CVE-2025-29837
published 2025-05-13CVE-2025-29837: Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to disclose information locally.
medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to disclose information locally.
Affected
47 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10_1507 | < 10.0.10240.21014 | 10.0.10240.21014 |
| microsoft | windows_10_1607 | < 10.0.14393.8066 | 10.0.14393.8066 |
| microsoft | windows_10_1809 | < 10.0.17763.7314 | 10.0.17763.7314 |
| microsoft | windows_10_21h2 | < 10.0.19044.5854 | 10.0.19044.5854 |
| microsoft | windows_10_22h2 | < 10.0.19045.5854 | 10.0.19045.5854 |
| microsoft | windows_10_version_1507 | >= 10.0.10240.0 < 10.0.10240.21014 | 10.0.10240.21014 |
| microsoft | windows_10_version_1607 | >= 10.0.14393.0 < 10.0.14393.8066 | 10.0.14393.8066 |
| microsoft | windows_10_version_1809 | >= 10.0.17763.0 < 10.0.17763.7314 | 10.0.17763.7314 |
| microsoft | windows_10_version_21h2 | >= 10.0.19044.0 < 10.0.19044.5854 | 10.0.19044.5854 |
| microsoft | windows_10_version_22h2 | >= 10.0.19045.0 < 10.0.19045.5854 | 10.0.19045.5854 |
| microsoft | windows_11_22h2 | < 10.0.22621.5335 | 10.0.22621.5335 |
| microsoft | windows_11_23h2 | < 10.0.22631.5335 | 10.0.22631.5335 |
| microsoft | windows_11_24h2 | < 10.0.26100.4061 | 10.0.26100.4061 |
| microsoft | windows_11_version_22h2 | >= 10.0.22621.0 < 10.0.22621.5335 | 10.0.22621.5335 |
| microsoft | windows_11_version_22h3 | >= 10.0.22631.0 < 10.0.22631.5335 | 10.0.22631.5335 |
| microsoft | windows_11_version_23h2 | >= 10.0.22631.0 < 10.0.22631.5335 | 10.0.22631.5335 |
| microsoft | windows_11_version_24h2 | >= 10.0.26100.0 < 10.0.26100.4061 | 10.0.26100.4061 |
| microsoft | windows_server_2008 | — | — |
| microsoft | windows_server_2008_r2_service_pack_1 | >= 6.1.7601.0 < 6.1.7601.27729 | 6.1.7601.27729 |
| microsoft | windows_server_2008_service_pack_2 | >= 6.0.6003.0 < 6.0.6003.23279 | 6.0.6003.23279 |
| microsoft | windows_server_2012 | — | — |
| microsoft | windows_server_2012 | >= 6.2.9200.0 < 6.2.9200.25475 | 6.2.9200.25475 |
| microsoft | windows_server_2012_r2 | >= 6.3.9600.0 < 6.3.9600.22577 | 6.3.9600.22577 |
| microsoft | windows_server_2016 | < 10.0.14393.8066 | 10.0.14393.8066 |
| microsoft | windows_server_2016 | >= 10.0.14393.0 < 10.0.14393.8066 | 10.0.14393.8066 |