Download
Beveilingsadvies; NCSC-2025-0213 [1.0.0]
- Beveiligingsadvies
- NCSC-2025-0213 [1.0.0]
- Publicatie
- 08-07-2025 20:23 (Europe/Amsterdam)
- Prioriteit
- Normaal
- Betreft
- Kwetsbaarheden verholpen in Microsoft Windows
Kenmerken
- Missing Support for Integrity Check
- Processor Optimization Removal or Modification of Security-critical Code
- Numeric Truncation Error
- Sensitive Data Storage in Improperly Locked Memory
- Missing Synchronization
- Improper Link Resolution Before File Access ('Link Following')
- Integer Underflow (Wrap or Wraparound)
- Untrusted Pointer Dereference
- Buffer Over-read
- Insufficient UI Warning of Dangerous Operations
- Acceptance of Extraneous Untrusted Data With Trusted Data
- Time-of-check Time-of-use (TOCTOU) Race Condition
- Double Free
- Access of Resource Using Incompatible Type ('Type Confusion')
- Relative Path Traversal
- Integer Overflow or Wraparound
- Protection Mechanism Failure
- Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
- Out-of-bounds Read
- Missing Authentication for Critical Function
- Missing Authorization
- Improper Access Control
- Use After Free
- NULL Pointer Dereference
- Improper Certificate Validation
- Uncontrolled Resource Consumption
- Exposure of Sensitive Information to an Unauthorized Actor
- Heap-based Buffer Overflow
Omschrijving
Microsoft heeft kwetsbaarheden verholpen in Windows.
Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Manipulatie van gegevens
- Omzeilen van een beveiligingsmaatregel
- Uitvoeren van willekeurige code
- Toegang tot gevoelige gegevens
- Verkrijgen van verhoogde rechten
- Spoofing
Windows Cryptographic Services:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-48823 | 5.90 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows Visual Basic Scripting:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-47159 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Capability Access Management Service (camsvc):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-49690 | 7.40 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Update Service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-48799 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Win32K - ICOMP:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-49667 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-49733 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
AMD Store Queue:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-36350 | 5.60 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows StateRepository API:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-49723 | 8.80 | Manipulatie van gegevens |
|----------------|------|-------------------------------------|
Microsoft Windows Search Component:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-49685 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Microsoft Graphics Component:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-49732 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-49742 | 7.80 | Uitvoeren van willekeurige code |
| CVE-2025-49744 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Role: Windows Hyper-V:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-48002 | 5.70 | Toegang tot gevoelige gegevens |
| CVE-2025-48822 | 8.60 | Uitvoeren van willekeurige code |
| CVE-2025-47999 | 6.80 | Denial-of-Service |
|----------------|------|-------------------------------------|
Microsoft Input Method Editor (IME):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-47972 | 8.00 | Verkrijgen van verhoogde rechten |
| CVE-2025-49687 | 8.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-47991 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Ancillary Function Driver for WinSock:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-49661 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Microsoft Windows QoS scheduler:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-49730 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows KDC Proxy Service (KPSSVC):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-49735 | 8.10 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Windows Print Spooler Components:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-49722 | 5.70 | Denial-of-Service |
|----------------|------|-------------------------------------|
Remote Desktop Client:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-33054 | 8.10 | Voordoen als andere gebruiker |
| CVE-2025-48817 | 8.80 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Windows Virtualization-Based Security (VBS) Enclave:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-48803 | 6.70 | Verkrijgen van verhoogde rechten |
| CVE-2025-48811 | 6.70 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Storage VSP Driver:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-47982 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Cred SSProvider Protocol:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-47987 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Microsoft Brokering File System:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-49677 | 7.00 | Verkrijgen van verhoogde rechten |
| CVE-2025-49694 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-49693 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
