий;
  • 11 — обход функций безопасности;
  • 31 — удалённое выполнение кода;
  • 28 — утечка информации;
  • 11 — отказ в обслуживании;
  • 10 — подмена (spoofing).

Patch Tuesday не включает обновления для Edge, Azure и Mariner, выпущенные ранее в этом месяце, — здесь учтены только «свежие» патчи, вышедшие сегодня.

Сегодняшний релиз стал последним Patch Tuesday для Windows 10 — система официально завершает срок бесплатной поддержки. Тем, кто хочет продолжить получать обновления безопасности, Microsoft предлагает оформить Extended Security Updates (ESU):

  • для домашних пользователей — на один год,
  • для корпоративных — до трёх лет.

Из шести уязвимостей нулевого дня две были публично раскрыты, а три активно эксплуатировались. Ниже — самые заметные из них.

CVE-2025-24990 и CVE-2025-24052 — уязвимости в драйвере Agere Modem

Microsoft удалила проблемный драйвер ltmdm64.sys, встроенный в Windows, поскольку через него злоумышленники могли повышать привилегии до уровня администратора. Удаление драйвера приведёт к тому, что модемы факса перестанут работать, предупреждает компания.

CVE-2025-59230 — ошибка в Remote Access Connection Manager

Уязвимость позволяла локально повышать привилегии до SYSTEM из-за некорректного контроля доступа. По словам Microsoft, для успешной атаки требуются определённые усилия и подготовка.

CVE-2025-47827 — обход Secure Boot в IGEL OS

В версиях IGEL OS до 11 можно было обойти проверку подписи модуля igel-flash-driver и загрузить поддельный образ системы.

CVE-2025-0033RMPocalypse в AMD SEV-SNP

Это та же уязвимость, о которой накануне сообщили исследователи из Швейцарской высшей технической школы Цюриха. Ошибка в инициализации таблицы Reverse Map Paging (RMP) на процессорах AMD EPYC позволяет гипервизору с повышенными правами вмешаться в память виртуальных машин, нарушая целостность SEV-SNP.

Microsoft признала, что проблема затрагивает Azure Confidential Computing на AMD-серверах. Исправления ещё готовятся, пользователи Azure получат уведомления о доступности патчей.

CVE-2025-2884 — уязвимость в TCG TPM 2.0

Ошибка чтения за пределами памяти в функции CryptHmacSign могла привести к утечке информации или отказу в обслуживании модуля TPM. Исправление было интегрировано в обновления Windows.

Что важно знать пользователям:

  • Если вы всё ещё на Windows 10, октябрьский апдейт — последний бесплатный. Дальше — только по ESU-программе.
  • Пользователям Windows 11 доступны патчи KB5066835 и KB5066793 — они включают не только исправления по части безопасности, но и улучшения стабильности.
  • Владельцам серверов AMD EPYC стоит следить за обновлениями BIOS и микрокода — RMPocalypse остаётся под особым контролем Microsoft и AMD.

Полный список закрытых брешей приводим ниже:

