-
09/04/2020
-
116
-
1.182 bài viết
Microsoft Patch Tuesday tháng 10/2025: Vá 172 lỗ hổng (6 zero-day)
Microsoft vừa phát hành bản cập nhật bảo mật định kỳ Patch Tuesday tháng 10 với 172 lỗ hổng bảo mật được vá, bao gồm 6 lỗ hổng zero-day đang bị tin tặc khai thác tích cực. Đây cũng là cột mốc đặc biệt khi Windows 10 chính thức kết thúc vòng đời hỗ trợ miễn phí, khiến bản vá này trở thành “tấm khiên cuối cùng” cho hệ điều hành phổ biến này nếu người dùng không đăng ký gia hạn bảo mật trả phí.
Zero-day là những lỗ hổng bảo mật chưa có bản vá tại thời điểm bị khai thác. Trong đợt cập nhật này, Microsoft xác nhận ba lỗ hổng đã bị khai thác thực tế và hai lỗ hổng khác đã bị công khai trước khi có bản vá, khiến nguy cơ bị tấn công gia tăng đáng kể.
Các lỗ hổng zero-day tiêu biểu bao gồm:
Đa số các zero-day trong đợt này thuộc nhóm Elevation of Privilege (leo thang đặc quyền), chiếm tới 80 lỗ hổng trong tổng số 172. Điều này có nghĩa, tin tặc có thể không cần truy cập hệ thống từ bên ngoài, chỉ cần một tài khoản bị xâm nhập hoặc cài cắm mã độc trước đó, sau đó khai thác lỗ hổng để chiếm quyền điều khiển toàn bộ hệ thống.
Đặc biệt nguy hiểm là nhóm lỗ hổng liên quan tới driver hệ thống, quản lý kết nối từ xa và TPM/Boot, bởi đây là những thành phần nằm sâu trong lõi hệ điều hành. Khi bị khai thác, các giải pháp bảo mật thông thường như antivirus hoặc EDR có thể khó phát hiện hoặc ngăn chặn kịp thời.
Mức độ rủi ro càng cao trong môi trường doanh nghiệp khi nhiều thiết bị Windows chưa được vá hoặc còn chạy Windows 10, hệ điều hành vừa chính thức kết thúc hỗ trợ miễn phí. Các tổ chức không có chính sách quản lý bản vá chặt chẽ sẽ trở thành mục tiêu hấp dẫn cho các nhóm APT hoặc ransomware.
Không chỉ Microsoft, hàng loạt hãng công nghệ lớn cũng đồng loạt công bố bản vá bảo mật trong tháng 10:
Trước làn sóng khai thác zero-day ngày càng gia tăng, các chuyên gia an ninh mạng khuyến cáo:
WhiteHat
Zero-day là những lỗ hổng bảo mật chưa có bản vá tại thời điểm bị khai thác. Trong đợt cập nhật này, Microsoft xác nhận ba lỗ hổng đã bị khai thác thực tế và hai lỗ hổng khác đã bị công khai trước khi có bản vá, khiến nguy cơ bị tấn công gia tăng đáng kể.
Các lỗ hổng zero-day tiêu biểu bao gồm:
- CVE-2025-24990 và CVE-2025-24052: Lỗ hổng leo thang đặc quyền trong trình điều khiển Agere Modem. Tin tặc có thể lợi dụng driver hệ thống cũ này để chiếm quyền quản trị viên. Microsoft đã loại bỏ driver ltmdm64.sys trong bản vá lần này, đồng nghĩa các thiết bị fax modem liên quan có thể ngừng hoạt động.
- CVE-2025-59230: Lỗ hổng trong Remote Access Connection Manager, cho phép tin tặc có tài khoản hợp lệ leo thang đặc quyền lên cấp SYSTEM, cấp quyền cao nhất trên Windows.
- CVE-2025-47827: Lỗ hổng Secure Boot bypass trong IGEL OS trước bản 11, cho phép bỏ qua cơ chế xác thực khởi động an toàn.
- CVE-2025-0033: Lỗ hổng AMD EPYC SEV-SNP, gây rủi ro cho môi trường điện toán đám mây nếu kẻ tấn công kiểm soát được hypervisor.
- CVE-2025-2884: Lỗ hổng đọc tràn bộ nhớ (Out-of-Bounds Read) trong TCG TPM 2.0 Reference Implementation, có thể dẫn đến rò rỉ thông tin hoặc gây gián đoạn dịch vụ.
Đa số các zero-day trong đợt này thuộc nhóm Elevation of Privilege (leo thang đặc quyền), chiếm tới 80 lỗ hổng trong tổng số 172. Điều này có nghĩa, tin tặc có thể không cần truy cập hệ thống từ bên ngoài, chỉ cần một tài khoản bị xâm nhập hoặc cài cắm mã độc trước đó, sau đó khai thác lỗ hổng để chiếm quyền điều khiển toàn bộ hệ thống.
