Msrc Windows Server 2025 vulnerabilities

CVE-2025-59258 [MEDIUM] CWE-532 Windows Active Directory Federation Services (ADFS) Information Disclosure Vulnerability Windows Active Directory Federation Services (ADFS) Information Disclosure Vulnerability Description: Insertion of sensitive information into log file in Active Directory Federation Services allows an unauthorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? An attacker who successfully exploited this vulne

CVE-2025-59184 [MEDIUM] CWE-200 Storage Spaces Direct Information Disclosure Vulnerability Storage Spaces Direct Information Disclosure Vulnerability Description: Exposure of sensitive information to an unauthorized actor in Windows High Availability Services allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? Exploiting this vulnerability could allow the disclosure of certain memory address within kernel space.

CVE-2025-59186 [MEDIUM] CWE-200 Windows Kernel Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability Description: Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? Exploiting this vulnerability could allow the disclosure of certain memory address within kernel space. Knowing the exact location of ker

CVE-2025-55333 [MEDIUM] CWE-1023 Windows BitLocker Security Feature Bypass Vulnerability Windows BitLocker Security Feature Bypass Vulnerability Description: Incomplete comparison with missing factors in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? A successful attacker could bypass the BitLocker Device Encryption feature on the system st

CVE-2025-55337 [MEDIUM] CWE-841 Windows BitLocker Security Feature Bypass Vulnerability Windows BitLocker Security Feature Bypass Vulnerability Description: Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? A successful attacker could bypass the BitLocker Device Encryption feature on the system st

CVE-2025-55676 [MEDIUM] CWE-209 Windows USB Video Class System Driver Information Disclosure Vulnerability Windows USB Video Class System Driver Information Disclosure Vulnerability Description: Generation of error message containing sensitive information in Windows USB Video Driver allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? Exploiting this vulnerability could allow the disclosure of certain memory addr

CVE-2025-59197 [MEDIUM] CWE-532 Windows ETL Channel Information Disclosure Vulnerability Windows ETL Channel Information Disclosure Vulnerability Description: Insertion of sensitive information into log file in Windows ETL Channel allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the local memory address

CVE-2025-59188 [MEDIUM] CWE-200 Microsoft Failover Cluster Information Disclosure Vulnerability Microsoft Failover Cluster Information Disclosure Vulnerability Description: Exposure of sensitive information to an unauthorized actor in Windows Failover Cluster allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? Exploiting this vulnerability could allow the disclosure of certain memory address within kernel space.

CVE-2025-59284 [LOW] CWE-200 Windows NTLM Spoofing Vulnerability Windows NTLM Spoofing Vulnerability Description: Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized attacker to perform spoofing locally. Windows NTLM: Windows NTLM Microsoft: Microsoft Customer Action Required: Yes Impact: Spoofing Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/

CVE-2025-59294 [LOW] CWE-200 Windows Taskbar Live Preview Information Disclosure Vulnerability Windows Taskbar Live Preview Information Disclosure Vulnerability Description: Exposure of sensitive information to an unauthorized actor in Windows Taskbar Live allows an unauthorized attacker to disclose information with a physical attack. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited thi

CVE-2025-54116 [HIGH] CWE-284 Windows MultiPoint Services Elevation of Privilege Vulnerability Windows MultiPoint Services Elevation of Privilege Vulnerability Description: Improper access control in Windows MultiPoint Services allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker would be able to delete any system files. FAQ: According to the CVSS metric, user interaction is r

CVE-2025-54092 [HIGH] CWE-362 Windows Hyper-V Elevation of Privilege Vulnerability Windows Hyper-V Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM pr

CVE-2025-55223 [HIGH] CWE-362 DirectX Graphics Kernel Elevation of Privilege Vulnerability DirectX Graphics Kernel Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Graphics Kernel allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerabilit

CVE-2025-49734 [HIGH] CWE-923 PowerShell Direct Elevation of Privilege Vulnerability PowerShell Direct Elevation of Privilege Vulnerability Description: Improper restriction of communication channel to intended endpoints in Windows PowerShell allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? The attacker, initially a non-admin user on the host, could hijack the PowerShell Direct session

CVE-2025-59216 [HIGH] CWE-362 Windows Graphics Component Elevation of Privilege Vulnerability Windows Graphics Component Elevation of Privilege Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation o

CVE-2025-55236 [HIGH] CWE-367 Graphics Kernel Remote Code Execution Vulnerability Graphics Kernel Remote Code Execution Vulnerability Description: Time-of-check time-of-use (toctou) race condition in Graphics Kernel allows an authorized attacker to execute code locally. FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of explo

CVE-2025-54103 [HIGH] CWE-416 Windows Management Service Elevation of Privilege Vulnerability Windows Management Service Elevation of Privilege Vulnerability Description: Use after free in Windows Management Services allows an unauthorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. FAQ: According to the CVSS met

CVE-2025-54111 [HIGH] CWE-416 Windows UI XAML Phone DatePickerFlyout Elevation of Privilege Vulnerability Windows UI XAML Phone DatePickerFlyout Elevation of Privilege Vulnerability Description: Use after free in Windows UI XAML Phone DatePickerFlyout allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could potentially gain the ab

CVE-2025-55228 [HIGH] CWE-362 Windows Graphics Component Remote Code Execution Vulnerability Windows Graphics Component Remote Code Execution Vulnerability Description: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to execute code locally. FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote i

CVE-2025-53805 [HIGH] CWE-125 HTTP.sys Denial of Service Vulnerability HTTP.sys Denial of Service Vulnerability Description: Out-of-bounds read in Windows Internet Information Services allows an unauthorized attacker to deny service over a network. Windows Internet Information Services: Windows Internet Information Services Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Unl