TagCVE-идентификаторCVE-наименованиеСтепень риска
.NETCVE-2025-55247.NET Elevation of Privilege VulnerabilityВажная
.NET, .NET Framework, Visual StudioCVE-2025-55248.NET, .NET Framework, and Visual Studio Information Disclosure VulnerabilityВажная
Active Directory Federation ServicesCVE-2025-59258Windows Active Directory Federation Services (ADFS) Information Disclosure VulnerabilityВажная
Agere Windows Modem DriverCVE-2025-24990Windows Agere Modem Driver Elevation of Privilege VulnerabilityВажная
Agere Windows Modem DriverCVE-2025-24052Windows Agere Modem Driver Elevation of Privilege VulnerabilityВажная
AMD Restricted Memory PageCVE-2025-0033AMD CVE-2025-0033: RMP Corruption During SNP InitializationКритическая
ASP.NET CoreCVE-2025-55315ASP.NET Security Feature Bypass VulnerabilityВажная
Azure Connected Machine AgentCVE-2025-47989Azure Connected Machine Agent Elevation of Privilege VulnerabilityВажная
Azure Connected Machine AgentCVE-2025-58724Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege VulnerabilityВажная
Azure Entra IDCVE-2025-59218Azure Entra ID Elevation of Privilege VulnerabilityКритическая
Azure Entra IDCVE-2025-59246Azure Entra ID Elevation of Privilege VulnerabilityКритическая
Azure LocalCVE-2025-55697Azure Local Elevation of Privilege VulnerabilityВажная
Azure MonitorCVE-2025-55321Azure Monitor Log Analytics Spoofing VulnerabilityКритическая
Azure Monitor AgentCVE-2025-59285Azure Monitor Agent Elevation of Privilege VulnerabilityВажная
Azure Monitor AgentCVE-2025-59494Azure Monitor Agent Elevation of Privilege VulnerabilityВажная
Azure PlayFabCVE-2025-59247Azure PlayFab Elevation of Privilege VulnerabilityКритическая
Confidential Azure Container InstancesCVE-2025-59292Azure Compute Gallery Elevation of Privilege VulnerabilityКритическая
Confidential Azure Container InstancesCVE-2025-59291Confidential Azure Container Instances Elevation of Privilege VulnerabilityКритическая
Connected Devices Platform Service (Cdpsvc)CVE-2025-59191Windows Connected Devices Platform Service Elevation of Privilege VulnerabilityВажная
Connected Devices Platform Service (Cdpsvc)CVE-2025-55326Windows Connected Devices Platform Service (Cdpsvc) Remote Code Execution VulnerabilityВажная
Connected Devices Platform Service (Cdpsvc)CVE-2025-58719Windows Connected Devices Platform Service Elevation of Privilege VulnerabilityВажная
CopilotCVE-2025-59272Copilot Spoofing VulnerabilityКритическая
CopilotCVE-2025-59252M365 Copilot Spoofing VulnerabilityКритическая
CopilotCVE-2025-59286Copilot Spoofing VulnerabilityКритическая
Data Sharing Service ClientCVE-2025-59200Data Sharing Service Spoofing VulnerabilityВажная
GamesCVE-2025-59489MITRE: CVE-2025-59489 Unity Gaming Engine Editor vulnerabilityВажная
GitHubCVE-2025-59288Playwright Spoofing VulnerabilityСредняя
Inbox COM ObjectsCVE-2025-58735Inbox COM Objects (Global Memory) Remote Code Execution VulnerabilityВажная
Inbox COM ObjectsCVE-2025-58732Inbox COM Objects (Global Memory) Remote Code Execution VulnerabilityВажная
Inbox COM ObjectsCVE-2025-59282Internet Information Services (IIS) Inbox COM Objects (Global Memory) Remote Code Execution VulnerabilityВажная
Inbox COM ObjectsCVE-2025-58733Inbox COM Objects (Global Memory) Remote Code Execution VulnerabilityВажная
Inbox COM ObjectsCVE-2025-58734Inbox COM Objects (Global Memory) Remote Code Execution VulnerabilityВажная
Inbox COM ObjectsCVE-2025-58738Inbox COM Objects (Global Memory) Remote Code Execution VulnerabilityВажная
Inbox COM ObjectsCVE-2025-58731Inbox COM Objects (Global Memory) Remote Code Execution VulnerabilityВажная
Inbox COM ObjectsCVE-2025-58730Inbox COM Objects (Global Memory) Remote Code Execution VulnerabilityВажная
Inbox COM ObjectsCVE-2025-58736Inbox COM Objects (Global Memory) Remote Code Execution VulnerabilityВажная