Đặc biệt nguy hiểm là nhóm lỗ hổng liên quan tới driver hệ thống, quản lý kết nối từ xa và TPM/Boot, bởi đây là những thành phần nằm sâu trong lõi hệ điều hành. Khi bị khai thác, các giải pháp bảo mật thông thường như antivirus hoặc EDR có thể khó phát hiện hoặc ngăn chặn kịp thời.
Mức độ rủi ro càng cao trong môi trường doanh nghiệp khi nhiều thiết bị Windows chưa được vá hoặc còn chạy Windows 10, hệ điều hành vừa chính thức kết thúc hỗ trợ miễn phí. Các tổ chức không có chính sách quản lý bản vá chặt chẽ sẽ trở thành mục tiêu hấp dẫn cho các nhóm APT hoặc ransomware.
Không chỉ Microsoft, hàng loạt hãng công nghệ lớn cũng đồng loạt công bố bản vá bảo mật trong tháng 10:
- Adobe vá lỗi trong nhiều sản phẩm phổ biến.
- Cisco vá lỗi nghiêm trọng trong IOS và Unified Communications Manager.
- Draytek, Ivanti, Oracle, Redis, SAP, Synacor (Zimbra) cũng phát hành bản vá cho các lỗ hổng đang bị khai thác.
Trước làn sóng khai thác zero-day ngày càng gia tăng, các chuyên gia an ninh mạng khuyến cáo:
- Cập nhật bản vá ngay lập tức trên tất cả hệ thống Windows, đặc biệt là server và máy tính đầu cuối.
- Loại bỏ hoặc vô hiệu hóa phần cứng / driver cũ (như modem Agere) nếu không còn cần thiết.
- Xem xét kế hoạch nâng cấp từ Windows 10 lên Windows 11 hoặc đăng ký ESU để tiếp tục nhận bản vá.
- Với doanh nghiệp, triển khai chính sách quản lý bản vá tập trung, ưu tiên xử lý các lỗ hổng zero-day có khả năng bị khai thác.
- Giám sát hệ thống chặt chẽ, đặc biệt các hành vi leo thang đặc quyền, khởi động bất thường hoặc thao tác với TPM/Secure Boot.
STT | Tag | CVE ID | CVE Title | Severity |
| 1 | .NET | CVE-2025-55247 | .NET Elevation of Privilege Vulnerability | Important |
| 2 | .NET, .NET Framework, Visual Studio | CVE-2025-55248 | .NET, .NET Framework, and Visual Studio Information Disclosure Vulnerability | Important |
| 3 | Active Directory Federation Services | CVE-2025-59258 | Windows Active Directory Federation Services (ADFS) Information Disclosure Vulnerability | Important |
| 4 | Agere Windows Modem Driver | CVE-2025-24990 | Windows Agere Modem Driver Elevation of Privilege Vulnerability | Important |
| 5 | Agere Windows Modem Driver | CVE-2025-24052 | Windows Agere Modem Driver Elevation of Privilege Vulnerability | Important |
| 6 | AMD Restricted Memory Page | CVE-2025-0033 | AMD CVE-2025-0033: RMP Corruption During SNP Initialization | Critical |
| 7 | ASP.NET Core | CVE-2025-55315 | ASP.NET Security Feature Bypass Vulnerability | Important |
| 8 | Azure Connected Machine Agent | CVE-2025-47989 | Azure Connected Machine Agent Elevation of Privilege Vulnerability | Important |
| 9 | Azure Connected Machine Agent | CVE-2025-58724 | Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege Vulnerability | Important |
| 10 | Azure Entra ID | CVE-2025-59218 | Azure Entra ID Elevation of Privilege Vulnerability | Critical |
| 11 | Azure Entra ID | CVE-2025-59246 | Azure Entra ID Elevation of Privilege Vulnerability | Critical |
| 12 | Azure Local | CVE-2025-55697 | Azure Local Elevation of Privilege Vulnerability | Important |
| 13 | Azure Monitor | CVE-2025-55321 | Azure Monitor Log Analytics Spoofing Vulnerability | Critical |
| 14 | Azure Monitor Agent | CVE-2025-59285 | Azure Monitor Agent Elevation of Privilege Vulnerability | Important |
| 15 | Azure Monitor Agent | CVE-2025-59494 | Azure Monitor Agent Elevation of Privilege Vulnerability | Important |
| 16 | Azure PlayFab | CVE-2025-59247 | Azure PlayFab Elevation of Privilege Vulnerability | Critical |
| 17 | Confidential Azure Container Instances | CVE-2025-59292 | Azure Compute Gallery Elevation of Privilege Vulnerability | Critical |
| 18 | Confidential Azure Container Instances | CVE-2025-59291 | Confidential Azure Container Instances Elevation of Privilege Vulnerability | Critical |
| 19 | Connected Devices Platform Service (Cdpsvc) | CVE-2025-59191 | Windows Connected Devices Platform Service Elevation of Privilege Vulnerability | Important |
| 20 | Connected Devices Platform Service (Cdpsvc) | CVE-2025-55326 | Windows Connected Devices Platform Service (Cdpsvc) Remote Code Execution Vulnerability | Important |
| 21 | Connected Devices Platform Service (Cdpsvc) | CVE-2025-58719 | Windows Connected Devices Platform Service Elevation of Privilege Vulnerability | Important |
| 22 | Copilot | CVE-2025-59272 | Copilot Spoofing Vulnerability | Critical |
| 23 | Copilot | CVE-2025-59252 | M365 Copilot Spoofing Vulnerability | Critical |
| 24 | Copilot | CVE-2025-59286 | Copilot Spoofing Vulnerability | Critical |
| 25 | Data Sharing Service Client | CVE-2025-59200 | Data Sharing Service Spoofing Vulnerability | Important |
