Download
Beveilingsadvies; NCSC-2025-0310 [1.0.2]
- Beveiligingsadvies
- NCSC-2025-0310 [1.0.2]
- Publicatie
- 24-10-2025 13:09 (Europe/Amsterdam)
- Prioriteit
- Hoog
- Betreft
- Kwetsbaarheden verholpen in Microsoft Windows
Revisies
| Versie | Datum | Opmerking | |
|---|---|---|---|
| 1.0.2 | 24-10-2025 11:09 | De originele update om de kwetsbaarheid met kenmerk CVE-2025-59287 te verhelpen blijkt niet afdoende. Microsoft heeft een Out-of-Band patch uitgebracht om additionele oplossingen te bieden. | |
| 1.0.1 | 24-10-2025 08:24 | Het NCSC heeft van een vertrouwde partner vernomen dat op 24 oktober 2025 misbruik van CVE-2025-59287 is waargenomen. Tevens is er publieke proof-of-conceptcode beschikbaar voor de betreffende CVE, wat het risico op misbruik verhoogt. Het is goed gebruik om WSUS niet direct aan het internet te ontsluiten. | Bekijken |
| 1.0.0 | 14-10-2025 18:03 | Initiele versie | Bekijken |
Kenmerken
- Improper Input Validation
- Improper Link Resolution Before File Access ('Link Following')
- External Control of File Name or Path
- Improper Restriction of Operations within the Bounds of a Memory Buffer
- Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
- Stack-based Buffer Overflow
- Heap-based Buffer Overflow
- Out-of-bounds Read
- Buffer Over-read
- Integer Overflow or Wraparound
- Integer Underflow (Wrap or Wraparound)
- Exposure of Sensitive Information to an Unauthorized Actor
- Generation of Error Message Containing Sensitive Information
- Improper Access Control
- Improper Authentication
- Cleartext Storage of Sensitive Information
- Cleartext Transmission of Sensitive Information
- Use of a Key Past its Expiration Date
- Improper Verification of Cryptographic Signature
- Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
- Time-of-check Time-of-use (TOCTOU) Race Condition
- Double Free
- Use After Free
- NULL Pointer Dereference
- Deserialization of Untrusted Data
- Insertion of Sensitive Information into Log File
- Reliance on Untrusted Inputs in a Security Decision
- Untrusted Pointer Dereference
- Improper Enforcement of Behavioral Workflow
- Use of Uninitialized Resource
- Incomplete Comparison with Missing Factors
- Use of a Cryptographic Primitive with a Risky Implementation
- Improper Validation of Specified Type of Input
Omschrijving
Microsoft heeft kwetsbaarheden verholpen in Windows.
Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service
- Omzeilen van een beveiligingsmaatregel
- Manipulatie van gegevens
- Uitvoeren van willekeurige code (gebruikersrechten)
- Uitvoeren van willekeurige code (root/adminrechten)
- Toegang tot gevoelige gegevens
- Verkrijgen van verhoogde rechten
- Spoofing
De ernstigste kwetsbaarheden hebben de kenmerken CVE-2025-49708 en CVE-2025-59287 toegewezen gekregen. De kwetsbaarheid met kenmerk CVE-2025-49708 bevindt zich in de Graphics Component en stelt een kwaadwillende in staat om uit een Virtual Machine (VM) te breken en acties uit te voeren op de onderliggende Host. De kwetsbaarheid met kenmerk CVE-2025-59287 bevindt zich in de Windows Server Update Servce (WSUS) en stelt een kwaadwillende in staat om op afstand willekeurige code uit te voeren op het kwetsbare systeem.