Internet ExplorerCVE-2025-59295Windows URL Parsing Remote Code Execution VulnerabilityВажная
JDBC Driver for SQL ServerCVE-2025-59250JDBC Driver for SQL Server Spoofing VulnerabilityВажная
MarinerCVE-2025-39943ksmbd: smbdirect: validate data_offset and data_length field of smb_direct_data_transferКритическая
MarinerCVE-2025-39946tls: make sure to abort the stream if headers are bogusСредняя
MarinerCVE-2025-39942ksmbd: smbdirect: verify remaining_data_length respects max_fragmented_recv_sizeСредняя
MarinerCVE-2025-39951um: virtio_uml: Fix use-after-free after put_device in probeСредняя
MarinerCVE-2025-39932smb: client: let smbd_destroy() call disable_work_sync(&info->post_send_credits_work)Средняя
MarinerCVE-2025-39949qed: Don't collect too many protection override GRC elementsСредняя
MarinerCVE-2025-39937net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointerСредняя
MarinerCVE-2025-39955tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect().Средняя
MarinerCVE-2025-39895sched: Fix sched_numa_find_nth_cpu() if mask offlineСредняя
MarinerCVE-2025-11413GNU Binutils Linker elflink.c elf_link_add_object_symbols out-of-boundsСредняя
MarinerCVE-2025-11414GNU Binutils Linker elflink.c get_link_hash_entry out-of-boundsСредняя
MarinerCVE-2025-39938ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failedСредняя
MarinerCVE-2025-11495GNU Binutils Linker elf64-x86-64.c elf_x86_64_relocate_section heap-based overflowСредняя
MarinerCVE-2025-39934drm: bridge: anx7625: Fix NULL pointer dereference with early IRQСредняя
MarinerCVE-2025-39929smb: client: fix smbdirect_recv_io leak in smbd_negotiate() error pathСредняя
MarinerCVE-2025-39945cnic: Fix use-after-free bugs in cnic_delete_taskВажная
MarinerCVE-2025-39907mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC bufferКритическая
MarinerCVE-2025-39913tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork.Средняя
MarinerCVE-2025-39952wifi: wilc1000: avoid buffer overflow in WID string configurationВажная
MarinerCVE-2025-39940dm-stripe: fix a possible integer overflowСредняя
MarinerCVE-2025-39953cgroup: split cgroup_destroy_wq into 3 workqueuesСредняя
MarinerCVE-2023-53469af_unix: Fix null-ptr-deref in unix_stream_sendpage().Важная
MarinerCVE-2025-39914tracing: Silence warning when chunk allocation fails in trace_pid_writeСредняя
MarinerCVE-2025-39905net: phylink: add lock for serializing concurrent pl->phydev writes with resolverСредняя
MarinerCVE-2025-39920pcmcia: Add error handling for add_interval() in do_validate_mem()Средняя
MarinerCVE-2025-39911i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error pathНизкая
MarinerCVE-2025-39958iommu/s390: Make attach succeed when the device was surprise removedНизкая
MarinerCVE-2025-8291ZIP64 End of Central Directory (EOCD) Locator record offset not checkedСредняя
MarinerCVE-2025-39957wifi: mac80211: increase scan_ies_len for S1GНизкая
MarinerCVE-2025-46818Redis: Authenticated users can execute LUA scripts as a different userСредняя
MarinerCVE-2025-46817Lua library commands may lead to integer overflow and potential RCEВажная
MarinerCVE-2022-50502mm: /proc/pid/smaps_rollup: fix no vma's null-derefСредняя
MarinerCVE-2025-39944octeontx2-pf: Fix use-after-free bugs in otx2_sync_tstamp()Важная
MarinerCVE-2025-11234Qemu-kvm: vnc websocket handshake use-after-freeСредняя
MarinerCVE-2025-49844Redis Lua Use-After-Free may lead to remote code executionКритическая
MarinerCVE-2025-10729Use-after-free vulnerability in Qt SVG qsvghandler.cpp allows denial of service via crafted SVGВажная
MarinerCVE-2025-39961iommu/amd/pgtbl: Fix possible race while increase page table levelСредняя
MarinerCVE-2025-61984ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. (A configuration file that provides a complete literal username is not categorized as an untrusted source.)Низкая