| 26 | Games | CVE-2025-59489 | MITRE: CVE-2025-59489 Unity Gaming Engine Editor vulnerability | Important |
| 27 | GitHub | CVE-2025-59288 | Playwright Spoofing Vulnerability | Moderate |
| 28 | Inbox COM Objects | CVE-2025-58735 | Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability | Important |
| 29 | Inbox COM Objects | CVE-2025-58732 | Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability | Important |
| 30 | Inbox COM Objects | CVE-2025-59282 | Internet Information Services (IIS) Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability | Important |
| 31 | Inbox COM Objects | CVE-2025-58733 | Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability | Important |
| 32 | Inbox COM Objects | CVE-2025-58734 | Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability | Important |
| 33 | Inbox COM Objects | CVE-2025-58738 | Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability | Important |
| 34 | Inbox COM Objects | CVE-2025-58731 | Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability | Important |
| 35 | Inbox COM Objects | CVE-2025-58730 | Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability | Important |
| 36 | Inbox COM Objects | CVE-2025-58736 | Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability | Important |
| 37 | Internet Explorer | CVE-2025-59295 | Windows URL Parsing Remote Code Execution Vulnerability | Important |
| 38 | JDBC Driver for SQL Server | CVE-2025-59250 | JDBC Driver for SQL Server Spoofing Vulnerability | Important |
| 39 | Mariner | CVE-2025-39943 | ksmbd: smbdirect: validate data_offset and data_length field of smb_direct_data_transfer | Critical |
| 40 | Mariner | CVE-2025-39946 | tls: make sure to abort the stream if headers are bogus | Moderate |
| 41 | Mariner | CVE-2025-39942 | ksmbd: smbdirect: verify remaining_data_length respects max_fragmented_recv_size | Moderate |
| 42 | Mariner | CVE-2025-39951 | um: virtio_uml: Fix use-after-free after put_device in probe | Moderate |
| 43 | Mariner | CVE-2025-39932 | smb: client: let smbd_destroy() call disable_work_sync(&info->post_send_credits_work) | Moderate |
| 44 | Mariner | CVE-2025-39949 | qed: Don't collect too many protection override GRC elements | Moderate |
| 45 | Mariner | CVE-2025-39937 | net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer | Moderate |
| 46 | Mariner | CVE-2025-39955 | tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect(). | Moderate |
| 47 | Mariner | CVE-2025-39895 | sched: Fix sched_numa_find_nth_cpu() if mask offline | Moderate |
| 48 | Mariner | CVE-2025-11413 | GNU Binutils Linker elflink.c elf_link_add_object_symbols out-of-bounds | Moderate |
| 49 | Mariner | CVE-2025-11414 | GNU Binutils Linker elflink.c get_link_hash_entry out-of-bounds | Moderate |
| 50 | Mariner | CVE-2025-39938 | ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed | Moderate |
| 51 | Mariner | CVE-2025-11495 | GNU Binutils Linker elf64-x86-64.c elf_x86_64_relocate_section heap-based overflow | Moderate |
| 52 | Mariner | CVE-2025-39934 | drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ | Moderate |
| 53 | Mariner | CVE-2025-39929 | smb: client: fix smbdirect_recv_io leak in smbd_negotiate() error path | Moderate |
| 54 | Mariner | CVE-2025-39945 | cnic: Fix use-after-free bugs in cnic_delete_task | Important |
| 55 | Mariner | CVE-2025-39907 | mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer | Critical |
| 56 | Mariner | CVE-2025-39913 | tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork. | Moderate |
| 57 | Mariner | CVE-2025-39952 | wifi: wilc1000: avoid buffer overflow in WID string configuration | Important |
| 58 | Mariner | CVE-2025-39940 | dm-stripe: fix a possible integer overflow | Moderate |
| 59 | Mariner | CVE-2025-39953 | cgroup: split cgroup_destroy_wq into 3 workqueues | Moderate |
| 60 | Mariner | CVE-2023-53469 | af_unix: Fix null-ptr-deref in unix_stream_sendpage(). | Important |
| 61 | Mariner | CVE-2025-39914 | tracing: Silence warning when chunk allocation fails in trace_pid_write | Moderate |
| 62 | Mariner | CVE-2025-39905 | net: phylink: add lock for serializing concurrent pl->phydev writes with resolver | Moderate |
| 63 | Mariner | CVE-2025-39920 | pcmcia: Add error handling for add_interval() in do_validate_mem() | Moderate |
| 64 | Mariner | CVE-2025-39911 | i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path | Low |
| 65 | Mariner | CVE-2025-39958 | iommu/s390: Make attach succeed when the device was surprise removed | Low |
| 66 | Mariner | CVE-2025-8291 | ZIP64 End of Central Directory (EOCD) Locator record offset not checked | Moderate |
