Microsoft CVE Summary

This report contains detail for the following vulnerabilities:

CVE Issued by Tag CVE ID CVE Title
MicrosoftAzure Monitor Agent CVE-2025-59504 Azure Monitor Agent Remote Code Execution Vulnerability
MicrosoftCustomer Experience Improvement Program (CEIP) CVE-2025-59512 Customer Experience Improvement Program (CEIP) Elevation of Privilege Vulnerability
MicrosoftDynamics 365 Field Service (online) CVE-2025-62211 Dynamics 365 Field Service (online) Spoofing Vulnerability
MicrosoftDynamics 365 Field Service (online) CVE-2025-62210 Dynamics 365 Field Service (online) Spoofing Vulnerability
MicrosoftGitHub Copilot and Visual Studio Code CVE-2025-62453 GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability
MicrosoftHost Process for Windows Tasks CVE-2025-60710 Host Process for Windows Tasks Elevation of Privilege Vulnerability
GitHub_MMariner CVE-2025-64433 KubeVirt Arbitrary Container File Read
GitHub_MMariner CVE-2025-64434 KubeVirt Improper TLS Certificate Management Handling Allows API Identity Spoofing
GitHub_MMariner CVE-2025-64436 KubeVirt Excessive Role Permissions Could Enable Unauthorized VMI Migrations Between Nodes
VulDBMariner CVE-2025-12875 mruby array.c ary_fill_exec out-of-bounds write
GitHub_MMariner CVE-2025-31133 runc container escape via "masked path" abuse due to mount race conditions
curlMariner CVE-2025-10966 missing SFTP host verification with wolfSSH
redhatMariner CVE-2025-12863 Libxml2: namespace use-after-free in xmlsettreedoc() function of libxml2
GitHub_MMariner CVE-2025-64435 KubeVirt VMI Denial-of-Service (DoS) Using Pod Impersonation
GitHub_MMariner CVE-2025-64329 containerd CRI server: Host memory exhaustion through Attach goroutine leak
LinuxMariner CVE-2025-40107 can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled
GitHub_MMariner CVE-2025-64432 KubeVirt Affected by an Authentication Bypass in Kubernetes Aggregation Layer
GitHub_MMariner CVE-2024-25621 containerd affected by a local privilege escalation via wide permissions on CRI directory
GitHub_MMariner CVE-2025-52565 container escape due to /dev/console mount and related races
LinuxMariner CVE-2025-40109 crypto: rng - Ensure set_ent is always present
GitHub_MMariner CVE-2025-64437 KubeVirt Isolation Detection Flaw Allows Arbitrary File Permission Changes
mitreMariner CVE-2025-60753 An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).
GitHub_MMariner CVE-2025-52881 runc: LSM labels can be bypassed with malicious config using dummy procfs files
MicrosoftMicrosoft Configuration Manager CVE-2025-47179 Configuration Manager Elevation of Privilege Vulnerability
MicrosoftMicrosoft Dynamics 365 (on-premises) CVE-2025-62206 Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability
ChromeMicrosoft Edge (Chromium-based) CVE-2025-12726 Chromium: CVE-2025-12726 Inappropriate implementation in Views.
ChromeMicrosoft Edge (Chromium-based) CVE-2025-12729 Chromium: CVE-2025-12729 Inappropriate implementation in Omnibox
ChromeMicrosoft Edge (Chromium-based) CVE-2025-12727 Chromium: CVE-2025-12727 Inappropriate implementation in V8
ChromeMicrosoft Edge (Chromium-based) CVE-2025-12725 Chromium: CVE-2025-12725 Out of bounds write in WebGPU
ChromeMicrosoft Edge (Chromium-based) CVE-2025-12728 Chromium: CVE-2025-12728 Inappropriate implementation in Omnibox
MicrosoftMicrosoft Graphics Component CVE-2025-60724 GDI+ Remote Code Execution Vulnerability
MicrosoftMicrosoft Office CVE-2025-62216 Microsoft Office Remote Code Execution Vulnerability
MicrosoftMicrosoft Office CVE-2025-62199 Microsoft Office Remote Code Execution Vulnerability
MicrosoftMicrosoft Office Excel CVE-2025-62200 Microsoft Excel Remote Code Execution Vulnerability
MicrosoftMicrosoft Office Excel CVE-2025-62201 Microsoft Excel Remote Code Execution Vulnerability
MicrosoftMicrosoft Office Excel CVE-2025-60726 Microsoft Excel Information Disclosure Vulnerability
MicrosoftMicrosoft Office Excel CVE-2025-62203 Microsoft Excel Remote Code Execution Vulnerability
MicrosoftMicrosoft Office Excel CVE-2025-62202 Microsoft Excel Information Disclosure Vulnerability
MicrosoftMicrosoft Office Excel CVE-2025-60727 Microsoft Excel Remote Code Execution Vulnerability
MicrosoftMicrosoft Office Excel CVE-2025-60728 Microsoft Excel Information Disclosure Vulnerability
MicrosoftMicrosoft Office Excel CVE-2025-59240 Microsoft Excel Information Disclosure Vulnerability
MicrosoftMicrosoft Office SharePoint CVE-2025-62204 Microsoft SharePoint Remote Code Execution Vulnerability
MicrosoftMicrosoft Office Word CVE-2025-62205 Microsoft Office Remote Code Execution Vulnerability
MicrosoftMicrosoft Streaming Service CVE-2025-59514 Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability
MicrosoftMicrosoft Wireless Provisioning System CVE-2025-62218 Microsoft Wireless Provisioning System Elevation of Privilege Vulnerability
MicrosoftMicrosoft Wireless Provisioning System CVE-2025-62219 Microsoft Wireless Provisioning System Elevation of Privilege Vulnerability
MicrosoftMultimedia Class Scheduler Service (MMCSS) CVE-2025-60707 Multimedia Class Scheduler Service (MMCSS) Driver Elevation of Privilege Vulnerability
MicrosoftNuance PowerScribe CVE-2025-30398 Nuance PowerScribe 360 Information Disclosure Vulnerability
MicrosoftOneDrive for Android CVE-2025-60722 Microsoft OneDrive for Android Elevation of Privilege Vulnerability
MicrosoftRole: Windows Hyper-V CVE-2025-60706 Windows Hyper-V Information Disclosure Vulnerability
MicrosoftSQL Server CVE-2025-59499 Microsoft SQL Server Elevation of Privilege Vulnerability
MicrosoftStorvsp.sys Driver CVE-2025-60708 Storvsp.sys Driver Denial of Service Vulnerability
MicrosoftVisual Studio CVE-2025-62214 Visual Studio Remote Code Execution Vulnerability
MicrosoftVisual Studio Code CoPilot Chat Extension CVE-2025-62449 Microsoft Visual Studio Code CoPilot Chat Extension Security Feature Bypass Vulnerability
MicrosoftVisual Studio Code CoPilot Chat Extension CVE-2025-62222 Agentic AI and Visual Studio Code Remote Code Execution Vulnerability
MicrosoftWindows Administrator Protection CVE-2025-60721 Windows Administrator Protection Elevation of Privilege Vulnerability
MicrosoftWindows Administrator Protection CVE-2025-60718 Windows Administrator Protection Elevation of Privilege Vulnerability
MicrosoftWindows Ancillary Function Driver for WinSock CVE-2025-62217 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
MicrosoftWindows Ancillary Function Driver for WinSock CVE-2025-60719 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
MicrosoftWindows Ancillary Function Driver for WinSock CVE-2025-62213 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
MicrosoftWindows Bluetooth RFCOM Protocol Driver CVE-2025-59513 Windows Bluetooth RFCOM Protocol Driver Information Disclosure Vulnerability
MicrosoftWindows Broadcast DVR User Service CVE-2025-59515 Windows Broadcast DVR User Service Elevation of Privilege Vulnerability
MicrosoftWindows Broadcast DVR User Service CVE-2025-60717 Windows Broadcast DVR User Service Elevation of Privilege Vulnerability
MicrosoftWindows Client-Side Caching (CSC) Service CVE-2025-60705 Windows Client-Side Caching Elevation of Privilege Vulnerability
MicrosoftWindows Common Log File System Driver CVE-2025-60709 Windows Common Log File System Driver Elevation of Privilege Vulnerability
MicrosoftWindows DirectX CVE-2025-59506 DirectX Graphics Kernel Elevation of Privilege Vulnerability
MicrosoftWindows DirectX CVE-2025-60716 DirectX Graphics Kernel Elevation of Privilege Vulnerability
MicrosoftWindows DirectX CVE-2025-60723 DirectX Graphics Kernel Denial of Service Vulnerability
MicrosoftWindows Kerberos CVE-2025-60704 Windows Kerberos Elevation of Privilege Vulnerability
MicrosoftWindows Kernel CVE-2025-62215 Windows Kernel Elevation of Privilege Vulnerability
MicrosoftWindows License Manager CVE-2025-62208 Windows License Manager Information Disclosure Vulnerability
MicrosoftWindows License Manager CVE-2025-62209 Windows License Manager Information Disclosure Vulnerability
MicrosoftWindows OLE CVE-2025-60714 Windows OLE Remote Code Execution Vulnerability
MicrosoftWindows Remote Desktop CVE-2025-60703 Windows Remote Desktop Services Elevation of Privilege Vulnerability
MicrosoftWindows Routing and Remote Access Service (RRAS) CVE-2025-62452 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
MicrosoftWindows Routing and Remote Access Service (RRAS) CVE-2025-59510 Windows Routing and Remote Access Service (RRAS) Denial of Service Vulnerability
MicrosoftWindows Routing and Remote Access Service (RRAS) CVE-2025-60715 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
MicrosoftWindows Routing and Remote Access Service (RRAS) CVE-2025-60713 Windows Routing and Remote Access Service (RRAS) Elevation of Privilege Vulnerability
MicrosoftWindows Smart Card CVE-2025-59505 Windows Smart Card Reader Elevation of Privilege Vulnerability
MicrosoftWindows Speech CVE-2025-59507 Windows Speech Runtime Elevation of Privilege Vulnerability
MicrosoftWindows Speech CVE-2025-59508 Windows Speech Recognition Elevation of Privilege Vulnerability
MicrosoftWindows Speech CVE-2025-59509 Windows Speech Recognition Information Disclosure Vulnerability
MicrosoftWindows Subsystem for Linux GUI CVE-2025-62220 Windows Subsystem for Linux GUI Remote Code Execution Vulnerability
MicrosoftWindows TDX.sys CVE-2025-60720 Windows Transport Driver Interface (TDI) Translation Driver Elevation of Privilege Vulnerability
MicrosoftWindows WLAN Service CVE-2025-59511 Windows WLAN Service Elevation of Privilege Vulnerability

CVE-2025-59504 - Azure Monitor Agent Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-59504
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Azure Monitor Agent Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.3/TemporalScore:6.4
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityLow
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Heap-based buffer overflow in Azure Monitor Agent allows an unauthorized attacker to execute code locally.


FAQ:

How can I tell if this issue affects me, and what steps should I take to stay protected?

If you have Azure Monitor Agent extension version 1.37.0 or below you are affected. To protect your device, please upgrade to version 1.37.1 and above.


According to the CVSS metrics, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L), have some effect on integrity (I:L), but a major effect on availability (A:H). What does that mean for this vulnerability?

This means for the vulnerability, while data exposure and tampering are possible, the most significant impact is on system availability—exploitation could crash processes or exhaust memory, disrupting log collection and monitoring services.


According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-59504
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Monitor Release Notes (Security Update) Important Remote Code Execution Base: 7.3
Temporal: 6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H/E:U/RL:O/RC:C
 v1.37.1
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-59504 P1hcn

CVE-2025-59505 - Windows Smart Card Reader Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-59505
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Smart Card Reader Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Double free in Windows Smart Card allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-59505
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1607 for x64-based Systems 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 1809 for x64-based Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows Server 2012 5068907 (Monthly Rollup) Important Elevation of Privilege 5066875
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25768
 Yes None
Windows Server 2012 (Server Core installation) 5068907 (Monthly Rollup) Important Elevation of Privilege 5066875
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25768
 Yes None
Windows Server 2012 R2 5068905 (Monthly Rollup) Important Elevation of Privilege 5066873
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22869
 Yes None
Windows Server 2012 R2 (Server Core installation) 5068905 (Monthly Rollup) Important Elevation of Privilege 5066873
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22869
 Yes None
Windows Server 2016 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2016 (Server Core installation) 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2019 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2019 (Server Core installation) 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2022 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Elevation of Privilege 5066782
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022 (Server Core installation) 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Elevation of Privilege 5066782
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5068779 (Security Update) Important Elevation of Privilege 5066780
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1965
 Yes None
Windows Server 2025 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows Server 2025 (Server Core installation) 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-59505 Anonymous

CVE-2025-59506 - DirectX Graphics Kernel Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-59506
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: DirectX Graphics Kernel Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows DirectX allows an authorized attacker to elevate privileges locally.


FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition.


What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-59506
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1607 for x64-based Systems 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 1809 for x64-based Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows Server 2012 5068907 (Monthly Rollup) Important Elevation of Privilege 5066875
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25768
 Yes None
Windows Server 2012 (Server Core installation) 5068907 (Monthly Rollup) Important Elevation of Privilege 5066875
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25768
 Yes None
Windows Server 2012 R2 5068905 (Monthly Rollup) Important Elevation of Privilege 5066873
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22869
 Yes None
Windows Server 2012 R2 (Server Core installation) 5068905 (Monthly Rollup) Important Elevation of Privilege 5066873
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22869
 Yes None
Windows Server 2016 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2016 (Server Core installation) 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2019 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2019 (Server Core installation) 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2022 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Elevation of Privilege 5066782
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022 (Server Core installation) 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Elevation of Privilege 5066782
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5068779 (Security Update) Important Elevation of Privilege 5066780
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1965
 Yes None
Windows Server 2025 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows Server 2025 (Server Core installation) 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-59506 b2ahex


cyanbamboo

CVE-2025-59507 - Windows Speech Runtime Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-59507
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Speech Runtime Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Speech allows an authorized attacker to elevate privileges locally.


FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition.


What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could elevate from a low integrity level up to a medium integrity level.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-59507
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1607 for x64-based Systems 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 1809 for x64-based Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows Server 2016 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2016 (Server Core installation) 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2019 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2019 (Server Core installation) 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2022 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Elevation of Privilege 5066782
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022 (Server Core installation) 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Elevation of Privilege 5066782
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5068779 (Security Update) Important Elevation of Privilege 5066780
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1965
 Yes None
Windows Server 2025 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows Server 2025 (Server Core installation) 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-59507 Anonymous

CVE-2025-59508 - Windows Speech Recognition Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-59508
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Speech Recognition Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Speech allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could elevate from a low integrity level up to a medium integrity level.