MarinerCVE-2025-46819Redis is vulnerable to DoS via specially crafted LUA scriptsСредняя
MarinerCVE-2025-37727Elasticsearch Insertion of sensitive information in log fileСредняя
MarinerCVE-2025-11412GNU Binutils Linker elflink.c bfd_elf_gc_record_vtentry out-of-boundsСредняя
MarinerCVE-2025-39931crypto: af_alg - Set merge to zero early in af_alg_sendmsgСредняя
MarinerCVE-2025-39933smb: client: let recv_done verify data_offset, data_length and remaining_data_lengthСредняя
MarinerCVE-2025-39947net/mlx5e: Harden uplink netdev access against device unbindСредняя
MarinerCVE-2025-61985ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.Низкая
MarinerCVE-2025-10728Uncontrolled recursion in Qt SVG moduleВажная
MarinerCVE-2025-39916mm/damon/reclaim: avoid divide-by-zero in damon_reclaim_apply_parameters()Средняя
MarinerCVE-2025-39902mm/slub: avoid accessing metadata when pointer is invalid in object_err()Средняя
MarinerCVE-2025-39923dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/eesСредняя
MarinerCVE-2025-39898e1000e: fix heap overflow in e1000_set_eepromКритическая
MarinerCVE-2025-39925can: j1939: implement NETDEV_UNREGISTER notification handlerКритическая
MarinerCVE-2025-39891wifi: mwifiex: Initialize the chan_stats array to zeroСредняя
MarinerCVE-2025-39927ceph: fix race condition validating r_parent before applying stateСредняя
MarinerCVE-2025-39901i40e: remove read access to debugfs filesВажная
MarinerCVE-2025-39910mm/vmalloc, mm/kasan: respect gfp mask in kasan_populate_vmalloc()Критическая
MarinerCVE-2025-39909mm/damon/lru_sort: avoid divide-by-zero in damon_lru_sort_apply_parameters()Средняя
Microsoft Brokering File SystemCVE-2025-48004Microsoft Brokering File System Elevation of Privilege VulnerabilityВажная
Microsoft Brokering File SystemCVE-2025-59189Microsoft Brokering File System Elevation of Privilege VulnerabilityВажная
Microsoft Configuration ManagerCVE-2025-55320Configuration Manager Elevation of Privilege VulnerabilityВажная
Microsoft Configuration ManagerCVE-2025-59213Configuration Manager Elevation of Privilege VulnerabilityВажная
Microsoft Defender for LinuxCVE-2025-59497Microsoft Defender for Linux Denial of Service VulnerabilityВажная
Microsoft Edge (Chromium-based)CVE-2025-11213Chromium: CVE-2025-11213 Inappropriate implementation in OmniboxНеизвестно
Microsoft Edge (Chromium-based)CVE-2025-11210Chromium: CVE-2025-11210 Side-channel information leakage in TabНеизвестно
Microsoft Edge (Chromium-based)CVE-2025-11460Chromium: CVE-2025-11460 Use after free in StorageНеизвестно
Microsoft Edge (Chromium-based)CVE-2025-11458Chromium: CVE-2025-11458 Heap buffer overflow in SyncНеизвестно
Microsoft Edge (Chromium-based)CVE-2025-11215Chromium: CVE-2025-11215 Off by one error in V8Неизвестно
Microsoft Edge (Chromium-based)CVE-2025-11216Chromium: CVE-2025-11216 Inappropriate implementation in StorageНеизвестно
Microsoft Edge (Chromium-based)CVE-2025-11208Chromium: CVE-2025-11208 Inappropriate implementation in MediaНеизвестно
Microsoft Edge (Chromium-based)CVE-2025-11212Chromium: CVE-2025-11212 Inappropriate implementation in MediaНеизвестно
Microsoft Edge (Chromium-based)CVE-2025-11211Chromium: CVE-2025-11211 Out of bounds read in MediaНеизвестно
Microsoft Edge (Chromium-based)CVE-2025-11205Chromium: CVE-2025-11205 Heap buffer overflow in WebGPUНеизвестно
Microsoft Edge (Chromium-based)CVE-2025-11207Chromium: CVE-2025-11207 Side-channel information leakage in StorageНеизвестно
Microsoft Edge (Chromium-based)CVE-2025-11209Chromium: CVE-2025-11209 Inappropriate implementation in OmniboxНеизвестно
Microsoft Edge (Chromium-based)CVE-2025-11206Chromium: CVE-2025-11206 Heap buffer overflow in VideoНеизвестно
Microsoft Edge (Chromium-based)CVE-2025-11219Chromium: CVE-2025-11219 Use after free in V8Неизвестно
Microsoft Exchange ServerCVE-2025-59248Microsoft Exchange Server Spoofing VulnerabilityВажная
