CVE-2025-21204
published 2025-04-08CVE-2025-21204: Improper link resolution before file access ('link following') in Windows Update Stack allows an authorized attacker to elevate privileges locally.
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
Improper link resolution before file access ('link following') in Windows Update Stack allows an authorized attacker to elevate privileges locally.
Affected
47 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10_1507 | < 10.0.10240.20978 | 10.0.10240.20978 |
| microsoft | windows_10_1607 | < 10.0.14393.7969 | 10.0.14393.7969 |
| microsoft | windows_10_1809 | < 10.0.17763.7136 | 10.0.17763.7136 |
| microsoft | windows_10_21h2 | < 10.0.19044.5737 | 10.0.19044.5737 |
| microsoft | windows_10_22h2 | < 10.0.19045.5737 | 10.0.19045.5737 |
| microsoft | windows_10_version_1507 | >= 10.0.10240.0 < 10.0.10240.20978 | 10.0.10240.20978 |
| microsoft | windows_10_version_1607 | >= 10.0.14393.0 < 10.0.14393.7969 | 10.0.14393.7969 |
| microsoft | windows_10_version_1809 | >= 10.0.17763.0 < 10.0.17763.7136 | 10.0.17763.7136 |
| microsoft | windows_10_version_21h2 | >= 10.0.19044.0 < 10.0.19044.5737 | 10.0.19044.5737 |
| microsoft | windows_10_version_22h2 | >= 10.0.19045.0 < 10.0.19045.5737 | 10.0.19045.5737 |
| microsoft | windows_11_22h2 | < 10.0.22621.5189 | 10.0.22621.5189 |
| microsoft | windows_11_23h2 | < 10.0.22631.5189 | 10.0.22631.5189 |
| microsoft | windows_11_24h2 | < 10.0.26100.3775 | 10.0.26100.3775 |
| microsoft | windows_11_version_22h2 | >= 10.0.22621.0 < 10.0.22621.5189 | 10.0.22621.5189 |
| microsoft | windows_11_version_22h3 | >= 10.0.22631.0 < 10.0.22631.5189 | 10.0.22631.5189 |
| microsoft | windows_11_version_23h2 | >= 10.0.22631.0 < 10.0.22631.5189 | 10.0.22631.5189 |
| microsoft | windows_11_version_24h2 | >= 10.0.26100.0 < 10.0.26100.3775 | 10.0.26100.3775 |
| microsoft | windows_server_2008 | — | — |
| microsoft | windows_server_2008_r2_service_pack_1 | >= 6.1.7601.0 < 6.1.7601.27670 | 6.1.7601.27670 |
| microsoft | windows_server_2008_service_pack_2 | >= 6.0.6003.0 < 6.0.6003.23220 | 6.0.6003.23220 |
| microsoft | windows_server_2012 | — | — |
| microsoft | windows_server_2012 | >= 6.2.9200.0 < 6.2.9200.25423 | 6.2.9200.25423 |
| microsoft | windows_server_2012_r2 | >= 6.3.9600.0 < 6.3.9600.22523 | 6.3.9600.22523 |
| microsoft | windows_server_2016 | < 10.0.14393.7969 | 10.0.14393.7969 |
| microsoft | windows_server_2016 | >= 10.0.14393.0 < 10.0.14393.7969 | 10.0.14393.7969 |