Van de kwetsbaarheid met kenmerk CVE-2025-59230 meldt Microsoft informatie te hebben dat deze actief is misbruikt op verouderde systemen. De kwetsbaarheid bevindt zich in de Remote Access Connection Manager stelt een lokale, geauthenticeerde kwaadwillende in staat om zich SYSTEM-rechten toe te kennen en zo mogelijk willekeurige code uit te voeren als SYSTEM
Update:
Het NCSC heeft van een vertrouwde partner vernomen dat op 24 oktober 2025 misbruik van de kwetsbaarheid met kenmerk CVE-2025-59287 is waargenomen. Deze kwetsbaarheid bevindt zich in de WSUS-service en stelt een kwaadwillende in staat om willekeurige code uit te voeren op het kwetsbare systeem. Het is niet gebruikelijk een WSUS service publiek via internet toegankelijk te hebben. Inmiddels is er publieke proof-of-conceptcode beschikbaar voor de betreffende kwetsbaarheid, wat het risico op misbruik verhoogt.
De in deze Patch-Tuesday update uitgebrachte oplossing voor deze kwetsbaarheid blijkt niet afdoende te zijn. Microsoft heeft hiervoor een out-of-band patch uitgebracht die zo spoedig mogelijk aanvullend op de Patch-Tuesday update dient te worden ingezet.
Windows Confidential Virtual Machines (CVM):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-48813 | 6.30 | Voordoen als andere gebruiker |
|----------------|------|-------------------------------------|
Windows Resilient File System (ReFS):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-55687 | 7.40 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows DirectX:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-55678 | 7.00 | Verkrijgen van verhoogde rechten |
| CVE-2025-55698 | 7.70 | Denial-of-Service |
|----------------|------|-------------------------------------|
Windows DWM:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-55681 | 7.00 | Verkrijgen van verhoogde rechten |
| CVE-2025-58722 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Xbox:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-53768 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Kernel:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59186 | 5.50 | Toegang tot gevoelige gegevens |
| CVE-2025-59207 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-50152 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-55334 | 6.20 | Omzeilen van beveiligingsmaatregel |
| CVE-2025-55679 | 5.10 | Toegang tot gevoelige gegevens |
| CVE-2025-55683 | 5.50 | Toegang tot gevoelige gegevens |
| CVE-2025-55693 | 7.40 | Verkrijgen van verhoogde rechten |
| CVE-2025-55699 | 5.50 | Toegang tot gevoelige gegevens |
| CVE-2025-59187 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-59194 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Routing and Remote Access Service (RRAS):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-55700 | 6.50 | Toegang tot gevoelige gegevens |
| CVE-2025-58717 | 6.50 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Inbox COM Objects:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-58732 | 7.00 | Uitvoeren van willekeurige code |
| CVE-2025-58735 | 7.00 | Uitvoeren van willekeurige code |
| CVE-2025-59282 | 7.00 | Uitvoeren van willekeurige code |
| CVE-2025-58730 | 7.00 | Uitvoeren van willekeurige code |
| CVE-2025-58731 | 7.00 | Uitvoeren van willekeurige code |
| CVE-2025-58733 | 7.00 | Uitvoeren van willekeurige code |
| CVE-2025-58734 | 7.00 | Uitvoeren van willekeurige code |
| CVE-2025-58736 | 7.00 | Uitvoeren van willekeurige code |
| CVE-2025-58738 | 7.00 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Agere Windows Modem Driver:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-24990 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-24052 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Active Directory Federation Services:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59258 | 6.20 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows Push Notification Core:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59211 | 5.50 | Toegang tot gevoelige gegevens |
| CVE-2025-59209 | 5.50 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows Authentication Methods:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59277 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-59275 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-59278 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows File Explorer:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-58739 | 6.50 | Voordoen als andere gebruiker |