Microsoft Exchange ServerCVE-2025-59249Microsoft Exchange Server Elevation of Privilege VulnerabilityВажная
Microsoft Exchange ServerCVE-2025-53782Microsoft Exchange Server Elevation of Privilege VulnerabilityВажная
Microsoft Failover Cluster Virtual DriverCVE-2025-59260Microsoft Failover Cluster Virtual Driver Information Disclosure VulnerabilityВажная
Microsoft Graphics ComponentCVE-2025-59195Microsoft Graphics Component Denial of Service VulnerabilityВажная
Microsoft Graphics ComponentCVE-2016-9535MITRE CVE-2016-9535: LibTIFF Heap Buffer Overflow VulnerabilityКритическая
Microsoft Graphics ComponentCVE-2025-59261Windows Graphics Component Elevation of Privilege VulnerabilityВажная
Microsoft Graphics ComponentCVE-2025-49708Microsoft Graphics Component Elevation of Privilege VulnerabilityКритическая
Microsoft Graphics ComponentCVE-2025-59205Windows Graphics Component Elevation of Privilege VulnerabilityВажная
Microsoft OfficeCVE-2025-59229Microsoft Office Denial of Service VulnerabilityВажная
Microsoft OfficeCVE-2025-59227Microsoft Office Remote Code Execution VulnerabilityКритическая
Microsoft OfficeCVE-2025-59234Microsoft Office Remote Code Execution VulnerabilityКритическая
Microsoft Office ExcelCVE-2025-59223Microsoft Excel Remote Code Execution VulnerabilityВажная
Microsoft Office ExcelCVE-2025-59224Microsoft Excel Remote Code Execution VulnerabilityВажная
Microsoft Office ExcelCVE-2025-59225Microsoft Excel Remote Code Execution VulnerabilityВажная
Microsoft Office ExcelCVE-2025-59232Microsoft Excel Information Disclosure VulnerabilityВажная
Microsoft Office ExcelCVE-2025-59235Microsoft Excel Information Disclosure VulnerabilityВажная
Microsoft Office ExcelCVE-2025-59233Microsoft Excel Remote Code Execution VulnerabilityВажная
Microsoft Office ExcelCVE-2025-59231Microsoft Excel Remote Code Execution VulnerabilityВажная
Microsoft Office ExcelCVE-2025-59236Microsoft Excel Remote Code Execution VulnerabilityКритическая
Microsoft Office ExcelCVE-2025-59243Microsoft Excel Remote Code Execution VulnerabilityВажная
Microsoft Office PowerPointCVE-2025-59238Microsoft PowerPoint Remote Code Execution VulnerabilityВажная
Microsoft Office SharePointCVE-2025-59237Microsoft SharePoint Remote Code Execution VulnerabilityВажная
Microsoft Office SharePointCVE-2025-59228Microsoft SharePoint Remote Code Execution VulnerabilityВажная
Microsoft Office VisioCVE-2025-59226Microsoft Office Visio Remote Code Execution VulnerabilityВажная
Microsoft Office WordCVE-2025-59222Microsoft Word Remote Code Execution VulnerabilityВажная
Microsoft Office WordCVE-2025-59221Microsoft Word Remote Code Execution VulnerabilityВажная
Microsoft PowerShellCVE-2025-25004PowerShell Elevation of Privilege VulnerabilityВажная
Microsoft WindowsCVE-2025-55701Windows Authentication Elevation of Privilege VulnerabilityВажная
Microsoft Windows Codecs LibraryCVE-2025-54957MITRE CVE-2025-54957: Integer overflow in Dolby Digital Plus audio decoderВажная
Microsoft Windows Search ComponentCVE-2025-59198Windows Search Service Denial of Service VulnerabilityВажная
Microsoft Windows Search ComponentCVE-2025-59190Windows Search Service Denial of Service VulnerabilityВажная
Microsoft Windows Search ComponentCVE-2025-59253Windows Search Service Denial of Service VulnerabilityВажная
Microsoft Windows SpeechCVE-2025-58715Windows Speech Runtime Elevation of Privilege VulnerabilityВажная
Microsoft Windows SpeechCVE-2025-58716Windows Speech Runtime Elevation of Privilege VulnerabilityВажная
Network Connection Status Indicator (NCSI)CVE-2025-59201Network Connection Status Indicator (NCSI) Elevation of Privilege VulnerabilityВажная
NtQueryInformation Token function (ntifs.h)CVE-2025-55696NtQueryInformation Token function (ntifs.h) Elevation of Privilege VulnerabilityВажная
