Kwetsbaarheden verholpen in Microsoft Windows
Deze pagina zet de platte tekst van officiële advisories automatisch
om naar HTML. Hierbij kan mogelijk informatie verloren gaan. De Signed
PGP-versies zijn leidend.
| Publicatie |
Kans |
Schade |
|
|
| |
Versie 1.00 |
10-06-2025 |
NCSC-2025-0188 |
|
| |
medium
|
high
|
Signed-PGP →
CSAF →
PDF →
|
|
| 10-06-2025 |
medium
|
high
|
NCSC-2025-0188 [1.00] |
Signed-PGP →
Text,
CSAF
(sig),
PDF
|
| Kenmerken |
Kenmerken
- Use After Free
- Out-of-bounds Read
- External Control of File Name or Path
- Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
- Improper Link Resolution Before File Access ('Link Following')
- Missing Release of Memory after Effective Lifetime
- Exposure of Sensitive Information to an Unauthorized Actor
- Untrusted Pointer Dereference
- Buffer Over-read
- Improper Verification of Cryptographic Signature
- Integer Overflow or Wraparound
- Heap-based Buffer Overflow
- Improper Privilege Management
- NULL Pointer Dereference
- Improper Access Control
- Use of Uninitialized Resource
- Uncontrolled Resource Consumption
- Protection Mechanism Failure
|
| Omschrijving |
Omschrijving
Microsoft heeft kwetsbaarheden verholpen in Windows.
Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
Denial of Service (DoS)
Omzeilen van een beveiligingsmaatregel
Uitvoeren van willekeurige code (Gebruikersrechten)
Uitvoeren van willekeurige code (Root/Adminrechten)
Toegang tot gevoelige gegevens
Verkrijgen van verhoogde rechten
Spoofing
```
Windows Recovery Driver:
Windows Security App:
App Control for Business (WDAC):
Windows Remote Desktop Services:
Windows Storage Management Provider:
Windows Local Security Authority Subsystem Service (LSASS):
Windows KDC Proxy Service (KPSSVC):
Windows Remote Access Connection Manager:
Remote Desktop Client:
Windows Storage Port Driver:
Windows Installer:
Windows Hello:
WebDAV:
Windows Standards-Based Storage Management Service:
Windows Cryptographic Services:
Windows Win32K - GRFX:
Windows Routing and Remote Access Service (RRAS):
Windows Kernel:
Windows Secure Boot:
| CVE-ID | CVSS | Impact |
|---|
| CVE-2025-3052 | 6.70 | Omzeilen van beveiligingsmaatregel |
Windows Media:
Windows Netlogon:
Windows SMB:
Windows Common Log File System Driver:
Windows Local Security Authority (LSA):
Microsoft Local Security Authority Server (lsasrv):
Windows DHCP Server:
Windows DWM Core Library:
Windows Shell:
```
|
| Bereik |
Bereik
| Platforms |
Producten |
Versies |
|
Microsoft Remote Desktop client for Windows Desktop
Microsoft Windows 10 Version 1507
Microsoft Windows 10 Version 1607
Microsoft Windows 10 Version 1607 for 32-bit Systems
Microsoft Windows 10 Version 1607 for x64-based Systems
Microsoft Windows 10 Version 1809
Microsoft Windows 10 Version 1809 for 32-bit Systems
Microsoft Windows 10 Version 1809 for x64-based Systems
Microsoft Windows 10 Version 21H2
Microsoft Windows 10 Version 21H2 for 32-bit Systems
Microsoft Windows 10 Version 21H2 for ARM64-based Systems Microsoft Windows 10 Version 21H2 for x64-based Systems Microsoft Windows 10 Version 22H2 Microsoft Windows 10 Version 22H2 for 32-bit Systems Microsoft Windows 10 Version 22H2 for ARM64-based Systems Microsoft Windows 10 Version 22H2 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 11 Version 22H2 for ARM64-based Systems Microsoft Windows 11 Version 22H2 for x64-based Systems Microsoft Windows 11 Version 23H2 Microsoft Windows 11 Version 23H2 for ARM64-based Systems Microsoft Windows 11 Version 23H2 for x64-based Systems Microsoft Windows 11 Version 24H2 Microsoft Windows 11 Version 24H2 for ARM64-based Systems Microsoft Windows 11 Version 24H2 for x64-based Systems Microsoft Windows 11 