According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-59508
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1607 for x64-based Systems 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 1809 for x64-based Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows Server 2016 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2016 (Server Core installation) 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2019 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2019 (Server Core installation) 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2022 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Elevation of Privilege 5066782
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022 (Server Core installation) 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Elevation of Privilege 5066782
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5068779 (Security Update) Important Elevation of Privilege 5066780
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1965
 Yes None
Windows Server 2025 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows Server 2025 (Server Core installation) 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-59508 Anonymous

CVE-2025-59509 - Windows Speech Recognition Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-59509
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Speech Recognition Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Insertion of sensitive information into sent data in Windows Speech allows an authorized attacker to disclose information locally.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is internal memory pointers. These leaked addresses could help an attacker bypass security protection and facilitate further exploitation.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-59509
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1809 for 32-bit Systems 5068791 (Security Update) Important Information Disclosure 5066586
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 1809 for x64-based Systems 5068791 (Security Update) Important Information Disclosure 5066586
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5068781 (Security Update) Important Information Disclosure 5066791
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5068781 (Security Update) Important Information Disclosure 5066791
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5068781 (Security Update) Important Information Disclosure 5066791
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5068781 (Security Update) Important Information Disclosure 5066791
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5068781 (Security Update) Important Information Disclosure 5066791
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5068781 (Security Update) Important Information Disclosure 5066791
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5068865 (Security Update) Important Information Disclosure 5066793
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5068865 (Security Update) Important Information Disclosure 5066793
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Information Disclosure 5066835
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Information Disclosure 5066835
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Information Disclosure
5066835		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Information Disclosure
5066835		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows Server 2019 5068791 (Security Update) Important Information Disclosure 5066586
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2019 (Server Core installation) 5068791 (Security Update) Important Information Disclosure 5066586
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2022 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Information Disclosure 5066782
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022 (Server Core installation) 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Information Disclosure 5066782
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5068779 (Security Update) Important Information Disclosure 5066780
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.25398.1965
 Yes None
Windows Server 2025 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Information Disclosure 5066835
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows Server 2025 (Server Core installation) 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Information Disclosure 5066835
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-59509 Anonymous

CVE-2025-59510 - Windows Routing and Remote Access Service (RRAS) Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-59510
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Routing and Remote Access Service (RRAS) Denial of Service Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Improper link resolution before file access ('link following') in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to deny service locally.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-59510
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5068864 (Security Update) Important Denial of Service 5066836
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1607 for x64-based Systems 5068864 (Security Update) Important Denial of Service 5066836
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5068791 (Security Update) Important Denial of Service 5066586
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 1809 for x64-based Systems 5068791 (Security Update) Important Denial of Service 5066586
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5068781 (Security Update) Important Denial of Service 5066791
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5068781 (Security Update) Important Denial of Service 5066791
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5068781 (Security Update) Important Denial of Service 5066791
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5068781 (Security Update) Important Denial of Service 5066791
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5068781 (Security Update) Important Denial of Service 5066791
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5068781 (Security Update) Important Denial of Service 5066791
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5068865 (Security Update) Important Denial of Service 5066793
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5068865 (Security Update) Important Denial of Service 5066793
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Denial of Service 5066835
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Denial of Service 5066835
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Denial of Service
5066835		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Denial of Service
5066835		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows Server 2012 R2 5068905 (Monthly Rollup) Important Denial of Service 5066873
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.3.9600.22869
 Yes None
Windows Server 2012 R2 (Server Core installation) 5068905 (Monthly Rollup) Important Denial of Service 5066873
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 6.3.9600.22869
 Yes None
Windows Server 2016 5068864 (Security Update) Important Denial of Service 5066836
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2016 (Server Core installation) 5068864 (Security Update) Important Denial of Service 5066836
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2019 5068791 (Security Update) Important Denial of Service 5066586
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2019 (Server Core installation) 5068791 (Security Update) Important Denial of Service 5066586
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2022 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Denial of Service 5066782
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022 (Server Core installation) 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Denial of Service 5066782
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5068779 (Security Update) Important Denial of Service 5066780
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.25398.1965
 Yes None
Windows Server 2025 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Denial of Service 5066835
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows Server 2025 (Server Core installation) 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Denial of Service 5066835
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-59510 Filip Dragović

CVE-2025-59511 - Windows WLAN Service Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-59511
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows WLAN Service Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

External control of file name or path in Windows WLAN Service allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-59511
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1809 for 32-bit Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 1809 for x64-based Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows Server 2019 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2019 (Server Core installation) 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2022 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Elevation of Privilege 5066782
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022 (Server Core installation) 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Elevation of Privilege 5066782
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5068779 (Security Update) Important Elevation of Privilege 5066780
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1965
 Yes None
Windows Server 2025 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows Server 2025 (Server Core installation) 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-59511 T0


T0

CVE-2025-59512 - Customer Experience Improvement Program (CEIP) Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-59512
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Customer Experience Improvement Program (CEIP) Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Improper access control in Customer Experience Improvement Program (CEIP) allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-59512
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1607 for x64-based Systems 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 1809 for x64-based Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows Server 2012 5068907 (Monthly Rollup) Important Elevation of Privilege 5066875
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25768
 Yes None
Windows Server 2012 (Server Core installation) 5068907 (Monthly Rollup) Important Elevation of Privilege 5066875
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25768
 Yes None
Windows Server 2012 R2 5068905 (Monthly Rollup) Important Elevation of Privilege 5066873
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22869
 Yes None
Windows Server 2012 R2 (Server Core installation) 5068905 (Monthly Rollup) Important Elevation of Privilege 5066873
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22869
 Yes None
Windows Server 2016 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2016 (Server Core installation) 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2019 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2019 (Server Core installation) 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2022 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Elevation of Privilege 5066782
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022 (Server Core installation) 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Elevation of Privilege 5066782
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5068779 (Security Update) Important Elevation of Privilege 5066780
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1965
 Yes None
Windows Server 2025 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows Server 2025 (Server Core installation) 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-59512 T0


T0

CVE-2025-59513 - Windows Bluetooth RFCOM Protocol Driver Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-59513
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Bluetooth RFCOM Protocol Driver Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Out-of-bounds read in Windows Bluetooth RFCOM Protocol Driver allows an authorized attacker to disclose information locally.


FAQ:

According to the CVSS metrics, successful exploitation of this vulnerability could lead to a high loss of confidentiality (C:H), no effect on integrity (I:N) and some loss of availability (A:L). What does that mean for this vulnerability?

An attacker who successfully exploited this use after free vulnerability could view sensitive, previously freed memory heap information (Confidentiality) since the impacted component might be divulged to the attacker.

While the attacker cannot make changes to disclosed information (Integrity), they might be able to force a crash within the function (Availability).


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-59513
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5068864 (Security Update) Important Information Disclosure 5066836
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1607 for x64-based Systems 5068864 (Security Update) Important Information Disclosure 5066836
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5068791 (Security Update) Important Information Disclosure 5066586
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 1809 for x64-based Systems 5068791 (Security Update) Important Information Disclosure 5066586
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5068781 (Security Update) Important Information Disclosure 5066791
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5068781 (Security Update) Important Information Disclosure 5066791
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5068781 (Security Update) Important Information Disclosure 5066791
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5068781 (Security Update) Important Information Disclosure 5066791
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5068781 (Security Update) Important Information Disclosure 5066791
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5068781 (Security Update) Important Information Disclosure 5066791
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5068865 (Security Update) Important Information Disclosure 5066793
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5068865 (Security Update) Important Information Disclosure 5066793
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Information Disclosure 5066835
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Information Disclosure 5066835
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Information Disclosure
5066835		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Information Disclosure
5066835		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Information Disclosure 5066874
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Information Disclosure 5066874
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Information Disclosure 5066874
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Information Disclosure 5066874
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5068904 (Monthly Rollup)
5068908 (Security Only)		 Important Information Disclosure 5066872
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.1.7601.28021
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5068904 (Monthly Rollup)
5068908 (Security Only)		 Important Information Disclosure 5066872
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 6.1.7601.28021
 Yes None
Windows Server 2016 5068864 (Security Update) Important Information Disclosure 5066836
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2016 (Server Core installation) 5068864 (Security Update) Important Information Disclosure 5066836
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2019 5068791 (Security Update) Important Information Disclosure 5066586
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2019 (Server Core installation) 5068791 (Security Update) Important Information Disclosure 5066586
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2022 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Information Disclosure 5066782
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022 (Server Core installation) 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Information Disclosure 5066782
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5068779 (Security Update) Important Information Disclosure 5066780
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.25398.1965
 Yes None
Windows Server 2025 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Information Disclosure 5066835
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows Server 2025 (Server Core installation) 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Information Disclosure 5066835
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-59513 TwinkleStar03 with DEVCORE Internship Program


TwinkleStar03 with DEVCORE Internship Program

CVE-2025-60703 - Windows Remote Desktop Services Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-60703
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Remote Desktop Services Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Untrusted pointer dereference in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-60703
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1607 for x64-based Systems 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 1809 for x64-based Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Elevation of Privilege 5066874
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Elevation of Privilege 5066874
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Elevation of Privilege 5066874
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Elevation of Privilege 5066874
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5068904 (Monthly Rollup)
5068908 (Security Only)		 Important Elevation of Privilege 5066872
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28021
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5068904 (Monthly Rollup)
5068908 (Security Only)		 Important Elevation of Privilege 5066872
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28021
 Yes None
Windows Server 2012 5068907 (Monthly Rollup) Important Elevation of Privilege 5066875
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25768
 Yes None
Windows Server 2012 (Server Core installation) 5068907 (Monthly Rollup) Important Elevation of Privilege 5066875
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25768
 Yes None
Windows Server 2012 R2 5068905 (Monthly Rollup) Important Elevation of Privilege 5066873
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22869
 Yes None
Windows Server 2012 R2 (Server Core installation) 5068905 (Monthly Rollup) Important Elevation of Privilege 5066873
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22869
 Yes None
Windows Server 2016 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2016 (Server Core installation) 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2019 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2019 (Server Core installation) 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2022 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Elevation of Privilege 5066782
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022 (Server Core installation) 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Elevation of Privilege 5066782
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5068779 (Security Update) Important Elevation of Privilege 5066780
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1965
 Yes None
Windows Server 2025 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows Server 2025 (Server Core installation) 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-60703 Jongseong Kim (nevul37) with ENKI WhiteHat


Dongjun Kim (smlijun) with ENKI WhiteHat

CVE-2025-60704 - Windows Kerberos Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-60704
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Kerberos Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Missing cryptographic step in Windows Kerberos allows an unauthorized attacker to elevate privileges over a network.


FAQ:

How could an attacker exploit this vulnerability?

When multiple attack vectors can be used, we assign a score based on the scenario with the higher risk. In one such scenario for this vulnerability, the attacker could convince a victim to connect to an attacker controlled malicious application (for example, SMB) server. Upon connecting, the malicious server could compromise the protocol.


According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

The attacker must inject themselves into the logical network path between the target and the resource requested by the victim to read or modify network communications. This is called a machine-in-the-middle (MITM) attack.


What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker who successfully exploited this vulnerability could gain administrator privileges.


According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?

An unauthorized attacker must wait for a user to initiate a connection.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-60704
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1607 for x64-based Systems 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 1809 for x64-based Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Elevation of Privilege 5066874
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Elevation of Privilege 5066874
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Elevation of Privilege 5066874
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Elevation of Privilege 5066874
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5068904 (Monthly Rollup)
5068908 (Security Only)		 Important Elevation of Privilege 5066872
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28021
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5068904 (Monthly Rollup)
5068908 (Security Only)		 Important Elevation of Privilege 5066872
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28021
 Yes None
Windows Server 2012 5068907 (Monthly Rollup) Important Elevation of Privilege 5066875
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25768
 Yes None
Windows Server 2012 (Server Core installation) 5068907 (Monthly Rollup) Important Elevation of Privilege 5066875
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25768
 Yes None
Windows Server 2012 R2 5068905 (Monthly Rollup) Important Elevation of Privilege 5066873
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22869
 Yes None
Windows Server 2012 R2 (Server Core installation) 5068905 (Monthly Rollup) Important Elevation of Privilege 5066873
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22869
 Yes None
Windows Server 2016 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2016 (Server Core installation) 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2019 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2019 (Server Core installation) 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2022 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Elevation of Privilege 5066782
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022 (Server Core installation) 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Elevation of Privilege 5066782
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5068779 (Security Update) Important Elevation of Privilege 5066780
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1965
 Yes None
Windows Server 2025 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows Server 2025 (Server Core installation) 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-60704 Dor Segal with Silverfort


Eliran Partush with Silverfort

CVE-2025-60705 - Windows Client-Side Caching Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-60705
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Client-Side Caching Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Improper access control in Windows Client-Side Caching (CSC) Service allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker who successfully exploited this vulnerability could gain administrator privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-60705
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1607 for x64-based Systems 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 1809 for x64-based Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Elevation of Privilege 5066874
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Elevation of Privilege 5066874
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Elevation of Privilege 5066874
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Elevation of Privilege 5066874
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5068904 (Monthly Rollup)
5068908 (Security Only)		 Important Elevation of Privilege 5066872
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28021
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5068904 (Monthly Rollup)
5068908 (Security Only)		 Important Elevation of Privilege 5066872
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28021
 Yes None
Windows Server 2012 5068907 (Monthly Rollup) Important Elevation of Privilege 5066875
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25768
 Yes None
Windows Server 2012 (Server Core installation) 5068907 (Monthly Rollup) Important Elevation of Privilege 5066875
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25768
 Yes None
Windows Server 2012 R2 5068905 (Monthly Rollup) Important Elevation of Privilege 5066873
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22869
 Yes None
Windows Server 2012 R2 (Server Core installation) 5068905 (Monthly Rollup) Important Elevation of Privilege 5066873
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22869
 Yes None
Windows Server 2016 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2016 (Server Core installation) 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2019 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2019 (Server Core installation) 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2022 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Elevation of Privilege 5066782
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022 (Server Core installation) 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Elevation of Privilege 5066782
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5068779 (Security Update) Important Elevation of Privilege 5066780
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1965
 Yes None
Windows Server 2025 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows Server 2025 (Server Core installation) 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-60705 T0


T0

CVE-2025-60706 - Windows Hyper-V Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-60706
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Hyper-V Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Out-of-bounds read in Windows Hyper-V allows an authorized attacker to disclose information locally.


FAQ:

What type of information could be disclosed by this vulnerability?