Redis EnterpriseCVE-2025-59271Redis Enterprise Elevation of Privilege VulnerabilityКритическая
Remote Desktop ClientCVE-2025-58718Remote Desktop Client Remote Code Execution VulnerabilityВажная
Software Protection Platform (SPP)CVE-2025-59199Software Protection Platform (SPP) Elevation of Privilege VulnerabilityВажная
Storport.sys DriverCVE-2025-59192Storport.sys Driver Elevation of Privilege VulnerabilityВажная
TCG TPM2.0CVE-2025-2884Cert CC: CVE-2025-2884 Out-of-Bounds read vulnerability in TCG TPM2.0 reference implementationВажная
Virtual Secure ModeCVE-2025-48813Virtual Secure Mode Spoofing VulnerabilityВажная
Visual StudioCVE-2025-55240Visual Studio Elevation of Privilege VulnerabilityВажная
Visual StudioCVE-2025-54132GitHub CVE-2025-54132: Arbitrary Image Fetch in Mermaid Diagram ToolВажная
Windows Ancillary Function Driver for WinSockCVE-2025-58714Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityВажная
Windows Ancillary Function Driver for WinSockCVE-2025-59242Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityВажная
Windows Authentication MethodsCVE-2025-59277Windows Authentication Elevation of Privilege VulnerabilityВажная
Windows Authentication MethodsCVE-2025-59278Windows Authentication Elevation of Privilege VulnerabilityВажная
Windows Authentication MethodsCVE-2025-59275Windows Authentication Elevation of Privilege VulnerabilityВажная
Windows BitLockerCVE-2025-55337Windows BitLocker Security Feature Bypass VulnerabilityВажная
Windows BitLockerCVE-2025-55332Windows BitLocker Security Feature Bypass VulnerabilityВажная
Windows BitLockerCVE-2025-55333Windows BitLocker Security Feature Bypass VulnerabilityВажная
Windows BitLockerCVE-2025-55330Windows BitLocker Security Feature Bypass VulnerabilityВажная
Windows BitLockerCVE-2025-55338Windows BitLocker Security Feature Bypass VulnerabilityВажная
Windows BitLockerCVE-2025-55682Windows BitLocker Security Feature Bypass VulnerabilityВажная
Windows Bluetooth ServiceCVE-2025-59290Windows Bluetooth Service Elevation of Privilege VulnerabilityВажная
Windows Bluetooth ServiceCVE-2025-58728Windows Bluetooth Service Elevation of Privilege VulnerabilityВажная
Windows Bluetooth ServiceCVE-2025-59289Windows Bluetooth Service Elevation of Privilege VulnerabilityВажная
Windows Cloud Files Mini Filter DriverCVE-2025-55680Windows Cloud Files Mini Filter Driver Elevation of Privilege VulnerabilityВажная
Windows Cloud Files Mini Filter DriverCVE-2025-55336Windows Cloud Files Mini Filter Driver Information Disclosure VulnerabilityВажная
Windows COMCVE-2025-58725Windows COM+ Event System Service Elevation of Privilege VulnerabilityВажная
Windows Connected Devices Platform ServiceCVE-2025-58727Windows Connected Devices Platform Service Elevation of Privilege VulnerabilityВажная
Windows Core ShellCVE-2025-59185NTLM Hash Disclosure Spoofing VulnerabilityВажная
Windows Core ShellCVE-2025-59244NTLM Hash Disclosure Spoofing VulnerabilityВажная
Windows Cryptographic ServicesCVE-2025-58720Windows Cryptographic Services Information Disclosure VulnerabilityВажная
Windows Device Association Broker serviceCVE-2025-50174Windows Device Association Broker Service Elevation of Privilege VulnerabilityВажная
Windows Device Association Broker serviceCVE-2025-55677Windows Device Association Broker Service Elevation of Privilege VulnerabilityВажная
Windows Digital MediaCVE-2025-53150Windows Digital Media Elevation of Privilege VulnerabilityВажная
Windows Digital MediaCVE-2025-50175Windows Digital Media Elevation of Privilege VulnerabilityВажная
Windows DirectXCVE-2025-55678DirectX Graphics Kernel Elevation of Privilege VulnerabilityВажная
Windows DirectXCVE-2025-55698DirectX Graphics Kernel Denial of Service VulnerabilityВажная
Windows DWMCVE-2025-58722Microsoft DWM Core Library Elevation of Privilege VulnerabilityВажная