| CVE-2025-59214 | 6.50 | Voordoen als andere gebruiker |
|----------------|------|-------------------------------------|
Data Sharing Service Client:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59200 | 7.70 | Voordoen als andere gebruiker |
|----------------|------|-------------------------------------|
Windows Hyper-V:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-55328 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows NTFS:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-55335 | 7.40 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows ETL Channel:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59197 | 5.50 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Microsoft Failover Cluster Virtual Driver:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59260 | 5.50 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows Server Update Service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59287 | 9.80 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Microsoft Windows Speech:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-58715 | 8.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-58716 | 8.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows NTLM:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59284 | 3.30 | Voordoen als andere gebruiker |
|----------------|------|-------------------------------------|
Windows COM:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-58725 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Network Connection Status Indicator (NCSI):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59201 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
TCG TPM2.0:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-2884 | 5.30 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows MapUrlToZone:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59208 | 7.10 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Internet Explorer:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59295 | 8.80 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Windows Core Shell:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59185 | 6.50 | Voordoen als andere gebruiker |
| CVE-2025-59244 | 6.50 | Voordoen als andere gebruiker |
|----------------|------|-------------------------------------|
Windows SMB Server:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-58726 | 7.50 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Remote Access Connection Manager:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59230 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows PrintWorkflowUserSvc:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-55685 | 7.00 | Verkrijgen van verhoogde rechten |
| CVE-2025-55686 | 7.00 | Verkrijgen van verhoogde rechten |
| CVE-2025-55689 | 7.00 | Verkrijgen van verhoogde rechten |
| CVE-2025-55331 | 7.00 | Verkrijgen van verhoogde rechten |
| CVE-2025-55684 | 7.00 | Verkrijgen van verhoogde rechten |
| CVE-2025-55688 | 7.00 | Verkrijgen van verhoogde rechten |
| CVE-2025-55690 | 7.00 | Verkrijgen van verhoogde rechten |
| CVE-2025-55691 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Taskbar Live:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59294 | 2.10 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows BitLocker:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-55333 | 6.10 | Omzeilen van beveiligingsmaatregel |
| CVE-2025-55338 | 6.10 | Omzeilen van beveiligingsmaatregel |
| CVE-2025-55330 | 6.10 | Omzeilen van beveiligingsmaatregel |
| CVE-2025-55332 | 6.10 | Omzeilen van beveiligingsmaatregel |
| CVE-2025-55337 | 6.10 | Omzeilen van beveiligingsmaatregel |
| CVE-2025-55682 | 6.10 | Omzeilen van beveiligingsmaatregel |
|----------------|------|-------------------------------------|
