Msrc Windows Server 2022 23H2 Edition vulnerabilities

CVE-2025-26640 [HIGH] CWE-416 Windows Digital Media Elevation of Privilege Vulnerability Windows Digital Media Elevation of Privilege Vulnerability Description: Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker with low integrity level privileges who successfully exploited this vulnerability could gain medium integrity level privilege

CVE-2025-26647 [HIGH] CWE-20 Windows Kerberos Elevation of Privilege Vulnerability Windows Kerberos Elevation of Privilege Vulnerability Description: Improper input validation in Windows Kerberos allows an authorized attacker to elevate privileges over a network. FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could be assigned much greater rights by the Key Distribution Center to the ce

CVE-2025-27730 [HIGH] CWE-416 Windows Digital Media Elevation of Privilege Vulnerability Windows Digital Media Elevation of Privilege Vulnerability Description: Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could elevate from a low integrity level up to a medium integrity level. Windo

CVE-2025-26671 [HIGH] CWE-416 Windows Remote Desktop Services Remote Code Execution Vulnerability Windows Remote Desktop Services Remote Code Execution Vulnerability Description: Use after free in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race conditi

CVE-2025-26688 [HIGH] CWE-121 Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability Description: Stack-based buffer overflow in Microsoft Virtual Hard Drive allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. FAQ: Are the upd

CVE-2025-29811 [HIGH] CWE-20 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability Windows Mobile Broadband Driver Elevation of Privilege Vulnerability Description: Improper input validation in Windows Mobile Broadband allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows Mobile

CVE-2025-27731 [HIGH] CWE-20 Microsoft OpenSSH for Windows Elevation of Privilege Vulnerability Microsoft OpenSSH for Windows Elevation of Privilege Vulnerability Description: Improper input validation in OpenSSH for Windows allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could gain administrator privileges. OpenSSH for Window

CVE-2025-29809 [HIGH] CWE-922 Windows Kerberos Security Feature Bypass Vulnerability Windows Kerberos Security Feature Bypass Vulnerability Description: Insecure storage of sensitive information in Windows Kerberos allows an authorized attacker to bypass a security feature locally. FAQ: Are the updates for Windows 10 for x64-based Systems and Windows 10 for 32-bit Systems currently available? Yes. As of April 9, 2025, the security update (5055547) for Windows 10 for x64-based Systems and Windo

CVE-2025-27740 [HIGH] CWE-1390 Active Directory Certificate Services Elevation of Privilege Vulnerability Active Directory Certificate Services Elevation of Privilege Vulnerability Description: Weak authentication in Windows Active Directory Certificate Services allows an authorized attacker to elevate privileges over a network. FAQ: How could an attacker exploit this vulnerability? An authenticated user could manipulate attributes on computer accounts they own or manage, and acquire a certifi

CVE-2025-24058 [HIGH] CWE-20 Windows DWM Core Library Elevation of Privilege Vulnerability Windows DWM Core Library Elevation of Privilege Vulnerability Description: Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows DWM Core Library: Win

CVE-2025-26674 [HIGH] CWE-122 Windows Media Remote Code Execution Vulnerability Windows Media Remote Code Execution Vulnerability Description: Heap-based buffer overflow in Windows Media allows an authorized attacker to execute code locally. FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to a

CVE-2025-26666 [HIGH] CWE-122 Windows Media Remote Code Execution Vulnerability Windows Media Remote Code Execution Vulnerability Description: Heap-based buffer overflow in Windows Media allows an authorized attacker to execute code locally. FAQ: According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability? Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges. FAQ: According to the CV

CVE-2025-24060 [HIGH] CWE-20 Microsoft DWM Core Library Elevation of Privilege Vulnerability Microsoft DWM Core Library Elevation of Privilege Vulnerability Description: Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows DWM Core Library:

CVE-2025-26678 [HIGH] CWE-284 Windows Defender Application Control Security Feature Bypass Vulnerability Windows Defender Application Control Security Feature Bypass Vulnerability Description: Improper access control in Windows Defender Application Control (WDAC) allows an unauthorized attacker to bypass a security feature locally. FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? An attacker who successfully exploits this vulnerability could b

CVE-2025-24073 [HIGH] CWE-20 Microsoft DWM Core Library Elevation of Privilege Vulnerability Microsoft DWM Core Library Elevation of Privilege Vulnerability Description: Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. FAQ: Are the updates for Windows 10 for x64-based Systems and Windows 10 for 32-bit Systems currently available? Yes. As of April 9, 2025, the security update (5055547) for Windows 10 for x64-based Systems and Win

CVE-2025-27739 [HIGH] CWE-822 Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability Description: Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally. FAQ: What privileges could an attacker gain? An authenticated attacker could elevate privileges to Secure Kernel. FAQ: How could an attacker exploit this vulnerability? To exploit this vulnerability, an attacker would first have to log on to

CVE-2025-29812 [HIGH] CWE-822 DirectX Graphics Kernel Elevation of Privilege Vulnerability DirectX Graphics Kernel Elevation of Privilege Vulnerability Description: Untrusted pointer dereference in Windows Kernel Memory allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows Kernel Memory: Window

CVE-2025-24074 [HIGH] CWE-20 Microsoft DWM Core Library Elevation of Privilege Vulnerability Microsoft DWM Core Library Elevation of Privilege Vulnerability Description: Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows DWM Core Library:

CVE-2025-27479 [HIGH] CWE-410 Kerberos Key Distribution Proxy Service Denial of Service Vulnerability Kerberos Key Distribution Proxy Service Denial of Service Vulnerability Description: Insufficient resource pool in Windows Kerberos allows an unauthorized attacker to deny service over a network. Windows Kerberos: Windows Kerberos Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitat

CVE-2025-27480 [HIGH] CWE-416 Windows Remote Desktop Services Remote Code Execution Vulnerability Windows Remote Desktop Services Remote Code Execution Vulnerability Description: Use after free in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network. FAQ: How could an attacker exploit this vulnerability? An attacker could successfully exploit this vulnerability by attempting to connect to a system with the Remote Desktop Gateway role, triggering the rac