Microsoft October 2025 Patch Tuesday fixes 6 zero-days, 172 flaws

Tag CVE ID CVE Title Severity .NET CVE-2025-55247 .NET Elevation of Privilege Vulnerability Important .NET, .NET Framework, Visual Studio CVE-2025-55248 .NET, .NET Framework, and Visual Studio Information Disclosure Vulnerability Important Active Directory Federation Services CVE-2025-59258 Windows Active Directory Federation Services (ADFS) Information Disclosure Vulnerability Important Agere Windows Modem Driver CVE-2025-24990 Windows Agere Modem Driver Elevation of Privilege Vulnerability Important Agere Windows Modem Driver CVE-2025-24052 Windows Agere Modem Driver Elevation of Privilege Vulnerability Important AMD Restricted Memory Page CVE-2025-0033 AMD CVE-2025-0033: RMP Corruption During SNP Initialization Critical ASP.NET Core CVE-2025-55315 ASP.NET Security Feature Bypass Vulnerability Important Azure Connected Machine Agent CVE-2025-47989 Azure Connected Machine Agent Elevation of Privilege Vulnerability Important Azure Connected Machine Agent CVE-2025-58724 Arc Enabled Servers – Azure Connected Machine Agent Elevation of Privilege Vulnerability Important Azure Entra ID CVE-2025-59218 Azure Entra ID Elevation of Privilege Vulnerability Critical Azure Entra ID CVE-2025-59246 Azure Entra ID Elevation of Privilege Vulnerability Critical Azure Local CVE-2025-55697 Azure Local Elevation of Privilege Vulnerability Important Azure Monitor CVE-2025-55321 Azure Monitor Log Analytics Spoofing Vulnerability Critical Azure Monitor Agent CVE-2025-59285 Azure Monitor Agent Elevation of Privilege Vulnerability Important Azure Monitor Agent CVE-2025-59494 Azure Monitor Agent Elevation of Privilege Vulnerability Important Azure PlayFab CVE-2025-59247 Azure PlayFab Elevation of Privilege Vulnerability Critical Confidential Azure Container Instances CVE-2025-59292 Azure Compute Gallery Elevation of Privilege Vulnerability Critical Confidential Azure Container Instances CVE-2025-59291 Confidential Azure Container Instances Elevation of Privilege Vulnerability Critical Connected Devices Platform Service (Cdpsvc) CVE-2025-59191 Windows Connected Devices Platform Service Elevation of Privilege Vulnerability Important Connected Devices Platform Service (Cdpsvc) CVE-2025-55326 Windows Connected Devices Platform Service (Cdpsvc) Remote Code Execution Vulnerability Important Connected Devices Platform Service (Cdpsvc) CVE-2025-58719 Windows Connected Devices Platform Service Elevation of Privilege Vulnerability Important Copilot CVE-2025-59272 Copilot Spoofing Vulnerability Critical Copilot CVE-2025-59252 M365 Copilot Spoofing Vulnerability Critical Copilot CVE-2025-59286 Copilot Spoofing Vulnerability Critical Data Sharing Service Client CVE-2025-59200 Data Sharing Service Spoofing Vulnerability Important Games CVE-2025-59489 MITRE: CVE-2025-59489 Unity Gaming Engine Editor vulnerability Important GitHub CVE-2025-59288 Playwright Spoofing Vulnerability Moderate Inbox COM Objects CVE-2025-58735 Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability Important Inbox COM Objects CVE-2025-58732 Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability Important Inbox COM Objects CVE-2025-59282 Internet Information Services (IIS) Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability Important Inbox COM Objects CVE-2025-58733 Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability Important Inbox COM Objects CVE-2025-58734 Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability Important Inbox COM Objects CVE-2025-58738 Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability Important Inbox COM Objects CVE-2025-58731 Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability Important Inbox COM Objects CVE-2025-58730 Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability Important Inbox COM Objects CVE-2025-58736 Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability Important Internet Explorer CVE-2025-59295 Windows URL Parsing Remote Code Execution Vulnerability Important JDBC Driver for SQL Server CVE-2025-59250 JDBC Driver for SQL Server Spoofing Vulnerability Important Mariner CVE-2025-39943 ksmbd: smbdirect: validate data_offset and data_length field of smb_direct_data_transfer Critical Mariner CVE-2025-39946 tls: make sure to abort the stream if headers are bogus Moderate Mariner CVE-2025-39942 ksmbd: smbdirect: verify remaining_data_length respects max_fragmented_recv_size Moderate Mariner CVE-2025-39951 um: virtio_uml: Fix use-after-free after put_device in probe Moderate Mariner CVE-2025-39932 smb: client: let smbd_destroy() call disable_work_sync(&info->post_send_credits_work) Moderate Mariner CVE-2025-39949 qed: Don’t collect too many protection override GRC elements Moderate Mariner CVE-2025-39937 net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer Moderate Mariner CVE-2025-39955 tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect(). Moderate Mariner CVE-2025-39895 sched: Fix sched_numa_find_nth_cpu() if mask offline Moderate Mariner CVE-2025-11413 GNU Binutils Linker elflink.c elf_link_add_object_symbols out-of-bounds Moderate Mariner CVE-2025-11414 GNU Binutils Linker elflink.c get_link_hash_entry out-of-bounds Moderate Mariner CVE-2025-39938 ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed Moderate Mariner CVE-2025-11495 GNU Binutils Linker elf64-x86-64.c elf_x86_64_relocate_section heap-based overflow Moderate Mariner CVE-2025-39934 drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ Moderate Mariner CVE-2025-39929 smb: client: fix smbdirect_recv_io leak in smbd_negotiate() error path Moderate Mariner CVE-2025-39945 cnic: Fix use-after-free bugs in cnic_delete_task Important Mariner CVE-2025-39907 mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer Critical Mariner CVE-2025-39913 tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork. Moderate Mariner CVE-2025-39952 wifi: wilc1000: avoid buffer overflow in WID string configuration Important Mariner CVE-2025-39940 dm-stripe: fix a possible integer overflow Moderate Mariner CVE-2025-39953 cgroup: split cgroup_destroy_wq into 3 workqueues Moderate Mariner CVE-2023-53469 af_unix: Fix null-ptr-deref in unix_stream_sendpage(). Important Mariner CVE-2025-39914 tracing: Silence warning when chunk allocation fails in trace_pid_write Moderate Mariner CVE-2025-39905 net: phylink: add lock for serializing concurrent pl->phydev writes with resolver Moderate Mariner CVE-2025-39920 pcmcia: Add error handling for add_interval() in do_validate_mem() Moderate Mariner CVE-2025-39911 i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path Low Mariner CVE-2025-39958 iommu/s390: Make attach succeed when the device was surprise removed Low Mariner CVE-2025-8291 ZIP64 End of Central Directory (EOCD) Locator record offset not checked Moderate Mariner CVE-2025-39957 wifi: mac80211: increase scan_ies_len for S1G Low Mariner CVE-2025-46818 Redis: Authenticated users can execute LUA scripts as a different user Moderate Mariner CVE-2025-46817 Lua library commands may lead to integer overflow and potential RCE Important Mariner CVE-2022-50502 mm: /proc/pid/smaps_rollup: fix no vma’s null-deref Moderate Mariner CVE-2025-39944 octeontx2-pf: Fix use-after-free bugs in otx2_sync_tstamp() Important Mariner CVE-2025-11234 Qemu-kvm: vnc websocket handshake use-after-free Moderate Mariner CVE-2025-49844 Redis Lua Use-After-Free may lead to remote code execution Critical Mariner CVE-2025-10729 Use-after-free vulnerability in Qt SVG qsvghandler.cpp allows denial of service via crafted SVG Important Mariner CVE-2025-39961 iommu/amd/pgtbl: Fix possible race while increase page table level Moderate Mariner CVE-2025-61984 ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. (A configuration file