Logo NCSC
NCSC | Beveiligingsadviezen

Beveiligingsadviezen

Download

Beveilingsadvies; NCSC-2025-0251 [1.0.0]

Beveiligingsadvies
NCSC-2025-0251 [1.0.0]
Publicatie
13-08-2025 07:25
Prioriteit
Normaal
Betreft
Kwetsbaarheden verholpen in Microsoft Windows

Kenmerken

  • Numeric Truncation Error
  • Missing Synchronization
  • Weak Authentication
  • Improper Restriction of Communication Channel to Intended Endpoints
  • Untrusted Pointer Dereference
  • Improper Handling of Insufficient Permissions or Privileges
  • Time-of-check Time-of-use (TOCTOU) Race Condition
  • Double Free
  • Use of Uninitialized Resource
  • Access of Resource Using Incompatible Type ('Type Confusion')
  • Relative Path Traversal
  • Integer Overflow or Wraparound
  • Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
  • Out-of-bounds Read
  • Missing Authentication for Critical Function
  • Missing Authorization
  • Use After Free
  • NULL Pointer Dereference
  • Uncontrolled Resource Consumption
  • Allocation of Resources Without Limits or Throttling
  • Exposure of Sensitive Information to an Unauthorized Actor
  • Heap-based Buffer Overflow
  • External Control of File Name or Path
  • Improper Authentication

Omschrijving

Microsoft heeft kwetsbaarheden verholpen in Windows, waaronder Hyper-V, Graphics Component, en Routing and Remote Access Service (RRAS).

De kwetsbaarheden omvatten verschillende soorten aanvallen, zoals lokale privilege-escalatie, onterecht toegang tot gevoelige informatie, en de mogelijkheid voor ongeautoriseerde code-uitvoering. ``` Windows Security App: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-53769 | 5.50 | Voordoen als andere gebruiker | |----------------|------|-------------------------------------|

Windows StateRepository API: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-53789 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------|

Windows Win32K - GRFX: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-50161 | 7.30 | Verkrijgen van verhoogde rechten | | CVE-2025-53132 | 8.00 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------|

Desktop Windows Manager: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-50153 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2025-53152 | 7.80 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------|

Graphics Kernel: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-50176 | 7.80 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------|

Windows NTLM: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-53778 | 8.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------|

Windows Ancillary Function Driver for WinSock: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-49762 | 7.00 | Verkrijgen van verhoogde rechten | | CVE-2025-53134 | 7.00 | Verkrijgen van verhoogde rechten | | CVE-2025-53137 | 7.00 | Verkrijgen van verhoogde rechten | | CVE-2025-53141 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2025-53147 | 7.00 | Verkrijgen van verhoogde rechten | | CVE-2025-53154 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2025-53718 | 7.00 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------|

Windows Kernel: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-49761 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2025-53151 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------|

Storage Port Driver: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-53156 | 5.50 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------|

Kernel Transaction Manager: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-53140 | 7.00 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------|

Microsoft Brokering File System: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-53142 | 7.00 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------|

Windows Connected Devices Platform Service: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-53721 | 7.00 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------|

Windows Installer: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-50173 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------|

Microsoft Graphics Component: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-49743 | 6.70 | Verkrijgen van verhoogde rechten | | CVE-2025-50165 | 9.80 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------|

Remote Desktop Server: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-50171 | 9.10 | Voordoen als andere gebruiker | |----------------|------|-------------------------------------|

Windows Kerberos: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-53779 | 7.20 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------|

Windows Routing and Remote Access Service (RRAS): |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-49757 | 8.80 | Uitvoeren van willekeurige code | | CVE-2025-50156 | 5.70 | Toegang tot gevoelige gegevens | | CVE-2025-50160 | 8.00 | Uitvoeren van willekeurige code | | CVE-2025-50162 | 8.00 | Uitvoeren van willekeurige code | | CVE-2025-50163 | 8.80 | Uitvoeren van willekeurige code | | CVE-2025-50164 | 8.00 | Uitvoeren van willekeurige code | | CVE-2025-53138 | 5.70 | Toegang tot gevoelige gegevens | | CVE-2025-53148 | 5.70 | Toegang tot gevoelige gegevens | | CVE-2025-53153 | 5.70 | Toegang tot gevoelige gegevens | | CVE-2025-53719 | 5.70 | Toegang tot gevoelige gegevens | | CVE-2025-53720 | 8.00 | Uitvoeren van willekeurige code | | CVE-2025-50157 | 5.70 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------|