NtQueryInformation Token function (ntifs.h):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-55696 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows USB Video Driver:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-55676 | 5.50 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows Ancillary Function Driver for WinSock:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59242 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-58714 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Azure Local:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-55697 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Local Session Manager (LSM):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59257 | 6.50 | Denial-of-Service |
| CVE-2025-59259 | 6.50 | Denial-of-Service |
| CVE-2025-58729 | 6.50 | Denial-of-Service |
|----------------|------|-------------------------------------|
Windows Resilient File System (ReFS) Deduplication Service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59206 | 7.40 | Verkrijgen van verhoogde rechten |
| CVE-2025-59210 | 7.40 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Virtualization-Based Security (VBS) Enclave:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-53717 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Cloud Files Mini Filter Driver:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-55336 | 5.50 | Toegang tot gevoelige gegevens |
| CVE-2025-55680 | 8.40 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows WLAN Auto Config Service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-55695 | 5.50 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Software Protection Platform (SPP):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59199 | 8.40 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Cryptographic Services:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-58720 | 7.80 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Remote Desktop Client:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-58718 | 8.80 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Windows StateRepository API:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59203 | 5.50 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Microsoft Windows Search Component:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59190 | 5.50 | Denial-of-Service |
| CVE-2025-59198 | 5.00 | Denial-of-Service |
| CVE-2025-59253 | 5.50 | Denial-of-Service |
|----------------|------|-------------------------------------|
Windows Failover Cluster:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-47979 | 5.50 | Toegang tot gevoelige gegevens |
| CVE-2025-59188 | 5.50 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows SMB Client:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59280 | 3.10 | Manipulatie van gegevens |
|----------------|------|-------------------------------------|
Windows Secure Boot:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-47827 | 4.60 | Omzeilen van beveiligingsmaatregel |
|----------------|------|-------------------------------------|
Microsoft PowerShell:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-25004 | 7.30 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Microsoft Windows:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-55701 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Microsoft Windows Codecs Library:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-54957 | 7.00 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Windows Error Reporting:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-55692 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-55694 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows SSDP Service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59196 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Storport.sys Driver:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59192 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Remote Desktop Protocol:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-55340 | 7.00 | Omzeilen van beveiligingsmaatregel |
|----------------|------|-------------------------------------|
Windows Connected Devices Platform Service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-58727 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows NDIS:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-55339 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Health and Optimized Experiences Service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59241 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Remote Desktop Services:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59202 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows High Availability Services:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59184 | 5.50 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Microsoft Brokering File System:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-48004 | 7.40 | Verkrijgen van verhoogde rechten |