Windows DWMCVE-2025-55681Desktop Windows Manager Elevation of Privilege VulnerabilityВажная
Windows DWM Core LibraryCVE-2025-59255Windows DWM Core Library Elevation of Privilege VulnerabilityВажная
Windows DWM Core LibraryCVE-2025-59254Microsoft DWM Core Library Elevation of Privilege VulnerabilityВажная
Windows Error ReportingCVE-2025-55692Windows Error Reporting Service Elevation of Privilege VulnerabilityВажная
Windows Error ReportingCVE-2025-55694Windows Error Reporting Service Elevation of Privilege VulnerabilityВажная
Windows ETL ChannelCVE-2025-59197Windows ETL Channel Information Disclosure VulnerabilityВажная
Windows Failover ClusterCVE-2025-59188Microsoft Failover Cluster Information Disclosure VulnerabilityВажная
Windows Failover ClusterCVE-2025-47979Microsoft Failover Cluster Information Disclosure VulnerabilityВажная
Windows File ExplorerCVE-2025-59214Microsoft Windows File Explorer Spoofing VulnerabilityВажная
Windows File ExplorerCVE-2025-58739Microsoft Windows File Explorer Spoofing VulnerabilityВажная
Windows Health and Optimized Experiences ServiceCVE-2025-59241Windows Health and Optimized Experiences Elevation of Privilege VulnerabilityВажная
Windows HelloCVE-2025-53139Windows Hello Security Feature Bypass VulnerabilityВажная
Windows High Availability ServicesCVE-2025-59184Storage Spaces Direct Information Disclosure VulnerabilityВажная
Windows Hyper-VCVE-2025-55328Windows Hyper-V Elevation of Privilege VulnerabilityВажная
Windows KernelCVE-2025-55679Windows Kernel Information Disclosure VulnerabilityВажная
Windows KernelCVE-2025-55683Windows Kernel Information Disclosure VulnerabilityВажная
Windows KernelCVE-2025-59207Windows Kernel Elevation of Privilege VulnerabilityВажная
Windows KernelCVE-2025-55334Windows Kernel Security Feature Bypass VulnerabilityВажная
Windows KernelCVE-2025-59186Windows Kernel Information Disclosure VulnerabilityВажная
Windows KernelCVE-2025-55693Windows Kernel Elevation of Privilege VulnerabilityВажная
Windows KernelCVE-2025-59194Windows Kernel Elevation of Privilege VulnerabilityВажная
Windows KernelCVE-2025-59187Windows Kernel Elevation of Privilege VulnerabilityВажная
Windows KernelCVE-2025-50152Windows Kernel Elevation of Privilege VulnerabilityВажная
Windows KernelCVE-2025-55699Windows Kernel Information Disclosure VulnerabilityВажная
Windows Local Session Manager (LSM)CVE-2025-58729Windows Local Session Manager (LSM) Denial of Service VulnerabilityВажная
Windows Local Session Manager (LSM)CVE-2025-59257Windows Local Session Manager (LSM) Denial of Service VulnerabilityВажная
Windows Local Session Manager (LSM)CVE-2025-59259Windows Local Session Manager (LSM) Denial of Service VulnerabilityВажная
Windows Management ServicesCVE-2025-59193Windows Management Services Elevation of Privilege VulnerabilityВажная
Windows Management ServicesCVE-2025-59204Windows Management Services Information Disclosure VulnerabilityВажная
Windows MapUrlToZoneCVE-2025-59208Windows MapUrlToZone Information Disclosure VulnerabilityВажная
Windows NDISCVE-2025-55339Windows Network Driver Interface Specification Driver Elevation of Privilege VulnerabilityВажная
Windows NTFSCVE-2025-55335Windows NTFS Elevation of Privilege VulnerabilityВажная
Windows NTLMCVE-2025-59284Windows NTLM Spoofing VulnerabilityВажная
Windows PrintWorkflowUserSvcCVE-2025-55331Windows PrintWorkflowUserSvc Elevation of Privilege VulnerabilityВажная
Windows PrintWorkflowUserSvcCVE-2025-55689Windows PrintWorkflowUserSvc Elevation of Privilege VulnerabilityВажная
Windows PrintWorkflowUserSvcCVE-2025-55685Windows PrintWorkflowUserSvc Elevation of Privilege VulnerabilityВажная
Windows PrintWorkflowUserSvcCVE-2025-55686Windows PrintWorkflowUserSvc Elevation of Privilege VulnerabilityВажная
Windows PrintWorkflowUserSvcCVE-2025-55690Windows PrintWorkflowUserSvc Elevation of Privilege VulnerabilityВажная