| 67 | Mariner | CVE-2025-39957 | wifi: mac80211: increase scan_ies_len for S1G | Low |
| 68 | Mariner | CVE-2025-46818 | Redis: Authenticated users can execute LUA scripts as a different user | Moderate |
| 69 | Mariner | CVE-2025-46817 | Lua library commands may lead to integer overflow and potential RCE | Important |
| 70 | Mariner | CVE-2022-50502 | mm: /proc/pid/smaps_rollup: fix no vma's null-deref | Moderate |
| 71 | Mariner | CVE-2025-39944 | octeontx2-pf: Fix use-after-free bugs in otx2_sync_tstamp() | Important |
| 72 | Mariner | CVE-2025-11234 | Qemu-kvm: vnc websocket handshake use-after-free | Moderate |
| 73 | Mariner | CVE-2025-49844 | Redis Lua Use-After-Free may lead to remote code execution | Critical |
| 74 | Mariner | CVE-2025-10729 | Use-after-free vulnerability in Qt SVG qsvghandler.cpp allows denial of service via crafted SVG | Important |
| 75 | Mariner | CVE-2025-39961 | iommu/amd/pgtbl: Fix possible race while increase page table level | Moderate |
| 76 | Mariner | CVE-2025-61984 | ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. (A configuration file that provides a complete literal username is not categorized as an untrusted source.) | Low |
| 77 | Mariner | CVE-2025-46819 | Redis is vulnerable to DoS via specially crafted LUA scripts | Moderate |
| 78 | Mariner | CVE-2025-37727 | Elasticsearch Insertion of sensitive information in log file | Moderate |
| 79 | Mariner | CVE-2025-11412 | GNU Binutils Linker elflink.c bfd_elf_gc_record_vtentry out-of-bounds | Moderate |
| 80 | Mariner | CVE-2025-39931 | crypto: af_alg - Set merge to zero early in af_alg_sendmsg | Moderate |
| 81 | Mariner | CVE-2025-39933 | smb: client: let recv_done verify data_offset, data_length and remaining_data_length | Moderate |
| 82 | Mariner | CVE-2025-39947 | net/mlx5e: Harden uplink netdev access against device unbind | Moderate |
| 83 | Mariner | CVE-2025-61985 | ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used. | Low |
| 84 | Mariner | CVE-2025-10728 | Uncontrolled recursion in Qt SVG module | Important |
| 85 | Mariner | CVE-2025-39916 | mm/damon/reclaim: avoid divide-by-zero in damon_reclaim_apply_parameters() | Moderate |
| 86 | Mariner | CVE-2025-39902 | mm/slub: avoid accessing metadata when pointer is invalid in object_err() | Moderate |
| 87 | Mariner | CVE-2025-39923 | dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees | Moderate |
| 88 | Mariner | CVE-2025-39898 | e1000e: fix heap overflow in e1000_set_eeprom | Critical |
| 89 | Mariner | CVE-2025-39925 | can: j1939: implement NETDEV_UNREGISTER notification handler | Critical |
| 90 | Mariner | CVE-2025-39891 | wifi: mwifiex: Initialize the chan_stats array to zero | Moderate |
| 91 | Mariner | CVE-2025-39927 | ceph: fix race condition validating r_parent before applying state | Moderate |
| 92 | Mariner | CVE-2025-39901 | i40e: remove read access to debugfs files | Important |
| 93 | Mariner | CVE-2025-39910 | mm/vmalloc, mm/kasan: respect gfp mask in kasan_populate_vmalloc() | Critical |
| 94 | Mariner | CVE-2025-39909 | mm/damon/lru_sort: avoid divide-by-zero in damon_lru_sort_apply_parameters() | Moderate |
| 95 | Microsoft Brokering File System | CVE-2025-48004 | Microsoft Brokering File System Elevation of Privilege Vulnerability | Important |
| 96 | Microsoft Brokering File System | CVE-2025-59189 | Microsoft Brokering File System Elevation of Privilege Vulnerability | Important |
| 97 | Microsoft Configuration Manager | CVE-2025-55320 | Configuration Manager Elevation of Privilege Vulnerability | Important |
| 98 | Microsoft Configuration Manager | CVE-2025-59213 | Configuration Manager Elevation of Privilege Vulnerability | Important |
| 99 | Microsoft Defender for Linux | CVE-2025-59497 | Microsoft Defender for Linux Denial of Service Vulnerability | Important |
| 100 | Microsoft Edge (Chromium-based) | CVE-2025-11213 | Chromium: CVE-2025-11213 Inappropriate implementation in Omnibox | Unknown |
| 101 | Microsoft Edge (Chromium-based) | CVE-2025-11210 | Chromium: CVE-2025-11210 Side-channel information leakage in Tab | Unknown |
| 102 | Microsoft Edge (Chromium-based) | CVE-2025-11460 | Chromium: CVE-2025-11460 Use after free in Storage | Unknown |
| 103 | Microsoft Edge (Chromium-based) | CVE-2025-11458 | Chromium: CVE-2025-11458 Heap buffer overflow in Sync | Unknown |
| 104 | Microsoft Edge (Chromium-based) | CVE-2025-11215 | Chromium: CVE-2025-11215 Off by one error in V8 | Unknown |
| 105 | Microsoft Edge (Chromium-based) | CVE-2025-11216 | Chromium: CVE-2025-11216 Inappropriate implementation in Storage | Unknown |