An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-60706
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for x64-based Systems 5068864 (Security Update) Important Information Disclosure 5066836
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1809 for x64-based Systems 5068791 (Security Update) Important Information Disclosure 5066586
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5068781 (Security Update) Important Information Disclosure 5066791
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5068781 (Security Update) Important Information Disclosure 5066791
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5068865 (Security Update) Important Information Disclosure 5066793
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5068865 (Security Update) Important Information Disclosure 5066793
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Information Disclosure 5066835
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Information Disclosure 5066835
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Information Disclosure
5066835		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Information Disclosure
5066835		 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows Server 2016 5068864 (Security Update) Important Information Disclosure 5066836
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2016 (Server Core installation) 5068864 (Security Update) Important Information Disclosure 5066836
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2019 5068791 (Security Update) Important Information Disclosure 5066586
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2019 (Server Core installation) 5068791 (Security Update) Important Information Disclosure 5066586
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2022 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Information Disclosure 5066782
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022 (Server Core installation) 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Information Disclosure 5066782
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5068779 (Security Update) Important Information Disclosure 5066780
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.25398.1965
 Yes None
Windows Server 2025 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Information Disclosure 5066835
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows Server 2025 (Server Core installation) 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Information Disclosure 5066835
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-60706 pwnky


pwnky

CVE-2025-60707 - Multimedia Class Scheduler Service (MMCSS) Driver Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-60707
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Multimedia Class Scheduler Service (MMCSS) Driver Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Multimedia Class Scheduler Service (MMCSS) allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-60707
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1809 for 32-bit Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 1809 for x64-based Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows Server 2019 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2019 (Server Core installation) 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2022 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Elevation of Privilege 5066782
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022 (Server Core installation) 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Elevation of Privilege 5066782
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5068779 (Security Update) Important Elevation of Privilege 5066780
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1965
 Yes None
Windows Server 2025 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows Server 2025 (Server Core installation) 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-60707 hazard


hazard

CVE-2025-60708 - Storvsp.sys Driver Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-60708
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Storvsp.sys Driver Denial of Service Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.5/TemporalScore:5.7
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeChanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Untrusted pointer dereference in Storvsp.sys Driver allows an authorized attacker to deny service locally.


FAQ:

According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

In this case, a successful attack could be performed from a low privilege Hyper-V guest. The attacker could traverse the guest's security boundary to cause denial of service on the Hyper-V host environment.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-60708
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for x64-based Systems 5068864 (Security Update) Important Denial of Service 5066836
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1809 for x64-based Systems 5068791 (Security Update) Important Denial of Service 5066586
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5068781 (Security Update) Important Denial of Service 5066791
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5068781 (Security Update) Important Denial of Service 5066791
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5068865 (Security Update) Important Denial of Service 5066793
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5068865 (Security Update) Important Denial of Service 5066793
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Denial of Service 5066835
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Denial of Service 5066835
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Denial of Service
5066835		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Denial of Service
5066835		 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows Server 2016 5068864 (Security Update) Important Denial of Service 5066836
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2016 (Server Core installation) 5068864 (Security Update) Important Denial of Service 5066836
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2019 5068791 (Security Update) Important Denial of Service 5066586
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2019 (Server Core installation) 5068791 (Security Update) Important Denial of Service 5066586
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2022 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Denial of Service 5066782
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022 (Server Core installation) 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Denial of Service 5066782
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5068779 (Security Update) Important Denial of Service 5066780
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.25398.1965
 Yes None
Windows Server 2025 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Denial of Service 5066835
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows Server 2025 (Server Core installation) 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Denial of Service 5066835
 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-60708 Valter Wik with Cparta Cyber Defense AB


Valter Mann with Cparta Cyber Defense AB

CVE-2025-60709 - Windows Common Log File System Driver Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-60709
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Out-of-bounds read in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-60709
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1607 for x64-based Systems 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 1809 for x64-based Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26100.7171
10.0.26100.7092		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26100.7171
10.0.26100.7092		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26200.7171

10.0.26200.7092		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26200.7171

10.0.26200.7092		 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Elevation of Privilege 5066874
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Elevation of Privilege 5066874
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Elevation of Privilege 5066874
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Elevation of Privilege 5066874
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5068904 (Monthly Rollup)
5068908 (Security Only)		 Important Elevation of Privilege 5066872
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28021
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5068904 (Monthly Rollup)
5068908 (Security Only)		 Important Elevation of Privilege 5066872
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28021
 Yes None
Windows Server 2012 5068907 (Monthly Rollup) Important Elevation of Privilege 5066875
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25768
 Yes None
Windows Server 2012 (Server Core installation) 5068907 (Monthly Rollup) Important Elevation of Privilege 5066875
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25768
 Yes None
Windows Server 2012 R2 5068905 (Monthly Rollup) Important Elevation of Privilege 5066873
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22869
 Yes None
Windows Server 2012 R2 (Server Core installation) 5068905 (Monthly Rollup) Important Elevation of Privilege 5066873
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22869
 Yes None
Windows Server 2016 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2016 (Server Core installation) 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2019 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2019 (Server Core installation) 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2022 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Elevation of Privilege 5066782
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022 (Server Core installation) 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Elevation of Privilege 5066782
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5068779 (Security Update) Important Elevation of Privilege 5066780
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1965
 Yes None
Windows Server 2025 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26100.7171
10.0.26100.7092		 Yes None
Windows Server 2025 (Server Core installation) 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26100.7171
10.0.26100.7092		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-60709 Anonymous with Trend Zero Day Initiative


Anonymous with Trend Zero Day Initiative

CVE-2025-60710 - Host Process for Windows Tasks Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-60710
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Host Process for Windows Tasks Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-60710
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 11 Version 25H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26200.7171

10.0.26200.7092		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26200.7171

10.0.26200.7092		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-60710 Filip Dragović


Filip Dragović

CVE-2025-60726 - Microsoft Excel Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-60726
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Excel Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.1/TemporalScore:6.2
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.


FAQ:

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker must send the user a malicious file and convince them to open it.


What type of information could be disclosed by this vulnerability?

An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory.


Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software?

Yes. Customers should apply all updates offered for the software installed on their systems. If multiple updates apply, they can be installed in any order.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-60726
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Information Disclosure Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Information Disclosure Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Excel 2016 (32-bit edition) 5002811 (Security Update)
5002810 (Security Update)		 Important Information Disclosure 5002794

5002757		 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C
 16.0.5526.1002

16.0.5526.1003		 Maybe None
Microsoft Excel 2016 (64-bit edition) 5002811 (Security Update)
5002810 (Security Update)		 Important Information Disclosure 5002794

5002757		 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C
 16.0.5526.1002

16.0.5526.1003		 Maybe None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Information Disclosure Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Information Disclosure Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Important Information Disclosure Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Important Information Disclosure Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 32-bit editions Click to Run (Security Update) Important Information Disclosure Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 64-bit editions Click to Run (Security Update) Important Information Disclosure Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Office Online Server 5002801 (Security Update) Important Information Disclosure 5002797
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C
 16.0.10417.20068
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-60726 @dnpushme & Zhiniang Peng with HUST & @sat0rn3

CVE-2025-60727 - Microsoft Excel Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-60727
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Excel Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.


FAQ:

According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker must send the user a malicious file and convince them to open it.


Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software?

Yes. Customers should apply all updates offered for the software installed on their systems. If multiple updates apply, they can be installed in any order.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-60727
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Excel 2016 (32-bit edition) 5002811 (Security Update)
5002810 (Security Update)		 Important Remote Code Execution 5002794

5002757		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5526.1002

16.0.5526.1003		 Maybe None
Microsoft Excel 2016 (64-bit edition) 5002811 (Security Update)
5002810 (Security Update)		 Important Remote Code Execution 5002794

5002757		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5526.1002

16.0.5526.1003		 Maybe None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Office Online Server 5002801 (Security Update) Important Remote Code Execution 5002797
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.10417.20068
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-60727 wh1tc in Kunlun lab & devoke & Zhiniang Peng with HUST

CVE-2025-60728 - Microsoft Excel Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-60728
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Excel Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:4.3/TemporalScore:3.8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityLow
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network.


FAQ:

What type of information could be disclosed by this vulnerability?

An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory.


According to the CVSS metrics, successful exploitation of this vulnerability could lead to no loss of confidentiality (C:N), with minor loss of integrity (I:N) and availability (A:L). What does that mean for this vulnerability?

While we cannot rule out the impact to Confidentiality, Integrity, and Availability, the ability to exploit this vulnerability by itself is limited. An attacker would need to combine this with other vulnerabilities to perform an attack.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker must send the user a malicious file and convince them to open it.


Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-60728
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Information Disclosure Base: 4.3
Temporal: 3.8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Information Disclosure Base: 4.3
Temporal: 3.8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 32-bit editions Click to Run (Security Update) Important Information Disclosure Base: 4.3
Temporal: 3.8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 64-bit editions Click to Run (Security Update) Important Information Disclosure Base: 4.3
Temporal: 3.8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC for Mac 2024 Release Notes (Security Update) Important Information Disclosure Base: 4.3
Temporal: 3.8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C
 16.103.25110922
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-60728 boolgombear

CVE-2025-62199 - Microsoft Office Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62199
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Office Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.


FAQ:

According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker must send the user a malicious file and convince them to open it.


Is the Preview Pane an attack vector for this vulnerability?

Yes, the Preview Pane is an attack vector.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62199
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Critical Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Critical Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2016 (32-bit edition) 5002809 (Security Update) Critical Remote Code Execution 5002792
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5526.1000
 Maybe None
Microsoft Office 2016 (64-bit edition) 5002809 (Security Update) Critical Remote Code Execution 5002792
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5526.1000
 Maybe None
Microsoft Office for Android Release Notes (Security Update) Critical Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.19426.20044
 Maybe None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 32-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 64-bit editions Click to Run (Security Update) Critical Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC for Mac 2021 Release Notes (Security Update) Critical Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.103.25110922
 Maybe None
Microsoft Office LTSC for Mac 2024 Release Notes (Security Update) Critical Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.103.25110922
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62199 Li Shuang, willJ and Guang Gong with Vulnerability Research Institute

CVE-2025-62206 - Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62206
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.5/TemporalScore:5.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Exposure of sensitive information to an unauthorized actor in Microsoft Dynamics 365 (on-premises) allows an unauthorized attacker to disclose information over a network.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is sensitive information.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

The user would have to click on a specially crafted URL to be compromised by the attacker, and navigate to a malicious site where malicious code would execute a series of specially crafted queries.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62206
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Dynamics 365 (on-premises) version 9.1 XXXXXXX (Security Update) Important Information Disclosure Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 9.1.XX
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62206 Ha Anh Hoang with Viettel Cyber Security

CVE-2025-62210 - Dynamics 365 Field Service (online) Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62210
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Dynamics 365 Field Service (online) Spoofing Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.7/TemporalScore:7.6
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365 Field Service (online) allows an authorized attacker to perform spoofing over a network.


FAQ:

What actions do customers need to take to protect themselves from this vulnerability?

Customers running Dynamics 365 Field Service (online) need to go to the Power Platform admin center and apply the updates. See Update apps and solutions for more information about updating your Field Service app.


According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

The vulnerability is in the web server, but the malicious scripts execute in the victim’s browser on their machine.


According to the CVSS metric, user interaction is required (UI:R) and privileges required is low (PR:L). What does that mean for this vulnerability?

An authorized attacker must send the user a malicious link and convince the user to open it.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62210
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Dynamics 365 Field Service (online) Release Notes (Security Update) Important Spoofing Base: 8.7
Temporal: 7.6
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C
 8.8.139.398
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62210 Brad Schlintz (nmdhkr)

CVE-2025-62216 - Microsoft Office Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62216
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Office Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.


FAQ:

Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker must send the user a malicious file and convince them to open it.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62216
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62216 Haifei Li with EXPMON

CVE-2025-60719 - Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-60719
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.


FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition.


What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-60719
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1607 for x64-based Systems 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 1809 for x64-based Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Elevation of Privilege 5066874
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Elevation of Privilege 5066874
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Elevation of Privilege 5066874
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Elevation of Privilege 5066874
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5068904 (Monthly Rollup)
5068908 (Security Only)		 Important Elevation of Privilege 5066872
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28021
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5068904 (Monthly Rollup)
5068908 (Security Only)		 Important Elevation of Privilege 5066872
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28021
 Yes None
Windows Server 2012 5068907 (Monthly Rollup) Important Elevation of Privilege 5066875
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25768
 Yes None
Windows Server 2012 (Server Core installation) 5068907 (Monthly Rollup) Important Elevation of Privilege 5066875
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25768
 Yes None
Windows Server 2012 R2 5068905 (Monthly Rollup) Important Elevation of Privilege 5066873
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22869
 Yes None
Windows Server 2012 R2 (Server Core installation) 5068905 (Monthly Rollup) Important Elevation of Privilege 5066873
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22869
 Yes None
Windows Server 2016 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2016 (Server Core installation) 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2019 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2019 (Server Core installation) 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2022 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Elevation of Privilege 5066782
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022 (Server Core installation) 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Elevation of Privilege 5066782
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5068779 (Security Update) Important Elevation of Privilege 5066780
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1965
 Yes None
Windows Server 2025 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows Server 2025 (Server Core installation) 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-60719 Angelboy (@scwuaptx) with DEVCORE

CVE-2025-60722 - Microsoft OneDrive for Android Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-60722
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft OneDrive for Android Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.5/TemporalScore:5.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityHigh
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Improper limitation of a pathname to a restricted directory ('path traversal') in OneDrive for Android allows an authorized attacker to elevate privileges over a network.


FAQ:

What privileges could an attacker gain with successful exploitation?

An attacker who successfully exploited this vulnerability could gain unauthorized access to system resources, potentially allowing them to perform actions with the same privileges as the compromised process.

This could lead to further system compromise and unauthorized actions within the network.


According to the CVSS metrics, successful exploitation of this vulnerability could lead to major loss of confidentiality (C:H) and major loss of integrity (I:H) but have no effect on availability (A:N). What does that mean for this vulnerability?

Exploiting this vulnerability could allow an attacker to disclose files and modify data, but the attacker cannot impact the Availability of the system.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-60722
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
OneDrive for Android App Store (Security Update) Important Elevation of Privilege Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C
 7.42
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-60722 Vo Van Thong with VNGGames

CVE-2025-62217 - Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62217
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.


FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition.