that provides a complete literal username is not categorized as an untrusted source.) Low Mariner CVE-2025-46819 Redis is vulnerable to DoS via specially crafted LUA scripts Moderate Mariner CVE-2025-37727 Elasticsearch Insertion of sensitive information in log file Moderate Mariner CVE-2025-11412 GNU Binutils Linker elflink.c bfd_elf_gc_record_vtentry out-of-bounds Moderate Mariner CVE-2025-39931 crypto: af_alg – Set merge to zero early in af_alg_sendmsg Moderate Mariner CVE-2025-39933 smb: client: let recv_done verify data_offset, data_length and remaining_data_length Moderate Mariner CVE-2025-39947 net/mlx5e: Harden uplink netdev access against device unbind Moderate Mariner CVE-2025-61985 ssh in OpenSSH before 10.1 allows the ‘\0’ character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used. Low Mariner CVE-2025-10728 Uncontrolled recursion in Qt SVG module Important Mariner CVE-2025-39916 mm/damon/reclaim: avoid divide-by-zero in damon_reclaim_apply_parameters() Moderate Mariner CVE-2025-39902 mm/slub: avoid accessing metadata when pointer is invalid in object_err() Moderate Mariner CVE-2025-39923 dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees Moderate Mariner CVE-2025-39898 e1000e: fix heap overflow in e1000_set_eeprom Critical Mariner CVE-2025-39925 can: j1939: implement NETDEV_UNREGISTER notification handler Critical Mariner CVE-2025-39891 wifi: mwifiex: Initialize the chan_stats array to zero Moderate Mariner CVE-2025-39927 ceph: fix race condition validating r_parent before applying state Moderate Mariner CVE-2025-39901 i40e: remove read access to debugfs files Important Mariner CVE-2025-39910 mm/vmalloc, mm/kasan: respect gfp mask in kasan_populate_vmalloc() Critical Mariner CVE-2025-39909 mm/damon/lru_sort: avoid divide-by-zero in damon_lru_sort_apply_parameters() Moderate Microsoft Brokering File System CVE-2025-48004 Microsoft Brokering File System Elevation of Privilege Vulnerability Important Microsoft Brokering File System CVE-2025-59189 Microsoft Brokering File System Elevation of Privilege Vulnerability Important Microsoft Configuration Manager CVE-2025-55320 Configuration Manager Elevation of Privilege Vulnerability Important Microsoft Configuration Manager CVE-2025-59213 Configuration Manager Elevation of Privilege Vulnerability Important Microsoft Defender for Linux CVE-2025-59497 Microsoft Defender for Linux Denial of Service Vulnerability Important Microsoft Edge (Chromium-based) CVE-2025-11213 Chromium: CVE-2025-11213 Inappropriate implementation in Omnibox Unknown Microsoft Edge (Chromium-based) CVE-2025-11210 Chromium: CVE-2025-11210 Side-channel information leakage in Tab Unknown Microsoft Edge (Chromium-based) CVE-2025-11460 Chromium: CVE-2025-11460 Use after free in Storage Unknown Microsoft Edge (Chromium-based) CVE-2025-11458 Chromium: CVE-2025-11458 Heap buffer overflow in Sync Unknown Microsoft Edge (Chromium-based) CVE-2025-11215 Chromium: CVE-2025-11215 Off by one error in V8 Unknown Microsoft Edge (Chromium-based) CVE-2025-11216 Chromium: CVE-2025-11216 Inappropriate implementation in Storage Unknown Microsoft Edge (Chromium-based) CVE-2025-11208 Chromium: CVE-2025-11208 Inappropriate implementation in Media Unknown Microsoft Edge (Chromium-based) CVE-2025-11212 Chromium: CVE-2025-11212 Inappropriate implementation in Media Unknown Microsoft Edge (Chromium-based) CVE-2025-11211 Chromium: CVE-2025-11211 Out of bounds read in Media Unknown Microsoft Edge (Chromium-based) CVE-2025-11205 Chromium: CVE-2025-11205 Heap buffer overflow in WebGPU Unknown Microsoft Edge (Chromium-based) CVE-2025-11207 Chromium: CVE-2025-11207 Side-channel information leakage in Storage Unknown Microsoft Edge (Chromium-based) CVE-2025-11209 Chromium: CVE-2025-11209 Inappropriate implementation in Omnibox Unknown Microsoft Edge (Chromium-based) CVE-2025-11206 Chromium: CVE-2025-11206 Heap buffer