Windows PrintWorkflowUserSvcCVE-2025-55684Windows PrintWorkflowUserSvc Elevation of Privilege VulnerabilityВажная
Windows PrintWorkflowUserSvcCVE-2025-55688Windows PrintWorkflowUserSvc Elevation of Privilege VulnerabilityВажная
Windows PrintWorkflowUserSvcCVE-2025-55691Windows PrintWorkflowUserSvc Elevation of Privilege VulnerabilityВажная
Windows Push Notification CoreCVE-2025-59209Windows Push Notification Information Disclosure VulnerabilityВажная
Windows Push Notification CoreCVE-2025-59211Windows Push Notification Information Disclosure VulnerabilityВажная
Windows Remote Access Connection ManagerCVE-2025-59230Windows Remote Access Connection Manager Elevation of Privilege VulnerabilityВажная
Windows Remote DesktopCVE-2025-58737Remote Desktop Protocol Remote Code Execution VulnerabilityВажная
Windows Remote Desktop ProtocolCVE-2025-55340Windows Remote Desktop Protocol Security Feature BypassВажная
Windows Remote Desktop ServicesCVE-2025-59202Windows Remote Desktop Services Elevation of Privilege VulnerabilityВажная
Windows Remote Procedure CallCVE-2025-59502Remote Procedure Call Denial of Service VulnerabilityСредняя
Windows Resilient File System (ReFS)CVE-2025-55687Windows Resilient File System (ReFS) Elevation of Privilege VulnerabilityВажная
Windows Resilient File System (ReFS) Deduplication ServiceCVE-2025-59210Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege VulnerabilityВажная
Windows Resilient File System (ReFS) Deduplication ServiceCVE-2025-59206Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege VulnerabilityВажная
Windows Routing and Remote Access Service (RRAS)CVE-2025-58717Windows Routing and Remote Access Service (RRAS) Information Disclosure VulnerabilityВажная
Windows Routing and Remote Access Service (RRAS)CVE-2025-55700Windows Routing and Remote Access Service (RRAS) Information Disclosure VulnerabilityВажная
Windows Secure BootCVE-2025-47827MITRE CVE-2025-47827: Secure Boot bypass in IGEL OS before 11Важная
Windows Server Update ServiceCVE-2025-59287Windows Server Update Service (WSUS) Remote Code Execution VulnerabilityКритическая
Windows SMB ClientCVE-2025-59280Windows SMB Client Tampering VulnerabilityВажная
Windows SMB ServerCVE-2025-58726Windows SMB Server Elevation of Privilege VulnerabilityВажная
Windows SSDP ServiceCVE-2025-59196Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege VulnerabilityВажная
Windows StateRepository APICVE-2025-59203Windows State Repository API Server File Information Disclosure VulnerabilityВажная
Windows Storage Management ProviderCVE-2025-55325Windows Storage Management Provider Information Disclosure VulnerabilityВажная
Windows Taskbar LiveCVE-2025-59294Windows Taskbar Live Preview Information Disclosure VulnerabilityВажная
Windows USB Video DriverCVE-2025-55676Windows USB Video Class System Driver Information Disclosure VulnerabilityВажная
Windows Virtualization-Based Security (VBS) EnclaveCVE-2025-53717Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege VulnerabilityВажная
Windows WLAN Auto Config ServiceCVE-2025-55695Windows WLAN AutoConfig Service Information Disclosure VulnerabilityВажная
XboxCVE-2025-53768Xbox IStorageService Elevation of Privilege VulnerabilityВажная
XBox Gaming ServicesCVE-2025-59281Xbox Gaming Services Elevation of Privilege VulnerabilityВажная
Данные о правообладателе фото и видеоматериалов взяты с сайта «Anti-Malware.ru», подробнее в Условиях использования
Темы: Игры, Мода
Анализ
×
Организации
Рейтинг организаций
13
13
2
ETHZ
Сфера деятельности:Образование и наука
2
168
Microsoft
Сфера деятельности:Связь и ИТ
168
Технологии
Рейтинг технологий
11
Microsoft Edge
Производитель:Microsoft
11
35
Bluetooth
Автор технологии:Telefonaktiebolaget LM Ericsson
35
54
Windows 11
Производитель:Microsoft
54
53
API
Технологии
53
14
Microsoft Office Word
Производитель:Microsoft
14