Msrc Windows Server 2012 R2 vulnerabilities

CVE-2026-20834 [MEDIUM] CWE-36 Windows Spoofing Vulnerability Windows Spoofing Vulnerability Description: Absolute path traversal in Windows Shell allows an unauthorized attacker to perform spoofing with a physical attack. Windows Shell: Windows Shell Microsoft: Microsoft Customer Action Required: Yes Impact: Spoofing Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5

CVE-2026-21265 [MEDIUM] CWE-1329 Secure Boot Certificate Expiration Security Feature Bypass Vulnerability Secure Boot Certificate Expiration Security Feature Bypass Vulnerability Description: Windows Secure Boot stores Microsoft certificates in the UEFI KEK and DB. These original certificates are approaching expiration, and devices containing affected certificate versions must update them to maintain Secure Boot functionality and avoid compromising security by losing security fixes related to W

CVE-2026-20833 [MEDIUM] CWE-327 Windows Kerberos Information Disclosure Vulnerability Windows Kerberos Information Disclosure Vulnerability Description: Use of a broken or risky cryptographic algorithm in Windows Kerberos allows an authorized attacker to disclose information locally. FAQ: Are there other steps that need to be done to protect from exploitation of this vulnerability? Yes, please see How to manage Kerberos protocol changes related to CVE-2026-20833 for more information about how

CVE-2026-20936 [MEDIUM] CWE-125 Windows NDIS Information Disclosure Vulnerability Windows NDIS Information Disclosure Vulnerability Description: Out-of-bounds read in Windows NDIS allows an authorized attacker to disclose information with a physical attack. FAQ: What type of information could be disclosed by this vulnerability? Exploiting this vulnerability could allow the disclosure of certain kernel memory content. Windows NDIS: Windows NDIS Microsoft: Microsoft Customer Action Required:

CVE-2025-62571 [HIGH] CWE-20 Windows Installer Elevation of Privilege Vulnerability Windows Installer Elevation of Privilege Vulnerability Description: Improper input validation in Windows Installer allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows Installer: Windows Installer Microsoft: M

CVE-2025-62455 [HIGH] CWE-20 Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability Description: Improper input validation in Windows Message Queuing allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows Messag

CVE-2025-62474 [HIGH] CWE-284 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability Windows Remote Access Connection Manager Elevation of Privilege Vulnerability Description: Improper access control in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SY

CVE-2025-62466 [HIGH] CWE-476 Windows Client-Side Caching Elevation of Privilege Vulnerability Windows Client-Side Caching Elevation of Privilege Vulnerability Description: Null pointer dereference in Windows Client-Side Caching (CSC) Service allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Window

CVE-2025-62472 [HIGH] CWE-908 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability Windows Remote Access Connection Manager Elevation of Privilege Vulnerability Description: Use of uninitialized resource in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could g

CVE-2025-62549 [HIGH] CWE-822 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Description: Untrusted pointer dereference in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. FAQ: According to the CVSS metric, the attack vector is network (AV:N), user interaction is required (UI:R), and privileges required are no

CVE-2025-62470 [HIGH] CWE-122 Windows Common Log File System Driver Elevation of Privilege Vulnerability Windows Common Log File System Driver Elevation of Privilege Vulnerability Description: Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM p

CVE-2025-62458 [HIGH] CWE-122 Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability Description: Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows Win32K - GRFX: Windows Win32K - GRFX Microsoft: Microsoft

CVE-2025-64678 [HIGH] CWE-122 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Description: Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. FAQ: How could an attacker exploit this vulnerability? An attacker authenticated on the domain could exploit this vulnerability by tricking a

CVE-2025-54100 [HIGH] CWE-77 PowerShell Remote Code Execution Vulnerability PowerShell Remote Code Execution Vulnerability Description: Improper neutralization of special elements used in a command ('command injection') in Windows PowerShell allows an unauthorized attacker to execute code locally. FAQ: Is there more information I need to know after I install the Security Updates to address this vulnerability? After you install the updates, when you use the Invoke-WebRequest command you will se

CVE-2025-62473 [MEDIUM] CWE-126 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability Description: Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. FAQ: What type of information could be disclosed by this vulnerability? An attacker who successfully exploited this vulnerability could pote

CVE-2025-62567 [MEDIUM] CWE-191 Windows Hyper-V Denial of Service Vulnerability Windows Hyper-V Denial of Service Vulnerability Description: Integer underflow (wrap or wraparound) in Windows Hyper-V allows an authorized attacker to deny service over a network. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment and

CVE-2025-60724 [CRITICAL] CWE-122 GDI+ Remote Code Execution Vulnerability GDI+ Remote Code Execution Vulnerability Description: Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network. FAQ: Is the Preview Pane an attack vector for this vulnerability? No, the Preview Pane is not an attack vector. FAQ: According to the CVSS metric, the attack vector is network (AV:N). How could an attacker exploit the vulnerability? An attacker

CVE-2025-59505 [HIGH] CWE-415 Windows Smart Card Reader Elevation of Privilege Vulnerability Windows Smart Card Reader Elevation of Privilege Vulnerability Description: Double free in Windows Smart Card allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows Smart Card: Windows Smart Card Micros

CVE-2025-59514 [HIGH] CWE-269 Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability Description: Improper privilege management in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mic

CVE-2025-62217 [HIGH] CWE-362 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that