overflow in Video Unknown Microsoft Edge (Chromium-based) CVE-2025-11219 Chromium: CVE-2025-11219 Use after free in V8 Unknown Microsoft Exchange Server CVE-2025-59248 Microsoft Exchange Server Spoofing Vulnerability Important Microsoft Exchange Server CVE-2025-59249 Microsoft Exchange Server Elevation of Privilege Vulnerability Important Microsoft Exchange Server CVE-2025-53782 Microsoft Exchange Server Elevation of Privilege Vulnerability Important Microsoft Failover Cluster Virtual Driver CVE-2025-59260 Microsoft Failover Cluster Virtual Driver Information Disclosure Vulnerability Important Microsoft Graphics Component CVE-2025-59195 Microsoft Graphics Component Denial of Service Vulnerability Important Microsoft Graphics Component CVE-2016-9535 MITRE CVE-2016-9535: LibTIFF Heap Buffer Overflow Vulnerability Critical Microsoft Graphics Component CVE-2025-59261 Windows Graphics Component Elevation of Privilege Vulnerability Important Microsoft Graphics Component CVE-2025-49708 Microsoft Graphics Component Elevation of Privilege Vulnerability Critical Microsoft Graphics Component CVE-2025-59205 Windows Graphics Component Elevation of Privilege Vulnerability Important Microsoft Office CVE-2025-59229 Microsoft Office Denial of Service Vulnerability Important Microsoft Office CVE-2025-59227 Microsoft Office Remote Code Execution Vulnerability Critical Microsoft Office CVE-2025-59234 Microsoft Office Remote Code Execution Vulnerability Critical Microsoft Office Excel CVE-2025-59223 Microsoft Excel Remote Code Execution Vulnerability Important Microsoft Office Excel CVE-2025-59224 Microsoft Excel Remote Code Execution Vulnerability Important Microsoft Office Excel CVE-2025-59225 Microsoft Excel Remote Code Execution Vulnerability Important Microsoft Office Excel CVE-2025-59232 Microsoft Excel Information Disclosure Vulnerability Important Microsoft Office Excel CVE-2025-59235 Microsoft Excel Information Disclosure Vulnerability Important Microsoft Office Excel CVE-2025-59233 Microsoft Excel Remote Code Execution Vulnerability Important Microsoft Office Excel CVE-2025-59231 Microsoft Excel Remote Code Execution Vulnerability Important Microsoft Office Excel CVE-2025-59236 Microsoft Excel Remote Code Execution Vulnerability Critical Microsoft Office Excel CVE-2025-59243 Microsoft Excel Remote Code Execution Vulnerability Important Microsoft Office PowerPoint CVE-2025-59238 Microsoft PowerPoint Remote Code Execution Vulnerability Important Microsoft Office SharePoint CVE-2025-59237 Microsoft SharePoint Remote Code Execution Vulnerability Important Microsoft Office SharePoint CVE-2025-59228 Microsoft SharePoint Remote Code Execution Vulnerability Important Microsoft Office Visio CVE-2025-59226 Microsoft Office Visio Remote Code Execution Vulnerability Important Microsoft Office Word CVE-2025-59222 Microsoft Word Remote Code Execution Vulnerability Important Microsoft Office Word CVE-2025-59221 Microsoft Word Remote Code Execution Vulnerability Important Microsoft PowerShell CVE-2025-25004 PowerShell Elevation of Privilege Vulnerability Important Microsoft Windows CVE-2025-55701 Windows Authentication Elevation of Privilege Vulnerability Important Microsoft Windows Codecs Library CVE-2025-54957 MITRE CVE-2025-54957: Integer overflow in Dolby Digital Plus audio decoder Important Microsoft Windows Search Component CVE-2025-59198 Windows Search Service Denial of Service Vulnerability Important Microsoft Windows Search Component CVE-2025-59190 Windows Search Service Denial of Service Vulnerability Important Microsoft Windows Search Component CVE-2025-59253 Windows Search Service Denial of Service Vulnerability Important Microsoft Windows Speech CVE-2025-58715 Windows Speech Runtime Elevation of Privilege Vulnerability Important Microsoft Windows Speech CVE-2025-58716 Windows Speech Runtime Elevation of Privilege Vulnerability Important