What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62217
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1607 for x64-based Systems 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 1809 for x64-based Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Elevation of Privilege 5066874
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Elevation of Privilege 5066874
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Elevation of Privilege 5066874
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Elevation of Privilege 5066874
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5068904 (Monthly Rollup)
5068908 (Security Only)		 Important Elevation of Privilege 5066872
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28021
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5068904 (Monthly Rollup)
5068908 (Security Only)		 Important Elevation of Privilege 5066872
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28021
 Yes None
Windows Server 2012 5068907 (Monthly Rollup) Important Elevation of Privilege 5066875
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25768
 Yes None
Windows Server 2012 (Server Core installation) 5068907 (Monthly Rollup) Important Elevation of Privilege 5066875
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25768
 Yes None
Windows Server 2012 R2 5068905 (Monthly Rollup) Important Elevation of Privilege 5066873
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22869
 Yes None
Windows Server 2012 R2 (Server Core installation) 5068905 (Monthly Rollup) Important Elevation of Privilege 5066873
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22869
 Yes None
Windows Server 2016 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2016 (Server Core installation) 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2019 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2019 (Server Core installation) 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2022 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Elevation of Privilege 5066782
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022 (Server Core installation) 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Elevation of Privilege 5066782
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5068779 (Security Update) Important Elevation of Privilege 5066780
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1965
 Yes None
Windows Server 2025 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows Server 2025 (Server Core installation) 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62217 Angelboy (@scwuaptx) with DEVCORE

CVE-2025-62218 - Microsoft Wireless Provisioning System Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62218
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Wireless Provisioning System Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Wireless Provisioning System allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62218
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1607 for x64-based Systems 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 1809 for x64-based Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26100.7171
10.0.26100.7092		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26100.7171
10.0.26100.7092		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26200.7171

10.0.26200.7092		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26200.7171

10.0.26200.7092		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62218 None

CVE-2025-62219 - Microsoft Wireless Provisioning System Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62219
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Wireless Provisioning System Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Double free in Microsoft Wireless Provisioning System allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62219
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1607 for x64-based Systems 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 1809 for x64-based Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26100.7171
10.0.26100.7092		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26100.7171
10.0.26100.7092		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26200.7171

10.0.26200.7092		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26200.7171

10.0.26200.7092		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62219 Anonymous

CVE-2025-62220 - Windows Subsystem for Linux GUI Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62220
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Subsystem for Linux GUI Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Heap-based buffer overflow in Windows Subsystem for Linux GUI allows an unauthorized attacker to execute code over a network.


FAQ:

Where do I find installation steps for WSL and WSLg?

If you have an existing WSL installation without WSLg and want to update to the latest version of WSL which includes WSLg, run the command wsl --update from an elevated command prompt.

To learn more visit the GitHub Repo.


According to the CVSS metric, the attack vector is network (AV:N) and the user interaction is required (UI:R). How could an attacker exploit this vulnerability?

A vulnerability in the Remote Desktop client can lead to remote code execution in the Windows host process (msrdc.exe). While the typical scenario involves local communication between a Windows host and a Linux VM, the attack vector is Network (AV:N) because it relies on a network protocol.

Although user interaction is required, the risk extends beyond local use: the client supports loading plugins via the /plugin option, and the protocol is open source. This means a crafted attack could potentially be delivered remotely if an attacker can interact with the protocol.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62220
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Subsystem for Linux GUI Release Notes 2.6.2 Microsoft WSL (Security Update) Important Remote Code Execution Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 2.6.2
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62220 YingQi Shi (@Mas0n) with DBAPPSecurity WeBin Lab

CVE-2025-12729 - Chromium: CVE-2025-12729 Inappropriate implementation in Omnibox

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-12729
MITRE
NVD

Issuing CNA: Chrome

 CVE Title: Chromium: CVE-2025-12729 Inappropriate implementation in Omnibox
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release? ​ | Microsoft Edge Version | Date Released | Based on Chromium Version | | ----- | ----- | ----- | | 142.0.3595.66 | 11/10/2025 | 142.0.7444.135 |


Mitigations:
None
Workarounds:
None
Revision:
1.0    10-Nov-25    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-12729
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 142.0.3595.66
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-12729 None

CVE-2025-12726 - Chromium: CVE-2025-12726 Inappropriate implementation in Views.

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-12726
MITRE
NVD

Issuing CNA: Chrome

 CVE Title: Chromium: CVE-2025-12726 Inappropriate implementation in Views.
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release? ​ | Microsoft Edge Version | Date Released | Based on Chromium Version | | ----- | ----- | ----- | | 142.0.3595.65 | 11/6/2025 | 142.0.7444.134/.135 |


Mitigations:
None
Workarounds:
None
Revision:
1.0    06-Nov-25    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-12726
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 142.0.3595.65
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-12726 None

CVE-2025-12727 - Chromium: CVE-2025-12727 Inappropriate implementation in V8

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-12727
MITRE
NVD

Issuing CNA: Chrome

 CVE Title: Chromium: CVE-2025-12727 Inappropriate implementation in V8
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release? ​ | Microsoft Edge Version | Date Released | Based on Chromium Version | | ----- | ----- | ----- | | 142.0.3595.66 | 11/10/2025 | 142.0.7444.135 |


There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software?

Yes. Customers should apply all updates offered for the software installed on their systems.


What is the version information for this release? ​ | Microsoft Edge Version | Date Released | Based on Chromium Version | | ----- | ----- | ----- | | 142.0.3595.65 | 11/6/2025 | 142.0.7444.134/.135 |


Mitigations:
None
Workarounds:
None
Revision:
1.0    06-Nov-25    

Information published.


2.1    10-Nov-25    

Added FAQ information. This is an informational change only.


2.0    10-Nov-25    

Affected software updated with new package information.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-12727
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update)
Release Notes (Security Update)		 Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 142.0.3595.65

142.0.3595.66		 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-12727 None

CVE-2025-12728 - Chromium: CVE-2025-12728 Inappropriate implementation in Omnibox

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-12728
MITRE
NVD

Issuing CNA: Chrome

 CVE Title: Chromium: CVE-2025-12728 Inappropriate implementation in Omnibox
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release? ​ | Microsoft Edge Version | Date Released | Based on Chromium Version | | ----- | ----- | ----- | | 142.0.3595.66 | 11/10/2025 | 142.0.7444.135 |


Mitigations:
None
Workarounds:
None
Revision:
1.0    10-Nov-25    

Information published.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-12728
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update) Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 142.0.3595.66
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-12728 None

CVE-2025-12725 - Chromium: CVE-2025-12725 Out of bounds write in WebGPU

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-12725
MITRE
NVD

Issuing CNA: Chrome

 CVE Title: Chromium: CVE-2025-12725 Out of bounds write in WebGPU
CVSS:
None
Executive Summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.


FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release? ​ | Microsoft Edge Version | Date Released | Based on Chromium Version | | ----- | ----- | ----- | | 142.0.3595.66 | 11/10/2025 | 142.0.7444.135 |


There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software?

Yes. Customers should apply all updates offered for the software installed on their systems.


What is the version information for this release? ​ | Microsoft Edge Version | Date Released | Based on Chromium Version | | ----- | ----- | ----- | | 142.0.3595.65 | 11/6/2025 | 142.0.7444.134/.135 |


Mitigations:
None
Workarounds:
None
Revision:
1.0    06-Nov-25    

Information published.


2.1    10-Nov-25    

Added FAQ information. This is an informational change only.


2.0    10-Nov-25    

Affected software updated with new package information.


 Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-12725
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Edge (Chromium-based) Release Notes (Security Update)
Release Notes (Security Update)		 Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
 142.0.3595.65

142.0.3595.66		 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-12725 None

CVE-2025-62452 - Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62452
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.0/TemporalScore:7.0
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.


FAQ:

According to the CVSS metric, the attack vector is network (AV:N), user interaction is required (UI:R), and privileges required are none (PR:N). What does that mean for this vulnerability?

Exploitation of this vulnerability requires an unauthorized attacker to wait for a user to initiate a connection to a malicious server that the attacker has set up prior to the user connecting.


How could an attacker exploit this vulnerability?

An attacker authenticated on the domain could exploit this vulnerability by tricking a domain-joined user into sending a request to a malicious server via the Routing and Remote Access Service (RRAS) Snap-in. This could result in the server returning malicious data that might cause arbitrary code execution on the user's system.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62452
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5068864 (Security Update) Important Remote Code Execution 5066836
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1607 for x64-based Systems 5068864 (Security Update) Important Remote Code Execution 5066836
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5068791 (Security Update) Important Remote Code Execution 5066586
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 1809 for x64-based Systems 5068791 (Security Update) Important Remote Code Execution 5066586
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5068781 (Security Update) Important Remote Code Execution 5066791
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5068781 (Security Update) Important Remote Code Execution 5066791
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5068781 (Security Update) Important Remote Code Execution 5066791
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5068781 (Security Update) Important Remote Code Execution 5066791
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5068781 (Security Update) Important Remote Code Execution 5066791
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5068781 (Security Update) Important Remote Code Execution 5066791
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5068865 (Security Update) Important Remote Code Execution 5066793
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5068865 (Security Update) Important Remote Code Execution 5066793
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Remote Code Execution 5066835
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Remote Code Execution 5066835
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Remote Code Execution
5066835		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Remote Code Execution
5066835		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Remote Code Execution 5066874
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Remote Code Execution 5066874
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Remote Code Execution 5066874
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Remote Code Execution 5066874
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5068904 (Monthly Rollup)
5068908 (Security Only)		 Important Remote Code Execution 5066872
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28021
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5068904 (Monthly Rollup)
5068908 (Security Only)		 Important Remote Code Execution 5066872
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28021
 Yes None
Windows Server 2012 5068907 (Monthly Rollup) Important Remote Code Execution 5066875
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25768
 Yes None
Windows Server 2012 (Server Core installation) 5068907 (Monthly Rollup) Important Remote Code Execution 5066875
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25768
 Yes None
Windows Server 2012 R2 5068905 (Monthly Rollup) Important Remote Code Execution 5066873
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22869
 Yes None
Windows Server 2012 R2 (Server Core installation) 5068905 (Monthly Rollup) Important Remote Code Execution 5066873
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22869
 Yes None
Windows Server 2016 5068864 (Security Update) Important Remote Code Execution 5066836
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2016 (Server Core installation) 5068864 (Security Update) Important Remote Code Execution 5066836
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2019 5068791 (Security Update) Important Remote Code Execution 5066586
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2019 (Server Core installation) 5068791 (Security Update) Important Remote Code Execution 5066586
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2022 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Remote Code Execution 5066782
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022 (Server Core installation) 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Remote Code Execution 5066782
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5068779 (Security Update) Important Remote Code Execution 5066780
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1965
 Yes None
Windows Server 2025 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Remote Code Execution 5066835
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows Server 2025 (Server Core installation) 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Remote Code Execution 5066835
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62452 Anonymous

CVE-2025-59240 - Microsoft Excel Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-59240
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Excel Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Exposure of sensitive information to an unauthorized actor in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.


FAQ:

What type of information could be disclosed by this vulnerability?

An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker must send the user a malicious file and convince them to open it.


Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-59240
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Information Disclosure Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Information Disclosure Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Excel 2016 (32-bit edition) 5002811 (Security Update) Important Information Disclosure 5002794
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 16.0.5526.1002
 Maybe None
Microsoft Excel 2016 (64-bit edition) 5002811 (Security Update) Important Information Disclosure 5002794
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 16.0.5526.1002
 Maybe None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Information Disclosure Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Information Disclosure Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Important Information Disclosure Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Important Information Disclosure Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 32-bit editions Click to Run (Security Update) Important Information Disclosure Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 64-bit editions Click to Run (Security Update) Important Information Disclosure Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-59240 Felix B.


Felix B.


Felix B.

CVE-2025-47179 - Configuration Manager Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-47179
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Configuration Manager Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.7/TemporalScore:5.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Improper access control in Microsoft Configuration Manager allows an authorized attacker to elevate privileges locally.


FAQ:

How could an attacker exploit this vulnerability?

An attacker with access to any user account assigned the built-in CMPivot Administrator security role could exploit this vulnerability by escalating privileges. Specifically, they could assign themselves—or another account—the Full Administrator role (or any other elevated role), or modify existing role permissions. This would allow them to bypass intended security boundaries and gain unrestricted access across the hierarchy.


What privileges could be gained by an attacker who successfully exploited the vulnerability?

An authorized attacker who successfully exploited this vulnerability could gain configuration manager administrator privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-47179
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Configuration Manager 2403 Release Notes (Security Update) Important Elevation of Privilege Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 5.00.9128.1037
 No None
Microsoft Configuration Manager 2409 Release Notes (Security Update) Important Elevation of Privilege Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 5.00.9132.1031
 No None
Microsoft Configuration Manager 2503 Release Notes (Security Update) Important Elevation of Privilege Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 5.0.9135.1013
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-47179 Chris Thompson with SpecterOps

CVE-2025-59514 - Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-59514
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Improper privilege management in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-59514
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1607 for x64-based Systems 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 1809 for x64-based Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Elevation of Privilege 5066874
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Elevation of Privilege 5066874
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Elevation of Privilege 5066874
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Elevation of Privilege 5066874
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5068904 (Monthly Rollup)
5068908 (Security Only)		 Important Elevation of Privilege 5066872
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28021
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5068904 (Monthly Rollup)
5068908 (Security Only)		 Important Elevation of Privilege 5066872
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28021
 Yes None
Windows Server 2012 5068907 (Monthly Rollup) Important Elevation of Privilege 5066875
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25768
 Yes None
Windows Server 2012 (Server Core installation) 5068907 (Monthly Rollup) Important Elevation of Privilege 5066875
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25768
 Yes None
Windows Server 2012 R2 5068905 (Monthly Rollup) Important Elevation of Privilege 5066873
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22869
 Yes None
Windows Server 2012 R2 (Server Core installation) 5068905 (Monthly Rollup) Important Elevation of Privilege 5066873
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22869
 Yes None
Windows Server 2016 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2016 (Server Core installation) 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2019 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2019 (Server Core installation) 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2022 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Elevation of Privilege 5066782
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022 (Server Core installation) 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Elevation of Privilege 5066782
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5068779 (Security Update) Important Elevation of Privilege 5066780
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1965
 Yes None
Windows Server 2025 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows Server 2025 (Server Core installation) 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-59514 T0


T0

CVE-2025-59515 - Windows Broadcast DVR User Service Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-59515
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Broadcast DVR User Service Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Windows Broadcast DVR User Service allows an authorized attacker to elevate privileges locally.


FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition.