| CVE-2025-59189 | 7.40 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows DWM Core Library:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59254 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-59255 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Digital Media:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-53150 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-50175 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Hello:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-53139 | 7.70 | Omzeilen van beveiligingsmaatregel |
|----------------|------|-------------------------------------|
Connected Devices Platform Service (Cdpsvc):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-58719 | 4.70 | Verkrijgen van verhoogde rechten |
| CVE-2025-55326 | 7.50 | Uitvoeren van willekeurige code |
| CVE-2025-59191 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Device Association Broker service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-50174 | 7.00 | Verkrijgen van verhoogde rechten |
| CVE-2025-55677 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Bluetooth Service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-58728 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-59290 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2025-59289 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Storage Management Provider:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-55325 | 5.50 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows Management Services:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59204 | 5.50 | Toegang tot gevoelige gegevens |
| CVE-2025-59193 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Remote Desktop:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-58737 | 7.00 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Microsoft Graphics Component:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-59195 | 7.00 | Denial-of-Service |
| CVE-2025-49708 | 9.90 | Uitvoeren van willekeurige code |
| CVE-2016-9535 | 4.00 | Uitvoeren van willekeurige code |
| CVE-2025-59205 | 7.00 | Verkrijgen van verhoogde rechten |
| CVE-2025-59261 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Update: Het NCSC heeft van een vertrouwde partner vernomen dat op 24 oktober 2025 misbruik van CVE-2025-59287 is waargenomen. Tevens is er publieke proof-of-conceptcode beschikbaar voor de betreffende CVE, wat het risico op misbruik verhoogt. Het is goed gebruik om WSUS niet direct aan het internet te ontsluiten.
Oplossingen
Microsoft heeft updates beschikbaar gesteld waarmee de beschreven kwetsbaarheden worden verholpen. We raden u aan om deze updates te installeren. Meer informatie over de kwetsbaarheden, de installatie van de updates en eventuele work-arounds vindt u op:
https://portal.msrc.microsoft.com/en-us/security-guidance
Voor aanvullende informatie en eventuele workarounds met betrekking tot de kwetsbaarheid met kenmerk CVE-2025-59287 heeft microsoft de informatie bij deze kwetsbaarheid geactualiseerd. Zie de detailpagina op:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59287
Referenties
CVE's
- CVE-2025-59258 - CVSS (v3) 6.2
- CVE-2025-47979 - CVSS (v3) 5.5
- CVE-2025-55683 - CVSS (v3) 5.5
- CVE-2025-55697 - CVSS (v3) 7.8
- CVE-2025-58737 - CVSS (v3) 7.0
- CVE-2025-59184 - CVSS (v3) 5.5
- CVE-2025-59188 - CVSS (v3) 5.5
- CVE-2025-59260 - CVSS (v3) 5.5
- CVE-2025-59287 - CVSS (v3) 9.8
- CVE-2025-48004 - CVSS (v3) 7.4
- CVE-2025-50174 - CVSS (v3) 7.0
- CVE-2025-24990 - CVSS (v3) 7.8
- CVE-2025-24052 - CVSS (v3) 7.8
- CVE-2025-55325 - CVSS (v3) 5.5
- CVE-2025-55333 - CVSS (v3) 6.1
- CVE-2025-55335 - CVSS (v3) 7.4
- CVE-2025-55336 - CVSS (v3) 5.5
- CVE-2025-55338 - CVSS (v3) 6.1
- CVE-2025-55339 - CVSS (v3) 7.8
- CVE-2025-55340 - CVSS (v3) 7.0
- CVE-2025-55676 - CVSS (v3) 5.5
- CVE-2025-55677 - CVSS (v3) 7.8
- CVE-2025-55681 - CVSS (v3) 7.0
- CVE-2025-55685 - CVSS (v3) 7.0
- CVE-2025-55686 - CVSS (v3) 7.0