Network Connection Status Indicator (NCSI) CVE-2025-59201 Network Connection Status Indicator (NCSI) Elevation of Privilege Vulnerability Important NtQueryInformation Token function (ntifs.h) CVE-2025-55696 NtQueryInformation Token function (ntifs.h) Elevation of Privilege Vulnerability Important Redis Enterprise CVE-2025-59271 Redis Enterprise Elevation of Privilege Vulnerability Critical Remote Desktop Client CVE-2025-58718 Remote Desktop Client Remote Code Execution Vulnerability Important Software Protection Platform (SPP) CVE-2025-59199 Software Protection Platform (SPP) Elevation of Privilege Vulnerability Important Storport.sys Driver CVE-2025-59192 Storport.sys Driver Elevation of Privilege Vulnerability Important TCG TPM2.0 CVE-2025-2884 Cert CC: CVE-2025-2884 Out-of-Bounds read vulnerability in TCG TPM2.0 reference implementation Important Virtual Secure Mode CVE-2025-48813 Virtual Secure Mode Spoofing Vulnerability Important Visual Studio CVE-2025-55240 Visual Studio Elevation of Privilege Vulnerability Important Visual Studio CVE-2025-54132 GitHub CVE-2025-54132: Arbitrary Image Fetch in Mermaid Diagram Tool Important Windows Ancillary Function Driver for WinSock CVE-2025-58714 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Important Windows Ancillary Function Driver for WinSock CVE-2025-59242 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Important Windows Authentication Methods CVE-2025-59277 Windows Authentication Elevation of Privilege Vulnerability Important Windows Authentication Methods CVE-2025-59278 Windows Authentication Elevation of Privilege Vulnerability Important Windows Authentication Methods CVE-2025-59275 Windows Authentication Elevation of Privilege Vulnerability Important Windows BitLocker CVE-2025-55337 Windows BitLocker Security Feature Bypass Vulnerability Important Windows BitLocker CVE-2025-55332 Windows BitLocker Security Feature Bypass Vulnerability Important Windows BitLocker CVE-2025-55333 Windows BitLocker Security Feature Bypass Vulnerability Important Windows BitLocker CVE-2025-55330 Windows BitLocker Security Feature Bypass Vulnerability Important Windows BitLocker CVE-2025-55338 Windows BitLocker Security Feature Bypass Vulnerability Important Windows BitLocker CVE-2025-55682 Windows BitLocker Security Feature Bypass Vulnerability Important Windows Bluetooth Service CVE-2025-59290 Windows Bluetooth Service Elevation of Privilege Vulnerability Important Windows Bluetooth Service CVE-2025-58728 Windows Bluetooth Service Elevation of Privilege Vulnerability Important Windows Bluetooth Service CVE-2025-59289 Windows Bluetooth Service Elevation of Privilege Vulnerability Important Windows Cloud Files Mini Filter Driver CVE-2025-55680 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Important Windows Cloud Files Mini Filter Driver CVE-2025-55336 Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability Important Windows COM CVE-2025-58725 Windows COM+ Event System Service Elevation of Privilege Vulnerability Important Windows Connected Devices Platform Service CVE-2025-58727 Windows Connected Devices Platform Service Elevation of Privilege Vulnerability Important Windows Core Shell CVE-2025-59185 NTLM Hash Disclosure Spoofing Vulnerability Important Windows Core Shell CVE-2025-59244 NTLM Hash Disclosure Spoofing Vulnerability Important Windows Cryptographic Services CVE-2025-58720 Windows Cryptographic Services Information Disclosure Vulnerability Important Windows Device Association Broker service CVE-2025-50174 Windows Device Association Broker Service Elevation of Privilege Vulnerability Important Windows Device Association Broker service CVE-2025-55677 Windows Device Association Broker Service Elevation of Privilege Vulnerability Important Windows Digital Media CVE-2025-53150 Windows Digital Media Elevation of Privilege Vulnerability Important Windows Digital