Msrc Windows Server 2016 vulnerabilities

CVE-2025-47987 [HIGH] CWE-122 Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability Description: Heap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vu

CVE-2025-49665 [HIGH] CWE-362 Workspace Broker Elevation of Privilege Vulnerability Workspace Broker Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Workspace Broker allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could potentially

CVE-2025-48816 [HIGH] CWE-190 HID Class Driver Elevation of Privilege Vulnerability HID Class Driver Elevation of Privilege Vulnerability Description: Integer overflow or wraparound in HID class driver allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privileges. HID class driver: HID class dri

CVE-2025-49679 [HIGH] CWE-197 Windows Shell Elevation of Privilege Vulnerability Windows Shell Elevation of Privilege Vulnerability Description: Numeric truncation error in Windows Shell allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows Shell: Windows Shell Microsoft: Microsoft Customer A

CVE-2025-49667 [HIGH] CWE-415 Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability Description: Double free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows Win32K - ICOMP: Windows

CVE-2025-47159 [HIGH] CWE-693 Windows Virtualization-Based Security (VBS) Elevation of Privilege Vulnerability Windows Virtualization-Based Security (VBS) Elevation of Privilege Vulnerability Description: Protection mechanism failure in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulne

CVE-2025-47984 [HIGH] CWE-693 Windows GDI Information Disclosure Vulnerability Windows GDI Information Disclosure Vulnerability Description: Protection mechanism failure in Windows GDI allows an unauthorized attacker to disclose information over a network. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is sensitive information. Windows GDI: Windows GDI Microsoft:

CVE-2025-49742 [HIGH] CWE-190 Windows Graphics Component Remote Code Execution Vulnerability Windows Graphics Component Remote Code Execution Vulnerability Description: Integer overflow or wraparound in Microsoft Graphics Component allows an authorized attacker to execute code locally. FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. Th

CVE-2025-49735 [HIGH] CWE-416 Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability Description: Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network. FAQ: Are all Windows Servers affected by this vulnerability? This vulnerability only affects Windows Servers that are configured as a [MS-KKDCP]: Kerberos Key Distribution Center (KDC) Proxy Proto

CVE-2025-47996 [HIGH] CWE-191 Windows MBT Transport Driver Elevation of Privilege Vulnerability Windows MBT Transport Driver Elevation of Privilege Vulnerability Description: Integer underflow (wrap or wraparound) in Windows MBT Transport driver allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Win

CVE-2025-48817 [HIGH] CWE-23 Remote Desktop Client Remote Code Execution Vulnerability Remote Desktop Client Remote Code Execution Vulnerability Description: Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network. FAQ: According to the CVSS metric, the attack vector is network (AV:N) and the user interaction is required (UI:R). What is the target context of the remote code execution? This attack requires an admin user on the client to co

CVE-2025-49721 [HIGH] CWE-122 Windows Fast FAT File System Driver Elevation of Privilege Vulnerability Windows Fast FAT File System Driver Elevation of Privilege Vulnerability Description: Heap-based buffer overflow in Windows Fast FAT Driver allows an unauthorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack vector is local (AV:L) while user interaction is required (UI:R). What does that mean for this vulnerability? An attacker can trick a local user o

CVE-2025-49661 [HIGH] CWE-822 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Description: Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulner

CVE-2025-48821 [HIGH] CWE-416 Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability Description: Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful expl

CVE-2025-49689 [HIGH] CWE-190 Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability Description: Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack vector is local (AV:L) while user interaction is required (UI:R). What does that mean for this vulnerability? An attacker can trick a local user on a vulnera

CVE-2025-47972 [HIGH] CWE-362 Windows Input Method Editor (IME) Elevation of Privilege Vulnerability Windows Input Method Editor (IME) Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges over a network. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerabilit

CVE-2025-48820 [HIGH] CWE-59 Windows AppX Deployment Service Elevation of Privilege Vulnerability Windows AppX Deployment Service Elevation of Privilege Vulnerability Description: Improper link resolution before file access ('link following') in Windows AppX Deployment Service allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An authenticated attacker would be able to delete targeted f

CVE-2025-48814 [HIGH] CWE-306 Remote Desktop Licensing Service Security Feature Bypass Vulnerability Remote Desktop Licensing Service Security Feature Bypass Vulnerability Description: Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an unauthorized attacker to bypass a security feature over a network. FAQ: What security feature is being bypassed? An attacker with a machine-in-the-middle (MitM) position who successfully exploited this vulnerabilit

CVE-2025-49674 [HIGH] CWE-122 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Description: Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. FAQ: According to the CVSS metric, the attack vector is network (AV:N), user interaction is required (UI:R), and privileges required are none

CVE-2025-49726 [HIGH] CWE-416 Windows Notification Elevation of Privilege Vulnerability Windows Notification Elevation of Privilege Vulnerability Description: Use after free in Windows Notification allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could potentially gain the ability to crash the system by exploiting the use-after-