What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-59515
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1809 for 32-bit Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 1809 for x64-based Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows Server 2019 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2019 (Server Core installation) 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5068779 (Security Update) Important Elevation of Privilege 5066780
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1965
 Yes None
Windows Server 2025 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows Server 2025 (Server Core installation) 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-59515 Jongseong Kim (nevul37), SEC-agent team with ENKI WhiteHat


Jongseong Kim (nevul37), SEC-agent team with ENKI WhiteHat


Hwiwon Lee (hwiwonl), SEC-agent team

CVE-2025-60713 - Windows Routing and Remote Access Service (RRAS) Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-60713
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Routing and Remote Access Service (RRAS) Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Untrusted pointer dereference in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-60713
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows Server 2016 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2016 (Server Core installation) 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2019 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2019 (Server Core installation) 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2022 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Elevation of Privilege 5066782
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022 (Server Core installation) 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Elevation of Privilege 5066782
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5068779 (Security Update) Important Elevation of Privilege 5066780
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1965
 Yes None
Windows Server 2025 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows Server 2025 (Server Core installation) 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-60713 Ezrak1e


Ezrak1e

CVE-2025-60714 - Windows OLE Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-60714
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows OLE Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Heap-based buffer overflow in Windows OLE allows an unauthorized attacker to execute code locally.


FAQ:

According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

Exploitation of the vulnerability requires that a user open a specially crafted file.

  • In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file.
  • In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) containing a specially crafted file designed to exploit the vulnerability.

An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-60714
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5068864 (Security Update) Important Remote Code Execution 5066836
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1607 for x64-based Systems 5068864 (Security Update) Important Remote Code Execution 5066836
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5068791 (Security Update) Important Remote Code Execution 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 1809 for x64-based Systems 5068791 (Security Update) Important Remote Code Execution 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5068781 (Security Update) Important Remote Code Execution 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5068781 (Security Update) Important Remote Code Execution 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5068781 (Security Update) Important Remote Code Execution 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5068781 (Security Update) Important Remote Code Execution 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5068781 (Security Update) Important Remote Code Execution 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5068781 (Security Update) Important Remote Code Execution 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5068865 (Security Update) Important Remote Code Execution 5066793
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5068865 (Security Update) Important Remote Code Execution 5066793
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Remote Code Execution 5066874
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Remote Code Execution 5066874
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Remote Code Execution 5066874
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Remote Code Execution 5066874
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5068904 (Monthly Rollup)
5068908 (Security Only)		 Important Remote Code Execution 5066872
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28021
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5068904 (Monthly Rollup)
5068908 (Security Only)		 Important Remote Code Execution 5066872
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28021
 Yes None
Windows Server 2012 5068907 (Monthly Rollup) Important Remote Code Execution 5066875
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25768
 Yes None
Windows Server 2012 (Server Core installation) 5068907 (Monthly Rollup) Important Remote Code Execution 5066875
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25768
 Yes None
Windows Server 2012 R2 5068905 (Monthly Rollup) Important Remote Code Execution 5066873
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22869
 Yes None
Windows Server 2012 R2 (Server Core installation) 5068905 (Monthly Rollup) Important Remote Code Execution 5066873
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22869
 Yes None
Windows Server 2016 5068864 (Security Update) Important Remote Code Execution 5066836
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2016 (Server Core installation) 5068864 (Security Update) Important Remote Code Execution 5066836
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2019 5068791 (Security Update) Important Remote Code Execution 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2019 (Server Core installation) 5068791 (Security Update) Important Remote Code Execution 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2022 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Remote Code Execution 5066782
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022 (Server Core installation) 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Remote Code Execution 5066782
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5068779 (Security Update) Important Remote Code Execution 5066780
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1965
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-60714 Rocco Calvi (@TecR0c) with TecSecurity


Rocco Calvi (@TecR0c) with TecSecurity

CVE-2025-60715 - Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-60715
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.0/TemporalScore:7.0
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.


FAQ:

According to the CVSS metric, the attack vector is network (AV:N), user interaction is required (UI:R), and privileges required are low (PR:L). What does that mean for this vulnerability?

Exploitation of this vulnerability requires an authorized attacker on the domain to wait for a user to initiate a connection to a malicious server that the attacker has set up prior to the user connecting.


How could an attacker exploit this vulnerability?

An attacker authenticated on the domain could exploit this vulnerability by tricking a domain-joined user into sending a request to a malicious server via the Routing and Remote Access Service (RRAS) Snap-in. This could result in the server returning malicious data that might cause arbitrary code execution on the user's system.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-60715
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5068864 (Security Update) Important Remote Code Execution 5066836
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1607 for x64-based Systems 5068864 (Security Update) Important Remote Code Execution 5066836
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5068791 (Security Update) Important Remote Code Execution 5066586
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 1809 for x64-based Systems 5068791 (Security Update) Important Remote Code Execution 5066586
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5068781 (Security Update) Important Remote Code Execution 5066791
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5068781 (Security Update) Important Remote Code Execution 5066791
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5068781 (Security Update) Important Remote Code Execution 5066791
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5068781 (Security Update) Important Remote Code Execution 5066791
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5068781 (Security Update) Important Remote Code Execution 5066791
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5068781 (Security Update) Important Remote Code Execution 5066791
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5068865 (Security Update) Important Remote Code Execution 5066793
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5068865 (Security Update) Important Remote Code Execution 5066793
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Remote Code Execution 5066835
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Remote Code Execution 5066835
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Remote Code Execution
5066835		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Remote Code Execution
5066835		 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Remote Code Execution 5066874
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Remote Code Execution 5066874
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Remote Code Execution 5066874
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Remote Code Execution 5066874
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5068904 (Monthly Rollup)
5068908 (Security Only)		 Important Remote Code Execution 5066872
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28021
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5068904 (Monthly Rollup)
5068908 (Security Only)		 Important Remote Code Execution 5066872
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28021
 Yes None
Windows Server 2012 5068907 (Monthly Rollup) Important Remote Code Execution 5066875
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25768
 Yes None
Windows Server 2012 (Server Core installation) 5068907 (Monthly Rollup) Important Remote Code Execution 5066875
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25768
 Yes None
Windows Server 2012 R2 5068905 (Monthly Rollup) Important Remote Code Execution 5066873
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22869
 Yes None
Windows Server 2012 R2 (Server Core installation) 5068905 (Monthly Rollup) Important Remote Code Execution 5066873
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22869
 Yes None
Windows Server 2016 5068864 (Security Update) Important Remote Code Execution 5066836
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2016 (Server Core installation) 5068864 (Security Update) Important Remote Code Execution 5066836
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2019 5068791 (Security Update) Important Remote Code Execution 5066586
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2019 (Server Core installation) 5068791 (Security Update) Important Remote Code Execution 5066586
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2022 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Remote Code Execution 5066782
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022 (Server Core installation) 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Remote Code Execution 5066782
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5068779 (Security Update) Important Remote Code Execution 5066780
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1965
 Yes None
Windows Server 2025 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Remote Code Execution 5066835
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows Server 2025 (Server Core installation) 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Remote Code Execution 5066835
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-60715 Sruthy TV


Manish Kumawat


Anonymous

CVE-2025-60716 - DirectX Graphics Kernel Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-60716
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: DirectX Graphics Kernel Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally.


FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition.


What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Critical Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-60716
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1809 for 32-bit Systems 5068791 (Security Update) Critical Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 1809 for x64-based Systems 5068791 (Security Update) Critical Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5068781 (Security Update) Critical Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5068781 (Security Update) Critical Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5068781 (Security Update) Critical Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5068781 (Security Update) Critical Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5068781 (Security Update) Critical Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5068781 (Security Update) Critical Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5068865 (Security Update) Critical Elevation of Privilege 5066793
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5068865 (Security Update) Critical Elevation of Privilege 5066793
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Critical Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Critical Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Critical Elevation of Privilege
5066835		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Critical Elevation of Privilege
5066835		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows Server 2019 5068791 (Security Update) Critical Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2019 (Server Core installation) 5068791 (Security Update) Critical Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2022 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Critical Elevation of Privilege 5066782
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022 (Server Core installation) 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Critical Elevation of Privilege 5066782
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5068779 (Security Update) Critical Elevation of Privilege 5066780
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1965
 Yes None
Windows Server 2025 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Critical Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows Server 2025 (Server Core installation) 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Critical Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-60716 cyanbamboo and b2ahex


cyanbamboo and b2ahex

CVE-2025-60717 - Windows Broadcast DVR User Service Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-60717
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Broadcast DVR User Service Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Windows Broadcast DVR User Service allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privileges.


According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-60717
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1809 for 32-bit Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 1809 for x64-based Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows Server 2019 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2019 (Server Core installation) 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5068779 (Security Update) Important Elevation of Privilege 5066780
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1965
 Yes None
Windows Server 2025 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows Server 2025 (Server Core installation) 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-60717 Anonymous


Hwiwon Lee (hwiwonl), SEC-agent team


Jongseong Kim (nevul37), SEC-agent team

CVE-2025-60718 - Windows Administrator Protection Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-60718
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Administrator Protection Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Untrusted search path in Windows Administrator Protection allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited the vulnerability?

With successful exploitation of this vulnerability, an attacker could gain elevated privileges equivalent to a system managed administrator, allowing them to execute arbitrary code with high integrity and bypass administrator protections.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-60718
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 11 Version 24H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-60718 James Forshaw with Google Project Zero


James Forshaw with Google Project Zero

CVE-2025-60720 - Windows Transport Driver Interface (TDI) Translation Driver Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-60720
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Transport Driver Interface (TDI) Translation Driver Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-60720
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1607 for x64-based Systems 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 1809 for x64-based Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Elevation of Privilege 5066874
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Elevation of Privilege 5066874
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Elevation of Privilege 5066874
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Elevation of Privilege 5066874
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5068904 (Monthly Rollup)
5068908 (Security Only)		 Important Elevation of Privilege 5066872
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28021
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5068904 (Monthly Rollup)
5068908 (Security Only)		 Important Elevation of Privilege 5066872
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28021
 Yes None
Windows Server 2012 5068907 (Monthly Rollup) Important Elevation of Privilege 5066875
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25768
 Yes None
Windows Server 2012 (Server Core installation) 5068907 (Monthly Rollup) Important Elevation of Privilege 5066875
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25768
 Yes None
Windows Server 2012 R2 5068905 (Monthly Rollup) Important Elevation of Privilege 5066873
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22869
 Yes None
Windows Server 2012 R2 (Server Core installation) 5068905 (Monthly Rollup) Important Elevation of Privilege 5066873
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22869
 Yes None
Windows Server 2016 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2016 (Server Core installation) 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2019 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2019 (Server Core installation) 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2022 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Elevation of Privilege 5066782
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022 (Server Core installation) 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Elevation of Privilege 5066782
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5068779 (Security Update) Important Elevation of Privilege 5066780
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1965
 Yes None
Windows Server 2025 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows Server 2025 (Server Core installation) 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-60720 haowei yan(jingdong dawnslab)


haowei yan(jingdong dawnslab)

CVE-2025-60723 - DirectX Graphics Kernel Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-60723
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: DirectX Graphics Kernel Denial of Service Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.3/TemporalScore:5.5
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeChanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows DirectX allows an authorized attacker to deny service over a network.


FAQ:

According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

In this case, a successful attack could be performed from a low privilege Hyper-V guest. The attacker could traverse the guest's security boundary to cause denial of service on the Hyper-V host environment.


According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-60723
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1809 for 32-bit Systems 5068791 (Security Update) Important Denial of Service 5066586
 Base: 6.3
Temporal: 5.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 1809 for x64-based Systems 5068791 (Security Update) Important Denial of Service 5066586
 Base: 6.3
Temporal: 5.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5068781 (Security Update) Important Denial of Service 5066791
 Base: 6.3
Temporal: 5.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5068781 (Security Update) Important Denial of Service 5066791
 Base: 6.3
Temporal: 5.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5068781 (Security Update) Important Denial of Service 5066791
 Base: 6.3
Temporal: 5.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5068781 (Security Update) Important Denial of Service 5066791
 Base: 6.3
Temporal: 5.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5068781 (Security Update) Important Denial of Service 5066791
 Base: 6.3
Temporal: 5.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5068781 (Security Update) Important Denial of Service 5066791
 Base: 6.3
Temporal: 5.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5068865 (Security Update) Important Denial of Service 5066793
 Base: 6.3
Temporal: 5.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5068865 (Security Update) Important Denial of Service 5066793
 Base: 6.3
Temporal: 5.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Denial of Service 5066835
 Base: 6.3
Temporal: 5.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Denial of Service 5066835
 Base: 6.3
Temporal: 5.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Denial of Service
5066835		 Base: 6.3
Temporal: 5.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Denial of Service
5066835		 Base: 6.3
Temporal: 5.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows Server 2019 5068791 (Security Update) Important Denial of Service 5066586
 Base: 6.3
Temporal: 5.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2019 (Server Core installation) 5068791 (Security Update) Important Denial of Service 5066586
 Base: 6.3
Temporal: 5.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2022 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Denial of Service 5066782
 Base: 6.3
Temporal: 5.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022 (Server Core installation) 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Denial of Service 5066782
 Base: 6.3
Temporal: 5.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5068779 (Security Update) Important Denial of Service 5066780
 Base: 6.3
Temporal: 5.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.25398.1965
 Yes None
Windows Server 2025 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Denial of Service 5066835
 Base: 6.3
Temporal: 5.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows Server 2025 (Server Core installation) 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Denial of Service 5066835
 Base: 6.3
Temporal: 5.5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-60723 cyanbamboo and b2ahex

CVE-2025-60724 - GDI+ Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-60724
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: GDI+ Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:9.8/TemporalScore:8.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network.


FAQ:

Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


According to the CVSS metric, the attack vector is network (AV:N). How could an attacker exploit the vulnerability?

An attacker could trigger this vulnerability by convincing a victim to download and open a document that contains a specially crafted metafile. In the worst-case scenario, an attacker could trigger this vulnerability on web services by uploading documents containing a specially crafted metafile (AV:N) without user interaction. When multiple attack vectors can be used, we assign a score based on the scenario with the higher risk.


According to the CVSS metric, the privilege required is none (PR:N) and user interaction is none (UI:N). What does that mean for this vulnerability?