Media CVE-2025-50175 Windows Digital Media Elevation of Privilege Vulnerability Important Windows DirectX CVE-2025-55678 DirectX Graphics Kernel Elevation of Privilege Vulnerability Important Windows DirectX CVE-2025-55698 DirectX Graphics Kernel Denial of Service Vulnerability Important Windows DWM CVE-2025-58722 Microsoft DWM Core Library Elevation of Privilege Vulnerability Important Windows DWM CVE-2025-55681 Desktop Windows Manager Elevation of Privilege Vulnerability Important Windows DWM Core Library CVE-2025-59255 Windows DWM Core Library Elevation of Privilege Vulnerability Important Windows DWM Core Library CVE-2025-59254 Microsoft DWM Core Library Elevation of Privilege Vulnerability Important Windows Error Reporting CVE-2025-55692 Windows Error Reporting Service Elevation of Privilege Vulnerability Important Windows Error Reporting CVE-2025-55694 Windows Error Reporting Service Elevation of Privilege Vulnerability Important Windows ETL Channel CVE-2025-59197 Windows ETL Channel Information Disclosure Vulnerability Important Windows Failover Cluster CVE-2025-59188 Microsoft Failover Cluster Information Disclosure Vulnerability Important Windows Failover Cluster CVE-2025-47979 Microsoft Failover Cluster Information Disclosure Vulnerability Important Windows File Explorer CVE-2025-59214 Microsoft Windows File Explorer Spoofing Vulnerability Important Windows File Explorer CVE-2025-58739 Microsoft Windows File Explorer Spoofing Vulnerability Important Windows Health and Optimized Experiences Service CVE-2025-59241 Windows Health and Optimized Experiences Elevation of Privilege Vulnerability Important Windows Hello CVE-2025-53139 Windows Hello Security Feature Bypass Vulnerability Important Windows High Availability Services CVE-2025-59184 Storage Spaces Direct Information Disclosure Vulnerability Important Windows Hyper-V CVE-2025-55328 Windows Hyper-V Elevation of Privilege Vulnerability Important Windows Kernel CVE-2025-55679 Windows Kernel Information Disclosure Vulnerability Important Windows Kernel CVE-2025-55683 Windows Kernel Information Disclosure Vulnerability Important Windows Kernel CVE-2025-59207 Windows Kernel Elevation of Privilege Vulnerability Important Windows Kernel CVE-2025-55334 Windows Kernel Security Feature Bypass Vulnerability Important Windows Kernel CVE-2025-59186 Windows Kernel Information Disclosure Vulnerability Important Windows Kernel CVE-2025-55693 Windows Kernel Elevation of Privilege Vulnerability Important Windows Kernel CVE-2025-59194 Windows Kernel Elevation of Privilege Vulnerability Important Windows Kernel CVE-2025-59187 Windows Kernel Elevation of Privilege Vulnerability Important Windows Kernel CVE-2025-50152 Windows Kernel Elevation of Privilege Vulnerability Important Windows Kernel CVE-2025-55699 Windows Kernel Information Disclosure Vulnerability Important Windows Local Session Manager (LSM) CVE-2025-58729 Windows Local Session Manager (LSM) Denial of Service Vulnerability Important Windows Local Session Manager (LSM) CVE-2025-59257 Windows Local Session Manager (LSM) Denial of Service Vulnerability Important Windows Local Session Manager (LSM) CVE-2025-59259 Windows Local Session Manager (LSM) Denial of Service Vulnerability Important Windows Management Services CVE-2025-59193 Windows Management Services Elevation of Privilege Vulnerability Important Windows Management Services CVE-2025-59204 Windows Management Services Information Disclosure Vulnerability Important Windows MapUrlToZone CVE-2025-59208 Windows MapUrlToZone Information Disclosure Vulnerability Important Windows NDIS CVE-2025-55339 Windows Network Driver Interface Specification Driver Elevation of Privilege Vulnerability Important Windows NTFS CVE-2025-55335 Windows NTFS Elevation of Privilege Vulnerability Important Windows NTLM CVE-2025-59284 Windows NTLM Spoofing Vulnerability Important Windows