- CVE-2025-55687 - CVSS (v3) 7.4
- CVE-2025-55689 - CVSS (v3) 7.0
- CVE-2025-55700 - CVSS (v3) 6.5
- CVE-2025-55701 - CVSS (v3) 7.8
- CVE-2025-58715 - CVSS (v3) 8.8
- CVE-2025-58716 - CVSS (v3) 8.8
- CVE-2025-58717 - CVSS (v3) 6.5
- CVE-2025-58719 - CVSS (v3) 4.7
- CVE-2025-58722 - CVSS (v3) 7.8
- CVE-2025-58728 - CVSS (v3) 7.8
- CVE-2025-58732 - CVSS (v3) 7.0
- CVE-2025-58735 - CVSS (v3) 7.0
- CVE-2025-59185 - CVSS (v3) 6.5
- CVE-2025-59195 - CVSS (v3) 7.0
- CVE-2025-59196 - CVSS (v3) 7.0
- CVE-2025-59199 - CVSS (v3) 7.8
- CVE-2025-59200 - CVSS (v3) 7.7
- CVE-2025-59201 - CVSS (v3) 7.8
- CVE-2025-59202 - CVSS (v3) 7.0
- CVE-2025-59204 - CVSS (v3) 5.5
- CVE-2025-59206 - CVSS (v3) 7.4
- CVE-2025-59207 - CVSS (v3) 7.8
- CVE-2025-59211 - CVSS (v3) 5.5
- CVE-2025-59242 - CVSS (v3) 7.8
- CVE-2025-49708 - CVSS (v3) 9.9
- CVE-2025-59254 - CVSS (v3) 7.8
- CVE-2025-59255 - CVSS (v3) 7.8
- CVE-2025-54957 - CVSS (v3) 7.0
- CVE-2025-59257 - CVSS (v3) 6.5
- CVE-2025-59259 - CVSS (v3) 6.5
- CVE-2025-59282 - CVSS (v3) 7.0
- CVE-2025-59284 - CVSS (v3) 3.3
- CVE-2025-59294 - CVSS (v3) 2.1
- CVE-2025-59295 - CVSS (v3) 8.8
- CVE-2016-9535 - CVSS (v3) 9.8
- CVE-2025-48813 - CVSS (v3) 6.3
- CVE-2025-25004 - CVSS (v3) 7.3
- CVE-2025-53717 - CVSS (v3) 7.0
- CVE-2025-50152 - CVSS (v3) 7.8
- CVE-2025-53150 - CVSS (v3) 7.8
- CVE-2025-50175 - CVSS (v3) 7.8
- CVE-2025-53139 - CVSS (v3) 7.7
- CVE-2025-53768 - CVSS (v3) 7.8
- CVE-2025-55328 - CVSS (v3) 7.8
- CVE-2025-55330 - CVSS (v3) 6.1
- CVE-2025-55331 - CVSS (v3) 7.0
- CVE-2025-55332 - CVSS (v3) 6.1
- CVE-2025-55334 - CVSS (v3) 6.2
- CVE-2025-55337 - CVSS (v3) 6.1
- CVE-2025-55678 - CVSS (v3) 7.0
- CVE-2025-55679 - CVSS (v3) 5.1
- CVE-2025-55680 - CVSS (v3) 7.8
- CVE-2025-55682 - CVSS (v3) 6.1
- CVE-2025-55684 - CVSS (v3) 7.0
- CVE-2025-55688 - CVSS (v3) 7.0
- CVE-2025-55690 - CVSS (v3) 7.0
- CVE-2025-55691 - CVSS (v3) 7.0
- CVE-2025-55692 - CVSS (v3) 7.8
- CVE-2025-55693 - CVSS (v3) 7.4
- CVE-2025-55694 - CVSS (v3) 7.8
- CVE-2025-55695 - CVSS (v3) 5.5
- CVE-2025-55696 - CVSS (v3) 7.8
- CVE-2025-55698 - CVSS (v3) 7.7
- CVE-2025-55699 - CVSS (v3) 5.5
- CVE-2025-58714 - CVSS (v3) 7.8
- CVE-2025-58718 - CVSS (v3) 8.8
- CVE-2025-58720 - CVSS (v3) 7.8
- CVE-2025-58725 - CVSS (v3) 7.0
- CVE-2025-58726 - CVSS (v3) 7.5
- CVE-2025-58727 - CVSS (v3) 7.0
- CVE-2025-58729 - CVSS (v3) 6.5
- CVE-2025-58730 - CVSS (v3) 7.0
- CVE-2025-58731 - CVSS (v3) 7.0
- CVE-2025-58733 - CVSS (v3) 7.0
- CVE-2025-58734 - CVSS (v3) 7.0
- CVE-2025-58736 - CVSS (v3) 7.0
- CVE-2025-58738 - CVSS (v3) 7.0
- CVE-2025-58739 - CVSS (v3) 6.5
- CVE-2025-59187 - CVSS (v3) 7.8
- CVE-2025-59189 - CVSS (v3) 7.4
- CVE-2025-59190 - CVSS (v3) 5.5
- CVE-2025-59191 - CVSS (v3) 7.8
- CVE-2025-59192 - CVSS (v3) 7.8
- CVE-2025-59193 - CVSS (v3) 7.0
- CVE-2025-59194 - CVSS (v3) 7.0
- CVE-2025-59197 - CVSS (v3) 5.5
- CVE-2025-59198 - CVSS (v3) 5.0
- CVE-2025-59203 - CVSS (v3) 5.5
- CVE-2025-59205 - CVSS (v3) 7.0
- CVE-2025-59208 - CVSS (v3) 7.1
- CVE-2025-59209 - CVSS (v3) 5.5
- CVE-2025-59210 - CVSS (v3) 7.4
- CVE-2025-59214 - CVSS (v3) 6.5
- CVE-2025-59241 - CVSS (v3) 7.8
- CVE-2025-2884 - CVSS (v3) 6.6
- CVE-2025-59244 - CVSS (v3) 6.5
- CVE-2025-59230 - CVSS (v3) 7.8
- CVE-2025-59253 - CVSS (v3) 5.5
- CVE-2025-59261 - CVSS (v3) 7.0
- CVE-2025-47827 - CVSS (v4) 2.0
- CVE-2025-59277 - CVSS (v3) 7.8
- CVE-2025-59280 - CVSS (v3) 3.1
- CVE-2025-59290 - CVSS (v3) 7.8
- CVE-2025-55326 - CVSS (v3) 7.5
- CVE-2025-59275 - CVSS (v3) 7.8
- CVE-2025-59278 - CVSS (v3) 7.8
- CVE-2025-59289 - CVSS (v3) 7.0
- CVE-2025-59186 - CVSS (v3) 5.5
Producten
Microsoft
Windows 10 1809
Windows 10 21h2
Windows 10 22h2
Windows 10 Version 1507
Windows 10 Version 1607
Windows 10 Version 1809
Windows 10 Version 21H2
Windows 10 Version 22H2
Windows 11 22H2
Windows 11 23H2
Windows 11 Version 23H2
Windows 11 Version 24H2
Windows 11 Version 25H2
Windows 11 version 22H2
Windows 11 version 22H3
Windows Server 2008 R2 Service Pack 1
Windows Server 2008 R2 Service Pack 1 (Server Core installation)
Windows Server 2008 Service Pack 2
Windows Server 2008 Service Pack 2 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server 2022
Windows Server 2022, 23H2 Edition (Server Core installation)
Windows Server 2025
Windows Server 2025 (Server Core installation)
Disclaimer
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.