An attacker doesn't require any privileges on the systems hosting the web services. Successful exploitation of this vulnerability could cause Remote Code Execution or Information Disclosure on web services that are parsing documents that contain a specially crafted metafile, without the involvement of a victim user.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-60724
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Office for Android Release Notes (Security Update) Important Remote Code Execution Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.19426.20044
 Maybe None
Microsoft Office LTSC for Mac 2021 Release Notes (Security Update) Important Remote Code Execution Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.103.25110922
 Maybe None
Microsoft Office LTSC for Mac 2024 Release Notes (Security Update) Important Remote Code Execution Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.103.25110922
 Maybe None
Windows 10 Version 1607 for 32-bit Systems 5068864 (Security Update) Critical Remote Code Execution 5066836
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1607 for x64-based Systems 5068864 (Security Update) Critical Remote Code Execution 5066836
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5068791 (Security Update) Critical Remote Code Execution 5066586
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 1809 for x64-based Systems 5068791 (Security Update) Critical Remote Code Execution 5066586
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5068781 (Security Update) Critical Remote Code Execution 5066791
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5068781 (Security Update) Critical Remote Code Execution 5066791
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5068781 (Security Update) Critical Remote Code Execution 5066791
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5068781 (Security Update) Critical Remote Code Execution 5066791
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5068781 (Security Update) Critical Remote Code Execution 5066791
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5068781 (Security Update) Critical Remote Code Execution 5066791
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5068865 (Security Update) Critical Remote Code Execution 5066793
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5068865 (Security Update) Critical Remote Code Execution 5066793
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Critical Remote Code Execution 5066835
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Critical Remote Code Execution 5066835
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Critical Remote Code Execution
5066835		 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Critical Remote Code Execution
5066835		 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5068906 (Monthly Rollup)
5068909 (Security Only)		 Critical Remote Code Execution 5066874
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5068906 (Monthly Rollup)
5068909 (Security Only)		 Critical Remote Code Execution 5066874
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5068906 (Monthly Rollup)
5068909 (Security Only)		 Critical Remote Code Execution 5066874
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5068906 (Monthly Rollup)
5068909 (Security Only)		 Critical Remote Code Execution 5066874
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5068904 (Monthly Rollup)
5068908 (Security Only)		 Critical Remote Code Execution 5066872
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28021
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5068904 (Monthly Rollup)
5068908 (Security Only)		 Critical Remote Code Execution 5066872
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28021
 Yes None
Windows Server 2012 5068907 (Monthly Rollup) Critical Remote Code Execution 5066875
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25768
 Yes None
Windows Server 2012 (Server Core installation) 5068907 (Monthly Rollup) Critical Remote Code Execution 5066875
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25768
 Yes None
Windows Server 2012 R2 5068905 (Monthly Rollup) Critical Remote Code Execution 5066873
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22869
 Yes None
Windows Server 2012 R2 (Server Core installation) 5068905 (Monthly Rollup) Critical Remote Code Execution 5066873
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22869
 Yes None
Windows Server 2016 5068864 (Security Update) Critical Remote Code Execution 5066836
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2016 (Server Core installation) 5068864 (Security Update) Critical Remote Code Execution 5066836
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2019 5068791 (Security Update) Critical Remote Code Execution 5066586
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2019 (Server Core installation) 5068791 (Security Update) Critical Remote Code Execution 5066586
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2022 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Critical Remote Code Execution 5066782
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022 (Server Core installation) 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Critical Remote Code Execution 5066782
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5068779 (Security Update) Critical Remote Code Execution 5066780
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1965
 Yes None
Windows Server 2025 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Critical Remote Code Execution 5066835
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows Server 2025 (Server Core installation) 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Critical Remote Code Execution 5066835
 Base: 9.8
Temporal: 8.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-60724 4n0nym4u5 with Zscaler


4n0nym4u5 with Zscaler

CVE-2025-62200 - Microsoft Excel Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62200
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Excel Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.


FAQ:

According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.


Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker must send the user a malicious file and convince them to open it.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62200
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Excel 2016 (32-bit edition) 5002811 (Security Update) Important Remote Code Execution 5002794
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5526.1002
 Maybe None
Microsoft Excel 2016 (64-bit edition) 5002811 (Security Update) Important Remote Code Execution 5002794
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5526.1002
 Maybe None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Office Online Server 5002801 (Security Update) Important Remote Code Execution 5002797
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.10417.20068
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62200 boolgombear

CVE-2025-62201 - Microsoft Excel Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62201
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Excel Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.


FAQ:

According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker must send the user a malicious file and convince them to open it.


Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62201
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Excel 2016 (32-bit edition) 5002811 (Security Update) Important Remote Code Execution 5002794
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5526.1002
 Maybe None
Microsoft Excel 2016 (64-bit edition) 5002811 (Security Update) Important Remote Code Execution 5002794
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5526.1002
 Maybe None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC for Mac 2021 Release Notes (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.103.25110922
 Maybe None
Microsoft Office LTSC for Mac 2024 Release Notes (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.103.25110922
 Maybe None
Office Online Server 5002801 (Security Update) Important Remote Code Execution 5002797
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.10417.20068
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62201 boolgombear

CVE-2025-62202 - Microsoft Excel Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62202
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Excel Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.1/TemporalScore:6.2
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.


FAQ:

What type of information could be disclosed by this vulnerability?

An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker must send the user a malicious file and convince them to open it.


Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software?

Yes. Customers should apply all updates offered for the software installed on their systems. If multiple updates apply, they can be installed in any order.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62202
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Information Disclosure Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Information Disclosure Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Excel 2016 (32-bit edition) 5002811 (Security Update)
5002810 (Security Update)		 Important Information Disclosure 5002794

5002757		 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C
 16.0.5526.1002

16.0.5526.1003		 Maybe None
Microsoft Excel 2016 (64-bit edition) 5002811 (Security Update)
5002810 (Security Update)		 Important Information Disclosure 5002794

5002757		 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C
 16.0.5526.1002

16.0.5526.1003		 Maybe None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Information Disclosure Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Information Disclosure Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Important Information Disclosure Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Important Information Disclosure Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 32-bit editions Click to Run (Security Update) Important Information Disclosure Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 64-bit editions Click to Run (Security Update) Important Information Disclosure Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC for Mac 2021 Release Notes (Security Update) Important Information Disclosure Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C
 16.103.25110922
 Maybe None
Microsoft Office LTSC for Mac 2024 Release Notes (Security Update) Important Information Disclosure Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C
 16.103.25110922
 Maybe None
Office Online Server 5002801 (Security Update) Important Information Disclosure 5002797
 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C
 16.0.10417.20068
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62202 boolgombear

CVE-2025-62203 - Microsoft Excel Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62203
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Excel Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.


FAQ:

According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker must send the user a malicious file and convince them to open it.


Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62203
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Excel 2016 (32-bit edition) 5002811 (Security Update) Important Remote Code Execution 5002794
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5526.1002
 Maybe None
Microsoft Excel 2016 (64-bit edition) 5002811 (Security Update) Important Remote Code Execution 5002794
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5526.1002
 Maybe None
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Office Online Server 5002801 (Security Update) Important Remote Code Execution 5002797
 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.10417.20068
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62203 Quan Jin with DBAPPSecurity

CVE-2025-62204 - Microsoft SharePoint Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62204
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft SharePoint Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.0/TemporalScore:7.0
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.


FAQ:

I am running SharePoint Server 2016. Do the updates for SharePoint Enterprise Server 2016 also apply to the version I am running?

Yes. The same KB number applies to both SharePoint Server 2016 and SharePoint Enterprise Server 2016. Customers running either version should install the security update to be protected from this vulnerability.


According to the CVSS metric, the attack vector is network (AV:N) and the user interaction is required (UI:R). What is the target context of the remote code execution?

This attack requires a client to connect to a malicious server, and that could allow the attacker to gain code execution on the client.


According to the CVSS metric, user interaction is required (UI:R) and privileges required is Low (PR:L). What does that mean for this vulnerability?

An authorized attacker with privileges could send controlled inputs to exploit this vulnerability.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62204
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SharePoint Enterprise Server 2016 5002805 (Security Update) Important Remote Code Execution 5002788
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.5526.1001
 Maybe None
Microsoft SharePoint Server 2019 5002803 (Security Update) Important Remote Code Execution 5002796
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.10417.20068
 Maybe None
Microsoft SharePoint Server Subscription Edition 5002800 (Security Update) Important Remote Code Execution 5002786
 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.19127.20338
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62204 41ae55e9310ff27fa6f26af4727e5590

CVE-2025-62205 - Microsoft Office Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62205
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Office Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.


FAQ:

According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.


According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker must send the user a malicious file and convince them to open it.


Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62205
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2021 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None
Microsoft Office LTSC 2024 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 https://aka.ms/OfficeSecurityReleases
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62205 Haifei Li with EXPMON

CVE-2025-62208 - Windows License Manager Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62208
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows License Manager Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the local memory address


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published. This CVE was addressed by updates that were released in October 2025, but the CVE was inadvertently omitted from the October 2025 Security Updates. This is an informational change only. Customers who have already installed the October 2025 updates do not need to take any further action.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62208
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5066837 (Security Update) Important Information Disclosure 5065430
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.10240.21161
 Yes None
Windows 10 for x64-based Systems 5066837 (Security Update) Important Information Disclosure 5065430
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.10240.21161
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5066836 (Security Update) Important Information Disclosure 5065427
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8519
 Yes None
Windows 10 Version 1607 for x64-based Systems 5066836 (Security Update) Important Information Disclosure 5065427
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8519
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5066586 (Security Update) Important Information Disclosure 5065428
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7919
 Yes None
Windows 10 Version 1809 for x64-based Systems 5066586 (Security Update) Important Information Disclosure 5065428
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7919
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5066791 (Security Update) Important Information Disclosure 5065429
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6456
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5066791 (Security Update) Important Information Disclosure 5065429
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6456
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5066791 (Security Update) Important Information Disclosure 5065429
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6456
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5066791 (Security Update) Important Information Disclosure 5065429
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6456
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5066791 (Security Update) Important Information Disclosure 5065429
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6456
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5066791 (Security Update) Important Information Disclosure 5065429
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6456
 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5066793 (Security Update) Important Information Disclosure 5065431
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22631.6060
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5066793 (Security Update) Important Information Disclosure 5065431
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22631.6060
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5066793 (Security Update) Important Information Disclosure 5065431
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22631.6060
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5066793 (Security Update) Important Information Disclosure 5065431
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22631.6060
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5066835 (Security Update) Important Information Disclosure 5065426
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.6899
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5066835 (Security Update) Important Information Disclosure 5065426
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.6899
 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5066835 (Security Update) Important Information Disclosure Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.26200.6899		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5066835 (Security Update) Important Information Disclosure Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.26200.6899		 Yes None
Windows Server 2016 5066836 (Security Update) Important Information Disclosure 5065427
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8519
 Yes None
Windows Server 2016 (Server Core installation) 5066836 (Security Update) Important Information Disclosure 5065427
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8519
 Yes None
Windows Server 2019 5066586 (Security Update) Important Information Disclosure 5065428
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7919
 Yes None
Windows Server 2019 (Server Core installation) 5066586 (Security Update) Important Information Disclosure 5065428
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7919
 Yes None
Windows Server 2022 5066782 (Security Update) Important Information Disclosure 5065432
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.4294
 Yes None
Windows Server 2022 (Server Core installation) 5066782 (Security Update) Important Information Disclosure 5065432
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.4294
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5066780 (Security Update) Important Information Disclosure 5065425
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.25398.1913
 Yes None
Windows Server 2025 5066835 (Security Update) Important Information Disclosure 5065426
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.6899
 Yes None
Windows Server 2025 (Server Core installation) 5066835 (Security Update) Important Information Disclosure 5065426
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.6899
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62208 Aobo Wang


Pwnforr777


Aobo Wang

CVE-2025-62209 - Windows License Manager Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62209
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows License Manager Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally.


FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the local memory address


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published. This CVE was addressed by updates that were released in October 2025, but the CVE was inadvertently omitted from the October 2025 Security Updates. This is an informational change only. Customers who have already installed the October 2025 updates do not need to take any further action.


 Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62209
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 for 32-bit Systems 5066837 (Security Update) Important Information Disclosure 5065430
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.10240.21161
 Yes None
Windows 10 for x64-based Systems 5066837 (Security Update) Important Information Disclosure 5065430
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.10240.21161
 Yes None
Windows 10 Version 1607 for 32-bit Systems 5066836 (Security Update) Important Information Disclosure 5065427
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8519
 Yes None
Windows 10 Version 1607 for x64-based Systems 5066836 (Security Update) Important Information Disclosure 5065427
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8519
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5066586 (Security Update) Important Information Disclosure 5065428
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7919
 Yes None
Windows 10 Version 1809 for x64-based Systems 5066586 (Security Update) Important Information Disclosure 5065428
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7919
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5066791 (Security Update) Important Information Disclosure 5065429
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6456
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5066791 (Security Update) Important Information Disclosure 5065429
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6456
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5066791 (Security Update) Important Information Disclosure 5065429
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6456
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5066791 (Security Update) Important Information Disclosure 5065429
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6456
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5066791 (Security Update) Important Information Disclosure 5065429
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6456
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5066791 (Security Update) Important Information Disclosure 5065429
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.19044.6456
 Yes None
Windows 11 Version 22H2 for ARM64-based Systems 5066793 (Security Update) Important Information Disclosure 5065431
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22631.6060
 Yes None
Windows 11 Version 22H2 for x64-based Systems 5066793 (Security Update) Important Information Disclosure 5065431
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22631.6060
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5066793 (Security Update) Important Information Disclosure 5065431
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22631.6060
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5066793 (Security Update) Important Information Disclosure 5065431
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.22631.6060
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5066835 (Security Update) Important Information Disclosure 5065426
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.6899
 Yes None
Windows 11 Version 24H2 for x64-based Systems 5066835 (Security Update) Important Information Disclosure 5065426
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.6899
 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5066835 (Security Update) Important Information Disclosure Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.26200.6899		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5066835 (Security Update) Important Information Disclosure Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
10.0.26200.6899		 Yes None
Windows Server 2016 5066836 (Security Update) Important Information Disclosure 5065427
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8519
 Yes None
Windows Server 2016 (Server Core installation) 5066836 (Security Update) Important Information Disclosure 5065427
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.14393.8519
 Yes None
Windows Server 2019 5066586 (Security Update) Important Information Disclosure 5065428
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7919
 Yes None
Windows Server 2019 (Server Core installation) 5066586 (Security Update) Important Information Disclosure 5065428
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.17763.7919
 Yes None
Windows Server 2022 5066782 (Security Update) Important Information Disclosure 5065432
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.4294
 Yes None
Windows Server 2022 (Server Core installation) 5066782 (Security Update) Important Information Disclosure 5065432
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.20348.4294
 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5066780 (Security Update) Important Information Disclosure 5065425
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.25398.1913
 Yes None
Windows Server 2025 5066835 (Security Update) Important Information Disclosure 5065426
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.6899
 Yes None
Windows Server 2025 (Server Core installation) 5066835 (Security Update) Important Information Disclosure 5065426
 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
 10.0.26100.6899
 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62209 Aobo Wang

CVE-2025-59499 - Microsoft SQL Server Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-59499
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft SQL Server Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network.


FAQ:

How could an attacker exploit the vulnerability?

An attacker could inject arbitrary T-SQL commands by crafting a malicious database name.


What privileges could be gained by an attacker who successfully exploited the vulnerability?