AMD L1 Data Queue:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-36357 | 5.60 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows Connected Devices Platform Service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-48000 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-49724 | 8.80 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Virtual Hard Disk (VHDX):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-47971 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-49689 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-47973 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-49683 | 7.80 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Storage Port Driver:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-49684 | 5.50 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows User-Mode Driver Framework Host:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-49664 | 5.50 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows SmartScreen:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-49740 | 8.80 | Omzeilen van beveiligingsmaatregel |
|----------------|------|-------------------------------------|
Workspace Broker:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-49665 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
HID class driver:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-48816 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Kerberos:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-47978 | 6.50 | Denial-of-Service |
|----------------|------|-------------------------------------|
Windows Imaging Component:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-47980 | 6.20 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows TDX.sys:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-49658 | 5.50 | Toegang tot gevoelige gegevens |
| CVE-2025-49659 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Microsoft PC Manager:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-47993 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows NTFS:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-49678 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Routing and Remote Access Service (RRAS):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-48824 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-49657 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-49670 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-49671 | 6.50 | Toegang tot gevoelige gegevens |
| CVE-2025-49672 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-49674 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-49676 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-49688 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-49753 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-47998 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-49663 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-49668 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-49669 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-49673 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-49681 | 6.50 | Toegang tot gevoelige gegevens |
| CVE-2025-49729 | 8.80 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Windows Kernel:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-26636 | 5.50 | Toegang tot gevoelige gegevens |
| CVE-2025-48808 | 5.50 | Toegang tot gevoelige gegevens |
| CVE-2025-48809 | 5.50 | Toegang tot gevoelige gegevens |
| CVE-2025-49666 | 7.20 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Windows Remote Desktop Licensing Service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-48814 | 7.50 | Omzeilen van beveiligingsmaatregel |
|----------------|------|-------------------------------------|
Windows Fast FAT Driver:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-49721 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Microsoft MPEG-2 Video Extension:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-48805 | 7.80 | Uitvoeren van willekeurige code |
| CVE-2025-48806 | 7.80 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Windows Win32K - GRFX:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-49727 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Universal Print Management Service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-47986 | 8.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Media:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-49691 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2025-49682 | 7.30 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Netlogon:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-49716 | 5.90 | Denial-of-Service |
|----------------|------|-------------------------------------|
Windows Event Tracing:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-47985 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-49660 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows SMB:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-48802 | 6.50 | Voordoen als andere gebruiker |
|----------------|------|-------------------------------------|
Windows SPNEGO Extended Negotiation:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-47981 | 9.80 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Windows Performance Recorder:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-49680 | 7.30 | Denial-of-Service |
|----------------|------|-------------------------------------|
Windows Secure Kernel Mode:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-48810 | 5.50 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows GDI:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-47984 | 7.50 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows SSDP Service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-47976 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-47975 | 7.00 | Verkrijgen van verhoogde rechten |