PrintWorkflowUserSvc CVE-2025-55331 Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability Important Windows PrintWorkflowUserSvc CVE-2025-55689 Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability Important Windows PrintWorkflowUserSvc CVE-2025-55685 Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability Important Windows PrintWorkflowUserSvc CVE-2025-55686 Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability Important Windows PrintWorkflowUserSvc CVE-2025-55690 Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability Important Windows PrintWorkflowUserSvc CVE-2025-55684 Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability Important Windows PrintWorkflowUserSvc CVE-2025-55688 Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability Important Windows PrintWorkflowUserSvc CVE-2025-55691 Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability Important Windows Push Notification Core CVE-2025-59209 Windows Push Notification Information Disclosure Vulnerability Important Windows Push Notification Core CVE-2025-59211 Windows Push Notification Information Disclosure Vulnerability Important Windows Remote Access Connection Manager CVE-2025-59230 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability Important Windows Remote Desktop CVE-2025-58737 Remote Desktop Protocol Remote Code Execution Vulnerability Important Windows Remote Desktop Protocol CVE-2025-55340 Windows Remote Desktop Protocol Security Feature Bypass Important Windows Remote Desktop Services CVE-2025-59202 Windows Remote Desktop Services Elevation of Privilege Vulnerability Important Windows Remote Procedure Call CVE-2025-59502 Remote Procedure Call Denial of Service Vulnerability Moderate Windows Resilient File System (ReFS) CVE-2025-55687 Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability Important Windows Resilient File System (ReFS) Deduplication Service CVE-2025-59210 Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability Important Windows Resilient File System (ReFS) Deduplication Service CVE-2025-59206 Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability Important Windows Routing and Remote Access Service (RRAS) CVE-2025-58717 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability Important Windows Routing and Remote Access Service (RRAS) CVE-2025-55700 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability Important Windows Secure Boot CVE-2025-47827 MITRE CVE-2025-47827: Secure Boot bypass in IGEL OS before 11 Important Windows Server Update Service CVE-2025-59287 Windows Server Update Service (WSUS) Remote Code Execution Vulnerability Critical Windows SMB Client CVE-2025-59280 Windows SMB Client Tampering Vulnerability Important Windows SMB Server CVE-2025-58726 Windows SMB Server Elevation of Privilege Vulnerability Important Windows SSDP Service CVE-2025-59196 Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability Important Windows StateRepository API CVE-2025-59203 Windows State Repository API Server File Information Disclosure Vulnerability Important Windows Storage Management Provider CVE-2025-55325 Windows Storage Management Provider Information Disclosure Vulnerability Important Windows Taskbar Live CVE-2025-59294 Windows Taskbar Live Preview Information Disclosure Vulnerability Important Windows USB Video Driver CVE-2025-55676 Windows USB Video Class System Driver Information Disclosure Vulnerability Important Windows Virtualization-Based Security (VBS) Enclave CVE-2025-53717 Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability Important Windows WLAN Auto Config Service CVE-2025-55695 Windows WLAN AutoConfig Service Information Disclosure Vulnerability Important Xbox CVE-2025-53768 Xbox IStorageService Elevation of Privilege Vulnerability Important XBox Gaming Services CVE-2025-59281 Xbox Gaming Services Elevation of Privilege Vulnerability Important