| 106 | Microsoft Edge (Chromium-based) | CVE-2025-11208 | Chromium: CVE-2025-11208 Inappropriate implementation in Media | Unknown |
| 107 | Microsoft Edge (Chromium-based) | CVE-2025-11212 | Chromium: CVE-2025-11212 Inappropriate implementation in Media | Unknown |
| 108 | Microsoft Edge (Chromium-based) | CVE-2025-11211 | Chromium: CVE-2025-11211 Out of bounds read in Media | Unknown |
| 109 | Microsoft Edge (Chromium-based) | CVE-2025-11205 | Chromium: CVE-2025-11205 Heap buffer overflow in WebGPU | Unknown |
| 110 | Microsoft Edge (Chromium-based) | CVE-2025-11207 | Chromium: CVE-2025-11207 Side-channel information leakage in Storage | Unknown |
| 111 | Microsoft Edge (Chromium-based) | CVE-2025-11209 | Chromium: CVE-2025-11209 Inappropriate implementation in Omnibox | Unknown |
| 112 | Microsoft Edge (Chromium-based) | CVE-2025-11206 | Chromium: CVE-2025-11206 Heap buffer overflow in Video | Unknown |
| 113 | Microsoft Edge (Chromium-based) | CVE-2025-11219 | Chromium: CVE-2025-11219 Use after free in V8 | Unknown |
| 114 | Microsoft Exchange Server | CVE-2025-59248 | Microsoft Exchange Server Spoofing Vulnerability | Important |
| 115 | Microsoft Exchange Server | CVE-2025-59249 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Important |
| 116 | Microsoft Exchange Server | CVE-2025-53782 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Important |
| 117 | Microsoft Failover Cluster Virtual Driver | CVE-2025-59260 | Microsoft Failover Cluster Virtual Driver Information Disclosure Vulnerability | Important |
| 118 | Microsoft Graphics Component | CVE-2025-59195 | Microsoft Graphics Component Denial of Service Vulnerability | Important |
| 119 | Microsoft Graphics Component | CVE-2016-9535 | MITRE CVE-2016-9535: LibTIFF Heap Buffer Overflow Vulnerability | Critical |
| 120 | Microsoft Graphics Component | CVE-2025-59261 | Windows Graphics Component Elevation of Privilege Vulnerability | Important |
| 121 | Microsoft Graphics Component | CVE-2025-49708 | Microsoft Graphics Component Elevation of Privilege Vulnerability | Critical |
| 122 | Microsoft Graphics Component | CVE-2025-59205 | Windows Graphics Component Elevation of Privilege Vulnerability | Important |
| 123 | Microsoft Office | CVE-2025-59229 | Microsoft Office Denial of Service Vulnerability | Important |
| 124 | Microsoft Office | CVE-2025-59227 | Microsoft Office Remote Code Execution Vulnerability | Critical |
| 125 | Microsoft Office | CVE-2025-59234 | Microsoft Office Remote Code Execution Vulnerability | Critical |
| 126 | Microsoft Office Excel | CVE-2025-59223 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| 127 | Microsoft Office Excel | CVE-2025-59224 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| 128 | Microsoft Office Excel | CVE-2025-59225 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| 129 | Microsoft Office Excel | CVE-2025-59232 | Microsoft Excel Information Disclosure Vulnerability | Important |
| 130 | Microsoft Office Excel | CVE-2025-59235 | Microsoft Excel Information Disclosure Vulnerability | Important |
| 131 | Microsoft Office Excel | CVE-2025-59233 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| 132 | Microsoft Office Excel | CVE-2025-59231 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| 133 | Microsoft Office Excel | CVE-2025-59236 | Microsoft Excel Remote Code Execution Vulnerability | Critical |
| 134 | Microsoft Office Excel | CVE-2025-59243 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| 135 | Microsoft Office PowerPoint | CVE-2025-59238 | Microsoft PowerPoint Remote Code Execution Vulnerability | Important |
| 136 | Microsoft Office SharePoint | CVE-2025-59237 | Microsoft SharePoint Remote Code Execution Vulnerability | Important |
| 137 | Microsoft Office SharePoint | CVE-2025-59228 | Microsoft SharePoint Remote Code Execution Vulnerability | Important |
| 138 | Microsoft Office Visio | CVE-2025-59226 | Microsoft Office Visio Remote Code Execution Vulnerability | Important |
| 139 | Microsoft Office Word | CVE-2025-59222 | Microsoft Word Remote Code Execution Vulnerability | Important |
| 140 | Microsoft Office Word | CVE-2025-59221 | Microsoft Word Remote Code Execution Vulnerability | Important |
| 141 | Microsoft PowerShell | CVE-2025-25004 | PowerShell Elevation of Privilege Vulnerability | Important |
| 142 | Microsoft Windows | CVE-2025-55701 | Windows Authentication Elevation of Privilege Vulnerability | Important |
| 143 | Microsoft Windows Codecs Library | CVE-2025-54957 | MITRE CVE-2025-54957: Integer overflow in Dolby Digital Plus audio decoder | Important |