An attacker who successfully exploited this vulnerability could gain the privileges of the process running the query. For example, if the process running the query containing a SQL injection is sysadmin, the attacker would gain sysadmin privileges.


I am running SQL Server on my system. What action do I need to take?

Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates.

There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?

  • First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Microsoft Knowledge Base Article 321185 - How to determine the version, edition, and update level of SQL Server and its components.
  • Second, in the following table, locate your version number or the version range that your version number falls within. The corresponding update is the one you need to install.

Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product to apply this and future security updates.

Update Number Title Version Apply if current product version is… This security update also includes servicing releases up through…
5068406 Security update for SQL Server 2022 CU21+GDR 16.0.4222.2 16.0.4003.1 - 16.0.4215.2 KB 5065865 - SQL2022 RTM CU21
5068407 Security update for SQL Server 2022 RTM+GDR 16.0.1160.1 16.0.1000.6 - 16.0.1150.1 KB 5065221 - Previous SQL2022 RTM GDR
5068404 Security update for SQL Server 2019 CU32+GDR 15.0.4455.2 15.0.4003.23 - 15.0.4445.1 KB 5065222 - Previous SQL2019 RTM CU32 GDR
5068405 Security update for SQL Server 2019 RTM+GDR 15.0.2155.2 15.0.2000.5 - 15.0.2145.1 KB 5065223 - Previous SQL2019 RTM GDR
5068402 Security update for SQL Server 2017 CU31+GDR 14.0.3515.1 14.0.3006.16 - 14.0.3505.1 KB 5065225 - Previous SQL2017 RTM CU31 GDR
5068403 Security update for SQL Server 2017 RTM+GDR 14.0.2095.1 14.0.1000.169 - 14.0.2085.1 KB 5065224 - Previous SQL2017 RTM GDR
5068400 Security update for SQL 2016 Azure Connect Feature Pack+GDR 13.0.7070.1 13.0.7000.253 - 13.0.7065.1 KB 5065227 - Previous SQL2016 Azure Connect Feature Pack GDR
5068401 Security update for SQL Server 2016 SP3 RTM+GDR 13.0.6475.1 13.0.6300.2 - 13.0.6470.1 KB 5065226 - Previous SQL2016 RTM GDR

What are the GDR and CU update designations and how do they differ?

The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.

  • GDR updates – cumulatively only contain security updates for the given baseline.
  • CU updates – cumulatively contain all functional fixes and security updates for the given baseline.

For any given baseline, either the GDR or CU updates could be options (see below).

  • If SQL Server installation is at a baseline version, you can choose either the GDR or CU update.
  • If SQL Server installation has intentionally only installed past GDR updates, then choose to install the GDR update package.
  • If SQL Server installation has intentionally installed previous CU updates, then choose to install the CU security update package.

Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path.

Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)?

Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manually.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-59499
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 5068401 (Security Update) Important Elevation of Privilege Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.6475.1
 Maybe None
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 5068400 (Security Update) Important Elevation of Privilege Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 13.0.7070.1
 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (CU 31) 5068402 (Security Update) Important Elevation of Privilege Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.3515.1
 Maybe None
Microsoft SQL Server 2017 for x64-based Systems (GDR) 5068403 (Security Update) Important Elevation of Privilege Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 14.0.2095.1
 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (CU 32) 5068404 (Security Update) Important Elevation of Privilege Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.4455.2
 Maybe None
Microsoft SQL Server 2019 for x64-based Systems (GDR) 5068405 (Security Update) Important Elevation of Privilege Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 15.0.2155.2
 Maybe None
Microsoft SQL Server 2022 for x64-based Systems (CU 21) 5068406 (Security Update) Important Elevation of Privilege Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.4222.2
 Maybe None
Microsoft SQL Server 2022 for x64-based Systems (GDR) 5068407 (Security Update) Important Elevation of Privilege Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 16.0.1160.1
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-59499 Fabiano Amorim with Pythian

CVE-2025-62211 - Dynamics 365 Field Service (online) Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62211
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Dynamics 365 Field Service (online) Spoofing Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.7/TemporalScore:7.6
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365 Field Service (online) allows an authorized attacker to perform spoofing over a network.


FAQ:

According to the CVSS metric, user interaction is required (UI:R) and privileges required is low (PR:L). What does that mean for this vulnerability?

An authorized attacker must send the user a malicious link and convince the user to open it.


What actions do customers need to take to protect themselves from this vulnerability?

Customers running Dynamics 365 Field Service (online) need to go to the Power Platform admin center and apply the updates. See Update apps and solutions for more information about updating your Field Service app.


According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

The vulnerability is in the web server, but the malicious scripts execute in the victim’s browser on their machine.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Unlikely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62211
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Dynamics 365 Field Service (online) Release Notes (Security Update) Important Spoofing Base: 8.7
Temporal: 7.6
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C
 8.8.139.398
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62211 Brad Schlintz (nmdhkr)

CVE-2025-62214 - Visual Studio Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62214
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Visual Studio Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.7/TemporalScore:5.8
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an authorized attacker to execute code locally.


FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does this mean for this vulnerability?

Exploitation is not trivial for this vulnerability as it requires multiple steps: prompt injection, Copilot Agent interaction, and triggering a build.


According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?

The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62214
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Visual Studio 2022 version 17.14 Release Notes (Security Update) Critical Remote Code Execution Base: 6.7
Temporal: 5.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 17.14.17
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62214 Nakkouch Tarek

CVE-2025-62215 - Windows Kernel Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62215
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Kernel Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.5
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityFunctional
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Kernel allows an authorized attacker to elevate privileges locally.


FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition.


What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62215
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1809 for 32-bit Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 1809 for x64-based Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.0
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.0
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.0
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.0
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows Server 2019 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2019 (Server Core installation) 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2022 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Elevation of Privilege 5066782
 Base: 7.0
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022 (Server Core installation) 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Elevation of Privilege 5066782
 Base: 7.0
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5068779 (Security Update) Important Elevation of Privilege 5066780
 Base: 7.0
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.25398.1965
 Yes None
Windows Server 2025 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows Server 2025 (Server Core installation) 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62215 Microsoft Threat Intelligence Center (MSTIC) & Microsoft Security Response Center (MSRC)

CVE-2025-62213 - Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62213
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.


FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition.


What privileges could be gained by an attacker who successfully exploited this vulnerability?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62213
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 10 Version 1607 for 32-bit Systems 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1607 for x64-based Systems 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows 10 Version 1809 for 32-bit Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 1809 for x64-based Systems 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows 10 Version 21H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 21H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19044.6575
 Yes None
Windows 10 Version 22H2 for 32-bit Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for ARM64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 10 Version 22H2 for x64-based Systems 5068781 (Security Update) Important Elevation of Privilege 5066791
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.19045.6575
 Yes None
Windows 11 Version 23H2 for ARM64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 23H2 for x64-based Systems 5068865 (Security Update) Important Elevation of Privilege 5066793
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.22631.6199
 Yes None
Windows 11 Version 24H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
10.0.26200.7171
10.0.26200.7092		 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Elevation of Privilege 5066874
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Elevation of Privilege 5066874
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Elevation of Privilege 5066874
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5068906 (Monthly Rollup)
5068909 (Security Only)		 Important Elevation of Privilege 5066874
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.0.6003.23624
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5068904 (Monthly Rollup)
5068908 (Security Only)		 Important Elevation of Privilege 5066872
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28021
 Yes None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5068904 (Monthly Rollup)
5068908 (Security Only)		 Important Elevation of Privilege 5066872
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.1.7601.28021
 Yes None
Windows Server 2012 5068907 (Monthly Rollup) Important Elevation of Privilege 5066875
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25768
 Yes None
Windows Server 2012 (Server Core installation) 5068907 (Monthly Rollup) Important Elevation of Privilege 5066875
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.2.9200.25768
 Yes None
Windows Server 2012 R2 5068905 (Monthly Rollup) Important Elevation of Privilege 5066873
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22869
 Yes None
Windows Server 2012 R2 (Server Core installation) 5068905 (Monthly Rollup) Important Elevation of Privilege 5066873
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 6.3.9600.22869
 Yes None
Windows Server 2016 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2016 (Server Core installation) 5068864 (Security Update) Important Elevation of Privilege 5066836
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.14393.8594
 Yes None
Windows Server 2019 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2019 (Server Core installation) 5068791 (Security Update) Important Elevation of Privilege 5066586
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.17763.8027
 Yes None
Windows Server 2022 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Elevation of Privilege 5066782
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022 (Server Core installation) 5068787 (Security Update)
5068840 (Security Hotpatch Update)		 Important Elevation of Privilege 5066782
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.20348.4405

10.0.20348.4346		 Yes None
Windows Server 2022, 23H2 Edition (Server Core installation) 5068779 (Security Update) Important Elevation of Privilege 5066780
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.25398.1965
 Yes None
Windows Server 2025 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None
Windows Server 2025 (Server Core installation) 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 10.0.26100.7171

10.0.26100.7092		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62213 Angelboy (@scwuaptx) with DEVCORE

CVE-2025-62222 - Agentic AI and Visual Studio Code Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62222
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Agentic AI and Visual Studio Code Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Improper neutralization of special elements used in a command ('command injection') in Visual Studio Code CoPilot Chat Extension allows an unauthorized attacker to execute code over a network.


FAQ:

According to the CVSS metric, the attack vector is network (AV:N) and user interaction is required (UI:R). What is the target context of the remote code execution?

A remote (AV:N) attacker could create a specially crafted GitHub issue within a user's repository. To exploit this, the user must enable a particular mode on the attacker’s crafted issue, which would execute the issue’s description and enable remote code execution by the attacker.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62222
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Visual Studio Code CoPilot Chat Extension Release Notes (Security Update) Important Remote Code Execution Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
 0.32.5
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62222 Anonymous

CVE-2025-62449 - Microsoft Visual Studio Code CoPilot Chat Extension Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62449
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Microsoft Visual Studio Code CoPilot Chat Extension Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:6.8/TemporalScore:5.9
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityLow
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Improper limitation of a pathname to a restricted directory ('path traversal') in Visual Studio Code CoPilot Chat Extension allows an authorized attacker to bypass a security feature locally.


FAQ:

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Visual Studio Code sensitive file protections.


According to the CVSS metrics, successful exploitation of this vulnerability could lead to a high loss of confidentiality (C:H), and integrity (I:H) and some loss of availability (A:L). What does that mean for this vulnerability?

An attacker who successfully exploited this vulnerability could view sensitive information (Confidentiality) and modify code in the repo, (Integrity), and they might be able to interfere with availability of the code (Availability).


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62449
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Microsoft Visual Studio Code CoPilot Chat Extension Release Notes (Security Update) Important Security Feature Bypass Base: 6.8
Temporal: 5.9
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L/E:U/RL:O/RC:C
 0.32.5
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62449 Philip Tsukerman with Cyberark

CVE-2025-60721 - Windows Administrator Protection Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-60721
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Windows Administrator Protection Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.9
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelTemporary Fix
Report ConfidenceConfirmed

Executive Summary:

Privilege context switching error in Windows Administrator Protection allows an authorized attacker to elevate privileges locally.


FAQ:

What privileges could be gained by an attacker who successfully exploited the vulnerability?

With successful exploitation of this vulnerability, an attacker could gain elevated privileges equivalent to a system managed administrator, allowing them to execute arbitrary code with high integrity and bypass administrator protections.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-60721
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Windows 11 Version 24H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.8
Temporal: 6.9
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:T/RC:C
10.0.26100.7171
10.0.26100.7092		 Yes None
Windows 11 Version 24H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege
5066835		 Base: 7.8
Temporal: 6.9
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:T/RC:C
10.0.26100.7171
10.0.26100.7092		 Yes None
Windows 11 Version 25H2 for ARM64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.9
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:T/RC:C
 10.0.26200.7171

10.0.26200.7092		 Yes None
Windows 11 Version 25H2 for x64-based Systems 5068861 (Security Update)
5068966 (Security Hotpatch Update)		 Important Elevation of Privilege 5066835
 Base: 7.8
Temporal: 6.9
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:T/RC:C
 10.0.26200.7171

10.0.26200.7092		 Yes None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-60721 James Forshaw with Google Project Zero


James Forshaw with Google Project Zero

CVE-2025-62453 - GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-62453
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:5.0/TemporalScore:4.4
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityHigh
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Improper validation of generative ai output in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature locally.


FAQ:

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

An attacker who successfully exploited this vulnerability could bypass Visual Studio Code sensitive file protections.


According to the CVSS metric, the attack vector is local (AV:L), privileges are required (PR:L) and user interaction is required (UI:R). How could an attacker exploit this security feature bypass vulnerability?

The attack itself is carried out locally by a user with authentication to the targeted repo. An authenticated attacker could place a malicious file in the targeted repo and then wait for the user to prompt Copilot to review the file.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-62453
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Visual Studio Code Release Notes (Security Update) Important Security Feature Bypass Base: 5.0
Temporal: 4.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C
 1.105.0
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-62453 Name: Lam Jun Rong Company name: NUS Greyhats URL: https://jro.sg

CVE-2025-30398 - Nuance PowerScribe 360 Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-30398
MITRE
NVD

Issuing CNA: Microsoft

 CVE Title: Nuance PowerScribe 360 Information Disclosure Vulnerability
CVSS:

CVSS:3.1 Highest BaseScore:8.1/TemporalScore:7.1
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:

Missing authorization in Nuance PowerScribe allows an unauthorized attacker to disclose information over a network.


FAQ:

According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability?

An unauthorized attacker must wait for a user to initiate a connection.


How could an attacker exploit this vulnerability?

An unauthenticated attacker could exploit this vulnerability by making an API call to a specific endpoint. The attacker could then use the data to gain access to sensitive information on the server.


Why is a login required to view the Release Notes for the products listed in the Security Updates table?

Only Nuance customers have access to the release notes via their customer account.


According to the CVSS metrics, successful exploitation of this vulnerability could lead to major loss of confidentiality (C:H) and major loss of integrity (I:H) but have no effect on availability (A:N). What does that mean for this vulnerability?

Exploiting this vulnerability could allow an attacker to view highly sensitive user information and modify data, but they cannot affect the availability of the service.


How do I get the update for my version of PowerScribe?

Customers using any of the affected versions of PowerScribe listed in the Security Updates table can contact your Customer Success Manager (CSM) or Technical Support at (800) 833-7776 to request an update.


What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is PowerScribe configuration settings.


Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Critical Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-30398
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Nuance PowerScribe 360 version 4.0.1 Release Notes (Security Update) Critical Information Disclosure Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 7.0.111.66
 Maybe None
Nuance PowerScribe 360 version 4.0.2 Release Notes (Security Update) Critical Information Disclosure Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 7.0.154.16
 Maybe None
Nuance PowerScribe 360 version 4.0.3 Release Notes (Security Update) Critical Information Disclosure Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 7.0.197.8
 Maybe None
Nuance PowerScribe 360 version 4.0.4 Release Notes (Security Update) Critical Information Disclosure Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 7.0.212.9
 Maybe None
Nuance PowerScribe 360 version 4.0.5 Release Notes (Security Update) Critical Information Disclosure Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 7.0.243.17
 Maybe None
Nuance PowerScribe 360 version 4.0.6 Release Notes (Security Update) Critical Information Disclosure Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 7.0.277.26
 Maybe None
Nuance PowerScribe 360 version 4.0.7 Release Notes (Security Update) Critical Information Disclosure Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 7.0.316.9
 No None
Nuance PowerScribe 360 version 4.0.8 Release Notes (Security Update) Critical Information Disclosure Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 7.0.427.13
 Maybe None
Nuance PowerScribe 360 version 4.0.9 Release Notes (Security Update) Critical Information Disclosure Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 7.0.528.18
 Maybe None
Nuance PowerScribe One version 2019.1 Release Notes (Security Update) Critical Information Disclosure Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 2019.1.96.5
 Maybe None
Nuance PowerScribe One version 2019.10 Release Notes (Security Update) Critical Information Disclosure Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 2019.10.36.4
 Maybe None
Nuance PowerScribe One version 2019.2 Release Notes (Security Update) Critical Information Disclosure Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 2019.2.9.8
 Maybe None
Nuance PowerScribe One version 2019.3 Release Notes (Security Update) Critical Information Disclosure Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 2019.3.16.20
 Maybe None
Nuance PowerScribe One version 2019.4 Release Notes (Security Update) Critical Information Disclosure Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 2019.4.9.16
 Maybe None
Nuance PowerScribe One version 2019.5 Release Notes (Security Update) Critical Information Disclosure Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 2019.5.14.39
 Maybe None
Nuance PowerScribe One version 2019.6 Release Notes (Security Update) Critical Information Disclosure Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 2019.6.36.39
 Maybe None
Nuance PowerScribe One version 2019.7 Release Notes (Security Update) Critical Information Disclosure Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 2019.7.107.21
 Maybe None
Nuance PowerScribe One version 2019.8 Release Notes (Security Update) Critical Information Disclosure Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 2019.8.43.15
 Maybe None
Nuance PowerScribe One version 2019.9 Release Notes (Security Update) Critical Information Disclosure Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 2019.9.31.19
 Maybe None
PowerScribe One version 2023.1 SP2 Patch 7 Release Notes (Security Update) Critical Information Disclosure Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
 2023.2.3027.0
 Maybe None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-30398 Brandon Kraycirik

CVE-2025-10966 - missing SFTP host verification with wolfSSH

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-10966
MITRE
NVD

Issuing CNA: curl

 CVE Title: missing SFTP host verification with wolfSSH
CVSS:

CVSS:3.1 Highest BaseScore:6.8/TemporalScore:6.8
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Nov-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-10966
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 cmake 3.30.3-10 on Azure Linux 3.0 Moderate Unknown None Base: 6.8
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
 Unknown Unknown None
azl3 curl 8.11.1-4 on Azure Linux 3.0 Moderate Unknown None Base: 6.8
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
 Unknown Unknown None
azl3 mysql 8.0.44-2 on Azure Linux 3.0 Moderate Unknown None Base: 6.8
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
 Unknown Unknown None
azl3 rust 1.75.0-21 on Azure Linux 3.0 Moderate Unknown None Base: 6.8
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
 Unknown Unknown None
azl3 rust 1.86.0-9 on Azure Linux 3.0 Moderate Unknown None Base: 6.8
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
 Unknown Unknown None
azl3 tensorflow 2.16.1-9 on Azure Linux 3.0 Moderate Unknown None Base: 6.8
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
 Unknown Unknown None
cbl2 cmake 3.21.4-19 on CBL Mariner 2.0 Moderate Unknown None Base: 6.8
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
 Unknown Unknown None
cbl2 curl 8.8.0-7 on CBL Mariner 2.0 Moderate Unknown None Base: 6.8
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
 Unknown Unknown None
cbl2 mysql 8.0.44-2 on CBL Mariner 2.0 Moderate Unknown None Base: 6.8
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
 Unknown Unknown None
cbl2 rust 1.72.0-11 on CBL Mariner 2.0 Moderate Unknown None Base: 6.8
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
 Unknown Unknown None
cbl2 tensorflow 2.11.1-2 on CBL Mariner 2.0 Moderate Unknown None Base: 6.8
Temporal: 6.8
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-10966 None

CVE-2025-64436 - KubeVirt Excessive Role Permissions Could Enable Unauthorized VMI Migrations Between Nodes

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-64436
MITRE
NVD

Issuing CNA: GitHub_M

 CVE Title: KubeVirt Excessive Role Permissions Could Enable Unauthorized VMI Migrations Between Nodes
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Nov-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-64436
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kubevirt 1.5.0-5 on Azure Linux 3.0 Moderate Unknown None Base: N/A
Temporal: N/A
Vector: N/A
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-64436 None

CVE-2025-64434 - KubeVirt Improper TLS Certificate Management Handling Allows API Identity Spoofing

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-64434
MITRE
NVD

Issuing CNA: GitHub_M

 CVE Title: KubeVirt Improper TLS Certificate Management Handling Allows API Identity Spoofing
CVSS:

CVSS:3.1 Highest BaseScore:4.7/TemporalScore:4.5
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityProof-of-Concept

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Nov-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-64434
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kubevirt 1.5.0-5 on Azure Linux 3.0 Moderate Unknown None Base: 4.7
Temporal: 4.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-64434 None

CVE-2025-64433 - KubeVirt Arbitrary Container File Read

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-64433
MITRE
NVD

Issuing CNA: GitHub_M

 CVE Title: KubeVirt Arbitrary Container File Read
CVSS:

CVSS:3.1 Highest BaseScore:6.5/TemporalScore:6.2
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityProof-of-Concept

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Nov-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-64433
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kubevirt 1.5.0-5 on Azure Linux 3.0 Moderate Unknown None Base: 6.5
Temporal: 6.2
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-64433 None

CVE-2025-64435 - KubeVirt VMI Denial-of-Service (DoS) Using Pod Impersonation

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-64435
MITRE
NVD

Issuing CNA: GitHub_M

 CVE Title: KubeVirt VMI Denial-of-Service (DoS) Using Pod Impersonation
CVSS:

CVSS:3.1 Highest BaseScore:5.3/TemporalScore:5.0
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityProof-of-Concept

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Nov-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-64435
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kubevirt 1.5.0-5 on Azure Linux 3.0 Moderate Unknown None Base: 5.3
Temporal: 5.0
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-64435 None

CVE-2025-64437 - KubeVirt Isolation Detection Flaw Allows Arbitrary File Permission Changes

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-64437
MITRE
NVD

Issuing CNA: GitHub_M

 CVE Title: KubeVirt Isolation Detection Flaw Allows Arbitrary File Permission Changes
CVSS:

CVSS:3.1 Highest BaseScore:5.0/TemporalScore:4.7
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredHigh
User InteractionNone
ScopeChanged
ConfidentialityLow
IntegrityLow
AvailabilityLow
Temporal score metrics
Exploit Code MaturityProof-of-Concept

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Nov-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-64437
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kubevirt 1.5.0-5 on Azure Linux 3.0 Moderate Unknown None Base: 5.0
Temporal: 4.7
Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L/E:P
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-64437 None

CVE-2025-31133 - runc container escape via "masked path" abuse due to mount race conditions

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-31133
MITRE
NVD

Issuing CNA: GitHub_M

 CVE Title: runc container escape via "masked path" abuse due to mount race conditions
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Nov-25    

Information published.


 Important Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-31133
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
cbl2 moby-runc 1.1.9-9 on CBL Mariner 2.0 Important Unknown None Base: N/A
Temporal: N/A
Vector: N/A
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-31133 None

CVE-2025-52881 - runc: LSM labels can be bypassed with malicious config using dummy procfs files

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-52881
MITRE
NVD

Issuing CNA: GitHub_M

 CVE Title: runc: LSM labels can be bypassed with malicious config using dummy procfs files
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Nov-25    

Information published.


 Important Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-52881
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 runc 1.3.3-1 on Azure Linux 3.0 Important Unknown None Base: N/A
Temporal: N/A
Vector: N/A
 Unknown Unknown None
cbl2 moby-runc 1.1.9-9 on CBL Mariner 2.0 Important Unknown None Base: N/A
Temporal: N/A
Vector: N/A
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-52881 None

CVE-2025-60753 - An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-60753
MITRE
NVD

Issuing CNA: mitre

 CVE Title: An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.2
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityProof-of-Concept

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-60753
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 libarchive 3.7.7-3 on Azure Linux 3.0 Moderate Unknown None Base: 5.5
Temporal: 5.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P
 Unknown Unknown None
cbl2 libarchive 3.6.1-7 on CBL Mariner 2.0 Moderate Unknown None Base: 5.5
Temporal: 5.2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-60753 None

CVE-2025-40107 - can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40107
MITRE
NVD

Issuing CNA: Linux

 CVE Title: can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled
CVSS:

CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:

Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?

One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.


Mitigations:
None
Workarounds:
None
Revision:
1.0    04-Nov-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40107
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.104.2-4 on Azure Linux 3.0 CBL-Mariner Releases (Security Update) Moderate Unknown Base: 5.5
Temporal: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 6.6.112.1-2
 No None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40107 None

CVE-2025-64329 - containerd CRI server: Host memory exhaustion through Attach goroutine leak

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-64329
MITRE
NVD

Issuing CNA: GitHub_M

 CVE Title: containerd CRI server: Host memory exhaustion through Attach goroutine leak
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Nov-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-64329
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 containerd2 2.0.0-14 on Azure Linux 3.0 CBL-Mariner Releases (Security Update) Moderate Unknown Base: N/A
Temporal: N/A
Vector: N/A
 2.0.0-15
 No None
azl3 moby-containerd-cc 1.7.7-9 on Azure Linux 3.0 Moderate Unknown None Base: N/A
Temporal: N/A
Vector: N/A
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-64329 None

CVE-2024-25621 - containerd affected by a local privilege escalation via wide permissions on CRI directory

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-25621
MITRE
NVD

Issuing CNA: GitHub_M

 CVE Title: containerd affected by a local privilege escalation via wide permissions on CRI directory
CVSS:

CVSS:3.1 Highest BaseScore:7.3/TemporalScore:7.3
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08-Nov-25    

Information published.


 Important Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-25621
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 containerd2 2.0.0-14 on Azure Linux 3.0 Important Unknown None Base: 7.3
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
 Unknown Unknown None
azl3 moby-containerd-cc 1.7.7-9 on Azure Linux 3.0 Important Unknown None Base: 7.3
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
 Unknown Unknown None
cbl2 moby-containerd 1.6.26-12 on CBL Mariner 2.0 Important Unknown None Base: 7.3
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
 Unknown Unknown None
cbl2 moby-containerd-cc 1.7.7-12 on CBL Mariner 2.0 Important Unknown None Base: 7.3
Temporal: 7.3
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-25621 None

CVE-2025-64432 - KubeVirt Affected by an Authentication Bypass in Kubernetes Aggregation Layer

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-64432
MITRE
NVD

Issuing CNA: GitHub_M

 CVE Title: KubeVirt Affected by an Authentication Bypass in Kubernetes Aggregation Layer
CVSS:

CVSS:3.1 Highest BaseScore:4.7/TemporalScore:4.7
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Nov-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-64432
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kubevirt 1.5.0-5 on Azure Linux 3.0 Moderate Unknown None Base: 4.7
Temporal: 4.5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P
 Unknown Unknown None
cbl2 kubevirt 0.59.0-30 on CBL Mariner 2.0 Moderate Unknown None Base: 4.7
Temporal: 4.7
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-64432 None

CVE-2025-52565 - container escape due to /dev/console mount and related races

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-52565
MITRE
NVD

Issuing CNA: GitHub_M

 CVE Title: container escape due to /dev/console mount and related races
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09-Nov-25    

Information published.


 Important Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-52565
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
cbl2 moby-runc 1.1.9-9 on CBL Mariner 2.0 Important Unknown None Base: N/A
Temporal: N/A
Vector: N/A
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-52565 None

CVE-2025-40109 - crypto: rng - Ensure set_ent is always present

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-40109
MITRE
NVD

Issuing CNA: Linux

 CVE Title: crypto: rng - Ensure set_ent is always present
CVSS:

CVSS:3.1 Highest BaseScore:4.2/TemporalScore:4.2
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityLow
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    10-Nov-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-40109
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 kernel 6.6.104.2-4 on Azure Linux 3.0 Moderate Unknown None Base: 4.2
Temporal: 4.2
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-40109 None

CVE-2025-12863 - Libxml2: namespace use-after-free in xmlsettreedoc() function of libxml2

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-12863
MITRE
NVD

Issuing CNA: redhat

 CVE Title: Libxml2: namespace use-after-free in xmlsettreedoc() function of libxml2
CVSS:

CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.1
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityProof-of-Concept

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Important Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-12863
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 libxml2 2.11.5-7 on Azure Linux 3.0 Important Unknown None Base: 7.5
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P
 Unknown Unknown None
cbl2 libxml2 2.10.4-9 on CBL Mariner 2.0 Important Unknown None Base: 7.5
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-12863 None

CVE-2025-12875 - mruby array.c ary_fill_exec out-of-bounds write

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2025-12875
MITRE
NVD

Issuing CNA: VulDB

 CVE Title: mruby array.c ary_fill_exec out-of-bounds write
CVSS:

CVSS:3.1 Highest BaseScore:5.3/TemporalScore:4.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityLow
AvailabilityLow
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    11-Nov-25    

Information published.


 Moderate Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2025-12875
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
azl3 nghttp2 1.61.0-2 on Azure Linux 3.0 Moderate Unknown None Base: 5.3
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
 Unknown Unknown None
azl3 rust 1.75.0-21 on Azure Linux 3.0 Moderate Unknown None Base: 5.3
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
 Unknown Unknown None
azl3 rust 1.86.0-9 on Azure Linux 3.0 Moderate Unknown None Base: 5.3
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
 Unknown Unknown None
cbl2 nghttp2 1.57.0-2 on CBL Mariner 2.0 Moderate Unknown None Base: 5.3
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
 Unknown Unknown None
cbl2 rust 1.72.0-11 on CBL Mariner 2.0 Moderate Unknown None Base: 5.3
Temporal: 4.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
 Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2025-12875 None