| CVE-2025-48815 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows TCP/IP:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-49686 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Kernel Streaming WOW Thunk Service Driver:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-49675 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows MBT Transport driver:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-47996 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Universal Plug and Play (UPnP) Device Host:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-48819 | 7.10 | Verkrijgen van verhoogde rechten |
| CVE-2025-48821 | 7.10 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows AppX Deployment Service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-48820 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows BitLocker:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-48001 | 6.80 | Omzeilen van beveiligingsmaatregel |
| CVE-2025-48003 | 6.80 | Omzeilen van beveiligingsmaatregel |
| CVE-2025-48800 | 6.80 | Omzeilen van beveiligingsmaatregel |
| CVE-2025-48804 | 6.80 | Omzeilen van beveiligingsmaatregel |
| CVE-2025-48818 | 6.80 | Omzeilen van beveiligingsmaatregel |
|----------------|------|-------------------------------------|
Windows Shell:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-49679 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Notification:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-49726 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-49725 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Oplossingen
Microsoft heeft updates beschikbaar gesteld waarmee de beschreven kwetsbaarheden worden verholpen. We raden u aan om deze updates te installeren. Meer informatie over de kwetsbaarheden, de installatie van de updates en eventuele work-arounds vindt u op:
https://portal.msrc.microsoft.com/en-us/security-guidance
CVE's
- CVE-2025-47998 - CVSS (v3) 8.8
- CVE-2025-48000 - CVSS (v3) 7.8
- CVE-2025-48001 - CVSS (v3) 6.8
- CVE-2025-48002 - CVSS (v3) 5.7
- CVE-2025-48003 - CVSS (v3) 6.8
- CVE-2025-48799 - CVSS (v3) 7.8
- CVE-2025-48800 - CVSS (v3) 6.8
- CVE-2025-48803 - CVSS (v3) 6.7
- CVE-2025-48804 - CVSS (v3) 6.8
- CVE-2025-48805 - CVSS (v3) 7.8
- CVE-2025-48806 - CVSS (v3) 7.8
- CVE-2025-48808 - CVSS (v3) 5.5
- CVE-2025-48809 - CVSS (v3) 5.5
- CVE-2025-48810 - CVSS (v3) 5.5
- CVE-2025-48811 - CVSS (v3) 6.7
- CVE-2025-48814 - CVSS (v3) 7.5
- CVE-2025-48815 - CVSS (v3) 7.8
- CVE-2025-48816 - CVSS (v3) 7.8
- CVE-2025-48817 - CVSS (v3) 8.8
- CVE-2025-48818 - CVSS (v3) 6.8
- CVE-2025-48819 - CVSS (v3) 7.1
- CVE-2025-48820 - CVSS (v3) 7.8
- CVE-2025-48821 - CVSS (v3) 7.1
- CVE-2025-48822 - CVSS (v3) 8.6
- CVE-2025-48823 - CVSS (v3) 5.9
- CVE-2025-49659 - CVSS (v3) 7.8
- CVE-2025-49660 - CVSS (v3) 7.8
- CVE-2025-49663 - CVSS (v3) 8.8
- CVE-2025-49664 - CVSS (v3) 5.5
- CVE-2025-49665 - CVSS (v3) 7.8
- CVE-2025-49666 - CVSS (v3) 7.2
- CVE-2025-49667 - CVSS (v3) 7.8
- CVE-2025-49668 - CVSS (v3) 8.8
- CVE-2025-49669 - CVSS (v3) 8.8
- CVE-2025-49673 - CVSS (v3) 8.8
- CVE-2025-49675 - CVSS (v3) 7.8
- CVE-2025-49678 - CVSS (v3) 7.0
- CVE-2025-49679 - CVSS (v3) 7.8
- CVE-2025-49680 - CVSS (v3) 7.3
- CVE-2025-49681 - CVSS (v3) 6.5
- CVE-2025-49682 - CVSS (v3) 7.3
- CVE-2025-49683 - CVSS (v3) 7.8
- CVE-2025-49684 - CVSS (v3) 5.5
- CVE-2025-49693 - CVSS (v3) 7.8
- CVE-2025-49722 - CVSS (v3) 5.7
- CVE-2025-49724 - CVSS (v3) 8.8
- CVE-2025-49725 - CVSS (v3) 7.8
- CVE-2025-49727 - CVSS (v3) 7.0
- CVE-2025-49729 - CVSS (v3) 8.8
- CVE-2025-49730 - CVSS (v3) 7.8
- CVE-2025-49732 - CVSS (v3) 7.8
- CVE-2025-49733 - CVSS (v3) 7.8
- CVE-2025-47999 - CVSS (v3) 6.8
- CVE-2025-49740 - CVSS (v3) 8.8
- CVE-2025-49742 - CVSS (v3) 7.8
- CVE-2025-49744 - CVSS (v3) 7.0
- CVE-2025-49677 - CVSS (v3) 7.0
- CVE-2025-48802 - CVSS (v3) 6.5
- CVE-2025-49685 - CVSS (v3) 7.0
- CVE-2025-49716 - CVSS (v3) 5.9
- CVE-2025-26636 - CVSS (v3) 5.5
- CVE-2025-33054 - CVSS (v3) 8.1
- CVE-2025-47159 - CVSS (v3) 7.8
- CVE-2025-47971 - CVSS (v3) 7.8
- CVE-2025-47972 - CVSS (v3) 8.0
- CVE-2025-47976 - CVSS (v3) 7.8
- CVE-2025-47984 - CVSS (v3) 7.5
- CVE-2025-47985 - CVSS (v3) 7.8
- CVE-2025-47986 - CVSS (v3) 8.8
- CVE-2025-47987 - CVSS (v3) 7.8
- CVE-2025-48824 - CVSS (v3) 8.8
- CVE-2025-49657 - CVSS (v3) 8.8
- CVE-2025-49658 - CVSS (v3) 5.5
- CVE-2025-49661 - CVSS (v3) 7.8
- CVE-2025-49670 - CVSS (v3) 8.8
- CVE-2025-49671 - CVSS (v3) 6.5
- CVE-2025-49672 - CVSS (v3) 8.8
- CVE-2025-49674 - CVSS (v3) 8.8
- CVE-2025-49676 - CVSS (v3) 8.8
- CVE-2025-49686 - CVSS (v3) 7.8
- CVE-2025-49687 - CVSS (v3) 8.8
- CVE-2025-49688 - CVSS (v3) 8.8
- CVE-2025-49689 - CVSS (v3) 7.8
- CVE-2025-49690 - CVSS (v3) 7.4
- CVE-2025-49691 - CVSS (v3) 8.8
- CVE-2025-49694 - CVSS (v3) 7.8
- CVE-2025-47991 - CVSS (v3) 7.8
- CVE-2025-47993 - CVSS (v3) 7.8
- CVE-2025-36357
- CVE-2025-36350
- CVE-2025-49721 - CVSS (v3) 7.8
- CVE-2025-49723 - CVSS (v3) 8.8
- CVE-2025-49726 - CVSS (v3) 7.8
- CVE-2025-49735 - CVSS (v3) 8.1
- CVE-2025-49753 - CVSS (v3) 8.8
- CVE-2025-47973 - CVSS (v3) 7.8
- CVE-2025-47975 - CVSS (v3) 7.0
- CVE-2025-47978 - CVSS (v3) 6.5
- CVE-2025-47980 - CVSS (v3) 6.2
- CVE-2025-47981 - CVSS (v3) 9.8
- CVE-2025-47982 - CVSS (v3) 7.8
- CVE-2025-47996 - CVSS (v3) 7.8
Producten
Microsoft
Remote Desktop client for Windows Desktop
Windows 10 Version 1507
Windows 10 Version 1607
Windows 10 Version 1809
Windows 10 Version 21H2
Windows 10 Version 22H2
Windows 11 Version 23H2
Windows 11 Version 24H2
Windows 11 version 22H2
Windows 11 version 22H3
Windows App Client for Windows Desktop
Windows Server 2008 Service Pack 2
Windows Server 2008 R2 Service Pack 1
Windows Server 2008 R2 Service Pack 1 (Server Core installation)
Windows Server 2008 Service Pack 2
Windows Server 2008 Service Pack 2 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server 2022
Windows Server 2022, 23H2 Edition (Server Core installation)
Windows Server 2025
Windows Server 2025 (Server Core installation)
Disclaimer
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.