| 144 | Microsoft Windows Search Component | CVE-2025-59198 | Windows Search Service Denial of Service Vulnerability | Important |
| 145 | Microsoft Windows Search Component | CVE-2025-59190 | Windows Search Service Denial of Service Vulnerability | Important |
| 146 | Microsoft Windows Search Component | CVE-2025-59253 | Windows Search Service Denial of Service Vulnerability | Important |
| 147 | Microsoft Windows Speech | CVE-2025-58715 | Windows Speech Runtime Elevation of Privilege Vulnerability | Important |
| 148 | Microsoft Windows Speech | CVE-2025-58716 | Windows Speech Runtime Elevation of Privilege Vulnerability | Important |
| 149 | Network Connection Status Indicator (NCSI) | CVE-2025-59201 | Network Connection Status Indicator (NCSI) Elevation of Privilege Vulnerability | Important |
| 150 | NtQueryInformation Token function (ntifs.h) | CVE-2025-55696 | NtQueryInformation Token function (ntifs.h) Elevation of Privilege Vulnerability | Important |
| 151 | Redis Enterprise | CVE-2025-59271 | Redis Enterprise Elevation of Privilege Vulnerability | Critical |
| 152 | Remote Desktop Client | CVE-2025-58718 | Remote Desktop Client Remote Code Execution Vulnerability | Important |
| 153 | Software Protection Platform (SPP) | CVE-2025-59199 | Software Protection Platform (SPP) Elevation of Privilege Vulnerability | Important |
| 154 | Storport.sys Driver | CVE-2025-59192 | Storport.sys Driver Elevation of Privilege Vulnerability | Important |
| 155 | TCG TPM2.0 | CVE-2025-2884 | Cert CC: CVE-2025-2884 Out-of-Bounds read vulnerability in TCG TPM2.0 reference implementation | Important |
| 156 | Virtual Secure Mode | CVE-2025-48813 | Virtual Secure Mode Spoofing Vulnerability | Important |
| 157 | Visual Studio | CVE-2025-55240 | Visual Studio Elevation of Privilege Vulnerability | Important |
| 158 | Visual Studio | CVE-2025-54132 | GitHub CVE-2025-54132: Arbitrary Image Fetch in Mermaid Diagram Tool | Important |
| 159 | Windows Ancillary Function Driver for WinSock | CVE-2025-58714 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | Important |
| 160 | Windows Ancillary Function Driver for WinSock | CVE-2025-59242 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | Important |
| 161 | Windows Authentication Methods | CVE-2025-59277 | Windows Authentication Elevation of Privilege Vulnerability | Important |
| 162 | Windows Authentication Methods | CVE-2025-59278 | Windows Authentication Elevation of Privilege Vulnerability | Important |
| 163 | Windows Authentication Methods | CVE-2025-59275 | Windows Authentication Elevation of Privilege Vulnerability | Important |
| 164 | Windows BitLocker | CVE-2025-55337 | Windows BitLocker Security Feature Bypass Vulnerability | Important |
| 165 | Windows BitLocker | CVE-2025-55332 | Windows BitLocker Security Feature Bypass Vulnerability | Important |
| 166 | Windows BitLocker | CVE-2025-55333 | Windows BitLocker Security Feature Bypass Vulnerability | Important |
| 167 | Windows BitLocker | CVE-2025-55330 | Windows BitLocker Security Feature Bypass Vulnerability | Important |
| 168 | Windows BitLocker | CVE-2025-55338 | Windows BitLocker Security Feature Bypass Vulnerability | Important |
| 169 | Windows BitLocker | CVE-2025-55682 | Windows BitLocker Security Feature Bypass Vulnerability | Important |
| 170 | Windows Bluetooth Service | CVE-2025-59290 | Windows Bluetooth Service Elevation of Privilege Vulnerability | Important |
| 171 | Windows Bluetooth Service | CVE-2025-58728 | Windows Bluetooth Service Elevation of Privilege Vulnerability | Important |
| 172 | Windows Bluetooth Service | CVE-2025-59289 | Windows Bluetooth Service Elevation of Privilege Vulnerability | Important |
| 173 | Windows Cloud Files Mini Filter Driver | CVE-2025-55680 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | Important |
| 174 | Windows Cloud Files Mini Filter Driver | CVE-2025-55336 | Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability | Important |
| 175 | Windows COM | CVE-2025-58725 | Windows COM+ Event System Service Elevation of Privilege Vulnerability | Important |
| 176 | Windows Connected Devices Platform Service | CVE-2025-58727 | Windows Connected Devices Platform Service Elevation of Privilege Vulnerability | Important |
| 177 | Windows Core Shell | CVE-2025-59185 | NTLM Hash Disclosure Spoofing Vulnerability | Important |
| 178 | Windows Core Shell | CVE-2025-59244 | NTLM Hash Disclosure Spoofing Vulnerability | Important |
| 179 | Windows Cryptographic Services | CVE-2025-58720 | Windows Cryptographic Services Information Disclosure Vulnerability | Important |
