Msrc Windows Server 2025 vulnerabilities

CVE-2025-26651 [MEDIUM] CWE-749 Windows Local Session Manager (LSM) Denial of Service Vulnerability Windows Local Session Manager (LSM) Denial of Service Vulnerability Description: Exposed dangerous method or function in Windows Local Session Manager (LSM) allows an authorized attacker to deny service over a network. Windows Local Session Manager (LSM): Windows Local Session Manager (LSM) Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly

CVE-2025-26664 [MEDIUM] CWE-126 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability Description: Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. FAQ: What type of information could be disclosed by this vulnerability? An attacker who successfully exploited this vulnerability could pote

CVE-2025-27735 [MEDIUM] CWE-345 Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability Description: Insufficient verification of data authenticity in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally. FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? An attacker who suc

CVE-2025-21203 [MEDIUM] CWE-126 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability Description: Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? This attack requires an

CVE-2025-24050 [HIGH] CWE-122 Windows Hyper-V Elevation of Privilege Vulnerability Windows Hyper-V Elevation of Privilege Vulnerability Description: Heap-based buffer overflow in Role: Windows Hyper-V allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain Kernel Memory Access. Role: Windows Hyper-V: Role: Windows Hyper-V

CVE-2025-26634 [HIGH] CWE-122 Windows Core Messaging Elevation of Privileges Vulnerability Windows Core Messaging Elevation of Privileges Vulnerability Description: Heap-based buffer overflow in Windows Core Messaging allows an authorized attacker to elevate privileges over a network. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to gather information specif

CVE-2025-24067 [HIGH] CWE-122 Kernel Streaming Service Driver Elevation of Privilege Vulnerability Kernel Streaming Service Driver Elevation of Privilege Vulnerability Description: Heap-based buffer overflow in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Microsoft

CVE-2025-24048 [HIGH] CWE-122 Windows Hyper-V Elevation of Privilege Vulnerability Windows Hyper-V Elevation of Privilege Vulnerability Description: Heap-based buffer overflow in Role: Windows Hyper-V allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain Kernel Memory Access. Role: Windows Hyper-V: Role: Windows Hyper-V

CVE-2025-25008 [HIGH] CWE-59 Windows Server Elevation of Privilege Vulnerability Windows Server Elevation of Privilege Vulnerability Description: Improper link resolution before file access ('link following') in Microsoft Windows allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker would be able to delete targeted files on a system. FAQ: According to the CVSS metrics, successf

CVE-2025-24066 [HIGH] CWE-122 Kernel Streaming Service Driver Elevation of Privilege Vulnerability Kernel Streaming Service Driver Elevation of Privilege Vulnerability Description: Heap-based buffer overflow in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows Ke

CVE-2025-24044 [HIGH] CWE-416 Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability Description: Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows Win32 Kernel

CVE-2025-24064 [HIGH] CWE-416 Windows Domain Name Service Remote Code Execution Vulnerability Windows Domain Name Service Remote Code Execution Vulnerability Description: Use after free in DNS Server allows an unauthorized attacker to execute code over a network. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. FAQ: How could an attac

CVE-2025-24084 [HIGH] CWE-822 Windows Subsystem for Linux (WSL2) Kernel Remote Code Execution Vulnerability Windows Subsystem for Linux (WSL2) Kernel Remote Code Execution Vulnerability Description: Untrusted pointer dereference in Windows Subsystem for Linux allows an unauthorized attacker to execute code locally. FAQ: How could an attacker exploit this vulnerability? Exploitation of this vulnerability requires that an attacker send a malicious link to the victim via email, or that they convi

CVE-2025-24061 [HIGH] CWE-693 Windows Mark of the Web Security Feature Bypass Vulnerability Windows Mark of the Web Security Feature Bypass Vulnerability Description: Protection mechanism failure in Windows Mark of the Web (MOTW) allows an unauthorized attacker to bypass a security feature locally. FAQ: How could an attacker exploit the vulnerability? In a web-based attack scenario, an attacker could host a malicious website that is designed to exploit the security feature bypass. In an email

CVE-2025-24046 [HIGH] CWE-416 Kernel Streaming Service Driver Elevation of Privilege Vulnerability Kernel Streaming Service Driver Elevation of Privilege Vulnerability Description: Use after free in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Microsoft Streaming Se

CVE-2025-24995 [HIGH] CWE-122 Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability Description: Heap-based buffer overflow in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could g

CVE-2025-24076 [HIGH] CWE-284 Microsoft Windows Cross Device Service Elevation of Privilege Vulnerability Microsoft Windows Cross Device Service Elevation of Privilege Vulnerability Description: Improper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally. FAQ: How could an attacker exploit this vulnerability? To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then trigger an event that c

CVE-2025-24045 [HIGH] CWE-591 Windows Remote Desktop Services Remote Code Execution Vulnerability Windows Remote Desktop Services Remote Code Execution Vulnerability Description: Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requir

CVE-2025-24071 [MEDIUM] CWE-200 Microsoft Windows File Explorer Spoofing Vulnerability Microsoft Windows File Explorer Spoofing Vulnerability Description: Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network. FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? A user would need to be tricked into opening a folder that contains a speci

CVE-2025-24984 [MEDIUM] CWE-532 Windows NTFS Information Disclosure Vulnerability Windows NTFS Information Disclosure Vulnerability Description: Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack. FAQ: According to the CVSS metric, the Attack Vector is Physical (AV:P). What does that mean for this vulnerability? An attacker needs physical access to the target computer to plug in a malicious USB drive.