Windows NTFS: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-50158 | 7.00 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------|

Role: Windows Hyper-V: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-49751 | 6.80 | Denial-of-Service | | CVE-2025-50167 | 7.00 | Verkrijgen van verhoogde rechten | | CVE-2025-53155 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2025-53723 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2025-48807 | 7.50 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------|

Windows NT OS Kernel: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-53136 | 5.50 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------|

Windows PrintWorkflowUserSvc: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-53133 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------|

Windows Push Notifications: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-53724 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2025-53725 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2025-53726 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2025-50155 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------|

Windows File Explorer: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-50154 | 7.50 | Voordoen als andere gebruiker | |----------------|------|-------------------------------------|

Windows Remote Desktop Services: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-53722 | 7.50 | Denial-of-Service | |----------------|------|-------------------------------------|

Windows Media: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-53131 | 8.80 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------|

Windows Distributed Transaction Coordinator: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-50166 | 6.50 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------|

Windows SMB: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-50169 | 7.50 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------|

Kernel Streaming WOW Thunk Service Driver: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-53149 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------|

Windows Cloud Files Mini Filter Driver: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-50170 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------|

Windows DirectX: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-50172 | 6.50 | Denial-of-Service | | CVE-2025-53135 | 7.00 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------|

Remote Access Point-to-Point Protocol (PPP) EAP-TLS: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-50159 | 7.30 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------|

Windows Local Security Authority Subsystem Service (LSASS): |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-53716 | 6.50 | Denial-of-Service | |----------------|------|-------------------------------------|

Windows GDI+: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-53766 | 9.80 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------|

Windows Message Queuing: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-50177 | 8.10 | Uitvoeren van willekeurige code | | CVE-2025-53143 | 8.80 | Uitvoeren van willekeurige code | | CVE-2025-53144 | 8.80 | Uitvoeren van willekeurige code | | CVE-2025-53145 | 8.80 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------|

Windows Win32K - ICOMP: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2025-50168 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| ```

Oplossingen

Microsoft heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Referenties

CVE's

Producten

Microsoft
Windows 10 Version 22H2 10.0.19045.0|<10.0.19044.6093, 10.0.19045.0|<10.0.19045.6216 known_affected
Windows 10 Version 22H2 for 32-bit Systems 10.0.19045.6216 known_affected
Windows 10 Version 22H2 for ARM64-based Systems 10.0.19045.6216 known_affected
Windows 10 Version 22H2 for x64-based Systems 10.0.19045.6216 known_affected
Windows 10 for 32-bit Systems 10.0.10240.21100 known_affected
Windows 10 for x64-based Systems 10.0.10240.21100 known_affected
Windows 11 21h2 10.0.22000.3533 on aarch64, 10.0.22000.3533 on x86 64, 10.0.22000.3592 on aarch64, 10.0.22000.3592 on x86 64, 10.0.22000.3839 on aarch64, 10.0.22000.3839 on x86 64 known_affected
Windows 11 22H2 10.0.22621.4659 on aarch64, 10.0.22621.4659 on x86 64, 10.0.22621.4880 on aarch64, 10.0.22621.4880 on x86 64, 10.0.22621.5033 on aarch64, 10.0.22621.5033 on x86 64, 10.0.22621.5624 on aarch64, 10.0.22621.5624 on x86 64, 10.0.22621.5768 on aarch64, 10.0.22621.5768 on x64, 10.0.22621.5768 on x86 64, 10.0.22631.5624 on aarch64 known_affected

Disclaimer

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.