| 180 | Windows Device Association Broker service | CVE-2025-50174 | Windows Device Association Broker Service Elevation of Privilege Vulnerability | Important |
| 181 | Windows Device Association Broker service | CVE-2025-55677 | Windows Device Association Broker Service Elevation of Privilege Vulnerability | Important |
| 182 | Windows Digital Media | CVE-2025-53150 | Windows Digital Media Elevation of Privilege Vulnerability | Important |
| 183 | Windows Digital Media | CVE-2025-50175 | Windows Digital Media Elevation of Privilege Vulnerability | Important |
| 184 | Windows DirectX | CVE-2025-55678 | DirectX Graphics Kernel Elevation of Privilege Vulnerability | Important |
| 185 | Windows DirectX | CVE-2025-55698 | DirectX Graphics Kernel Denial of Service Vulnerability | Important |
| 186 | Windows DWM | CVE-2025-58722 | Microsoft DWM Core Library Elevation of Privilege Vulnerability | Important |
| 187 | Windows DWM | CVE-2025-55681 | Desktop Windows Manager Elevation of Privilege Vulnerability | Important |
| 188 | Windows DWM Core Library | CVE-2025-59255 | Windows DWM Core Library Elevation of Privilege Vulnerability | Important |
| 189 | Windows DWM Core Library | CVE-2025-59254 | Microsoft DWM Core Library Elevation of Privilege Vulnerability | Important |
| 190 | Windows Error Reporting | CVE-2025-55692 | Windows Error Reporting Service Elevation of Privilege Vulnerability | Important |
| 191 | Windows Error Reporting | CVE-2025-55694 | Windows Error Reporting Service Elevation of Privilege Vulnerability | Important |
| 192 | Windows ETL Channel | CVE-2025-59197 | Windows ETL Channel Information Disclosure Vulnerability | Important |
| 193 | Windows Failover Cluster | CVE-2025-59188 | Microsoft Failover Cluster Information Disclosure Vulnerability | Important |
| 194 | Windows Failover Cluster | CVE-2025-47979 | Microsoft Failover Cluster Information Disclosure Vulnerability | Important |
| 195 | Windows File Explorer | CVE-2025-59214 | Microsoft Windows File Explorer Spoofing Vulnerability | Important |
| 196 | Windows File Explorer | CVE-2025-58739 | Microsoft Windows File Explorer Spoofing Vulnerability | Important |
| 197 | Windows Health and Optimized Experiences Service | CVE-2025-59241 | Windows Health and Optimized Experiences Elevation of Privilege Vulnerability | Important |
| 198 | Windows Hello | CVE-2025-53139 | Windows Hello Security Feature Bypass Vulnerability | Important |
| 199 | Windows High Availability Services | CVE-2025-59184 | Storage Spaces Direct Information Disclosure Vulnerability | Important |
| 200 | Windows Hyper-V | CVE-2025-55328 | Windows Hyper-V Elevation of Privilege Vulnerability | Important |
| 201 | Windows Kernel | CVE-2025-55679 | Windows Kernel Information Disclosure Vulnerability | Important |
| 202 | Windows Kernel | CVE-2025-55683 | Windows Kernel Information Disclosure Vulnerability | Important |
| 203 | Windows Kernel | CVE-2025-59207 | Windows Kernel Elevation of Privilege Vulnerability | Important |
| 204 | Windows Kernel | CVE-2025-55334 | Windows Kernel Security Feature Bypass Vulnerability | Important |
| 205 | Windows Kernel | CVE-2025-59186 | Windows Kernel Information Disclosure Vulnerability | Important |
| 206 | Windows Kernel | CVE-2025-55693 | Windows Kernel Elevation of Privilege Vulnerability | Important |
| 207 | Windows Kernel | CVE-2025-59194 | Windows Kernel Elevation of Privilege Vulnerability | Important |
| 208 | Windows Kernel | CVE-2025-59187 | Windows Kernel Elevation of Privilege Vulnerability | Important |
| 209 | Windows Kernel | CVE-2025-50152 | Windows Kernel Elevation of Privilege Vulnerability | Important |
| 210 | Windows Kernel | CVE-2025-55699 | Windows Kernel Information Disclosure Vulnerability | Important |
| 211 | Windows Local Session Manager (LSM) | CVE-2025-58729 | Windows Local Session Manager (LSM) Denial of Service Vulnerability | Important |
| 212 | Windows Local Session Manager (LSM) | CVE-2025-59257 | Windows Local Session Manager (LSM) Denial of Service Vulnerability | Important |
| 213 | Windows Local Session Manager (LSM) | CVE-2025-59259 | Windows Local Session Manager (LSM) Denial of Service Vulnerability | Important |
| 214 | Windows Management Services | CVE-2025-59193 | Windows Management Services Elevation of Privilege Vulnerability | Important |
| 215 | Windows Management Services | CVE-2025-59204 | Windows Management Services Information Disclosure Vulnerability | Important |
| 216 | Windows MapUrlToZone | CVE-2025-59208 | Windows MapUrlToZone Information Disclosure Vulnerability | Important |
| 217 | Windows NDIS | CVE-2025-55339 | Windows Network Driver Interface Specification Driver Elevation of Privilege Vulnerability | Important |
| 218 | Windows NTFS | CVE-2025-55335 | Windows NTFS Elevation of Privilege Vulnerability | Important |
| 219 | Windows NTLM | CVE-2025-59284 | Windows NTLM Spoofing Vulnerability | Important |
| 220 | Windows PrintWorkflowUserSvc | CVE-2025-55331 | Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | Important |
| 221 | Windows PrintWorkflowUserSvc | CVE-2025-55689 | Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | Important |
| 222 | Windows PrintWorkflowUserSvc | CVE-2025-55685 | Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | Important |
| 223 | Windows PrintWorkflowUserSvc | CVE-2025-55686 | Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | Important |
| 224 | Windows PrintWorkflowUserSvc | CVE-2025-55690 | Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | Important |
| 225 | Windows PrintWorkflowUserSvc | CVE-2025-55684 | Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | Important |
| 226 | Windows PrintWorkflowUserSvc | CVE-2025-55688 | Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | Important |
| 227 | Windows PrintWorkflowUserSvc | CVE-2025-55691 | Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | Important |
| 228 | Windows Push Notification Core | CVE-2025-59209 | Windows Push Notification Information Disclosure Vulnerability | Important |
| 229 | Windows Push Notification Core | CVE-2025-59211 | Windows Push Notification Information Disclosure Vulnerability | Important |
| 230 | Windows Remote Access Connection Manager | CVE-2025-59230 | Windows Remote Access Connection Manager Elevation of Privilege Vulnerability | Important |
| 231 | Windows Remote Desktop | CVE-2025-58737 | Remote Desktop Protocol Remote Code Execution Vulnerability | Important |
| 232 | Windows Remote Desktop Protocol | CVE-2025-55340 | Windows Remote Desktop Protocol Security Feature Bypass | Important |
| 233 | Windows Remote Desktop Services | CVE-2025-59202 | Windows Remote Desktop Services Elevation of Privilege Vulnerability | Important |
| 234 | Windows Remote Procedure Call | CVE-2025-59502 | Remote Procedure Call Denial of Service Vulnerability | Moderate |
| 235 | Windows Resilient File System (ReFS) | CVE-2025-55687 | Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability | Important |
| 236 | Windows Resilient File System (ReFS) Deduplication Service | CVE-2025-59210 | Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability | Important |
| 237 | Windows Resilient File System (ReFS) Deduplication Service | CVE-2025-59206 | Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability | Important |
| 238 | Windows Routing and Remote Access Service (RRAS) | CVE-2025-58717 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability | Important |
| 239 | Windows Routing and Remote Access Service (RRAS) | CVE-2025-55700 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability | Important |
| 240 | Windows Secure Boot | CVE-2025-47827 | MITRE CVE-2025-47827: Secure Boot bypass in IGEL OS before 11 | Important |
| 241 | Windows Server Update Service | CVE-2025-59287 | Windows Server Update Service (WSUS) Remote Code Execution Vulnerability | Critical |
| 242 | Windows SMB Client | CVE-2025-59280 | Windows SMB Client Tampering Vulnerability | Important |
| 243 | Windows SMB Server | CVE-2025-58726 | Windows SMB Server Elevation of Privilege Vulnerability | Important |
| 244 | Windows SSDP Service | CVE-2025-59196 | Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability | Important |
| 245 | Windows StateRepository API | CVE-2025-59203 | Windows State Repository API Server File Information Disclosure Vulnerability | Important |
| 246 | Windows Storage Management Provider | CVE-2025-55325 | Windows Storage Management Provider Information Disclosure Vulnerability | Important |
| 247 | Windows Taskbar Live | CVE-2025-59294 | Windows Taskbar Live Preview Information Disclosure Vulnerability | Important |
| 248 | Windows USB Video Driver | CVE-2025-55676 | Windows USB Video Class System Driver Information Disclosure Vulnerability | Important |
| 249 | Windows Virtualization-Based Security (VBS) Enclave | CVE-2025-53717 | Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability | Important |
| 250 | Windows WLAN Auto Config Service | CVE-2025-55695 | Windows WLAN AutoConfig Service Information Disclosure Vulnerability | Important |
| 251 | Xbox | CVE-2025-53768 | Xbox IStorageService Elevation of Privilege Vulnerability | Important |
| 252 | XBox Gaming Services | CVE-2025-59281 | Xbox Gaming Services Elevation of Privilege Vulnerability | Important |
WhiteHat