version 22H2 Microsoft Windows 11 version 22H3 Microsoft Windows App Client for Windows Desktop Microsoft Windows Security App Microsoft Windows Server 2008 Service Pack 2 Microsoft Windows Server 2008 R2 Service Pack 1 Microsoft Windows Server 2008 R2 Service Pack 1 (Server Core installation) Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2008 Service Pack 2 Microsoft Windows Server 2008 Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server 2022 Microsoft Windows Server 2022 (Server Core installation) Microsoft Windows Server 2022, 23H2 Edition (Server Core installation) Microsoft Windows Server 2025 Microsoft Windows Server 2025 (Server Core installation)
|
10.0.14393.8148 - 10.0.14393.8148 - 10.0.17763.7434 - 10.0.17763.7434 - 10.0.19044.5965 - 10.0.19044.5965 - 10.0.19044.5965 - 10.0.19045.5965 - 10.0.19045.5965 - 10.0.19045.5965 - 10.0.10240.21034 - 10.0.10240.21034 - 10.0.22621.5472 - 10.0.22621.5472 - 10.0.22631.5472 - 10.0.22631.5472 - 10.0.26100.4349 - 10.0.26100.4349 - 10.0.14393.8066 - 10.0.14393.8066 - 10.0.17763.7314 - 10.0.17763.7314 - 10.0.20348.3807 - 10.0.20348.3807 - 10.0.25398.1665 - 10.0.26100.4349 - 10.0.26100.4349 - 1.2.0.0|<1.2.6278.0 - 10.0.10240.0|<10.0.10240.21014 - 10.0.10240.0|<10.0.10240.21034 - 10.0.14393.0|<10.0.14393.8066 - 10.0.14393.0|<10.0.14393.8148 - 10.0.17763.0|<10.0.17763.7314 - 10.0.17763.0|<10.0.17763.7434 - 10.0.19044.0|<10.0.19044.5854 - 10.0.19044.0|<10.0.19044.5965 - 10.0.19045.0|<10.0.19045.5854 - 10.0.19045.0|<10.0.19045.5965 - 10.0.22631.0|<10.0.22621.5335 - 10.0.22631.0|<10.0.22631.5335 - 10.0.22631.0|<10.0.22631.5472 - 10.0.26100.0|<10.0.26100.4061 - 10.0.26100.0|<10.0.26100.4349 - 10.0.22621.0|<10.0.22621.5335 - 10.0.22621.0|<10.0.22621.5472 - 10.0.22631.0|<10.0.22621.5335 - 10.0.22631.0|<10.0.22631.5335 - 10.0.22631.0|<10.0.22631.5472 - 1.00|<2.0.505.0 - 1000.0.0.0|<1000.27840.0.1000 - 6.0.6003.0|<6.0.6003.23317 - 6.0.6003.0|<6.0.6003.23351 - 6.1.7601.0|<6.1.7601.27729 - 6.1.7601.0|<6.1.7601.27769 - 6.1.7601.0|<6.1.7601.27729 - 6.1.7601.0|<6.1.7601.27769 - 6.1.7601.27729 - 6.1.7601.27729 - 6.0.6003.23317 - 6.0.6003.23317 - 6.0.6003.23317 - 6.0.6003.23317 - 6.2.9200.25475 - 6.2.9200.25475 - 6.3.9600.22577 - 6.3.9600.22577 - 6.0.6003.0|<6.0.6003.23317 - 6.0.6003.0|<6.0.6003.23351 - 6.0.6003.0|<6.0.6003.23317 - 6.0.6003.0|<6.0.6003.23351 - 6.2.9200.0|<6.2.9200.25475 - 6.2.9200.0|<6.2.9200.25522 - 6.2.9200.0|<6.2.9200.25475 - 6.2.9200.0|<6.2.9200.25522 - 6.3.9600.0|<6.3.9600.22577 - 6.3.9600.0|<6.3.9600.22620 - 6.3.9600.0|<6.3.9600.22577 - 6.3.9600.0|<6.3.9600.22620 - 10.0.14393.0|<10.0.14393.8066 - 10.0.14393.0|<10.0.14393.8148 - 10.0.14393.0|<10.0.14393.8066 - 10.0.14393.0|<10.0.14393.8148 - 10.0.17763.0|<10.0.17763.7314 - 10.0.17763.0|<10.0.17763.7434 - 10.0.17763.0|<10.0.17763.7314 - 10.0.17763.0|<10.0.17763.7434 - 10.0.20348.0|<10.0.20348.3692 - 10.0.20348.0|<10.0.20348.3807 - 10.0.25398.0|<10.0.25398.1611 - 10.0.25398.0|<10.0.25398.1665 - 10.0.26100.0|<10.0.26100.4061 - 10.0.26100.0|<10.0.26100.4349 - 10.0.26100.0|<10.0.26100.4061 - 10.0.26100.0|<10.0.26100.4349
|
|
| Oplossingen |
Oplossingen
Microsoft heeft updates beschikbaar gesteld waarmee de beschreven kwetsbaarheden worden verholpen. We raden u aan om deze updates te installeren. Meer informatie over de kwetsbaarheden, de installatie van de updates en eventuele work-arounds [Link]
|
| CVE’s |
CVE’s
CVE-2025-3052, CVE-2025-24065, CVE-2025-24068, CVE-2025-24069, CVE-2025-29828, CVE-2025-32710, CVE-2025-32712, CVE-2025-32713, CVE-2025-32714, CVE-2025-32715, CVE-2025-32716, CVE-2025-32718, CVE-2025-32719, CVE-2025-32720, CVE-2025-32721, CVE-2025-32722, CVE-2025-32724, CVE-2025-32725, CVE-2025-33050, CVE-2025-33052, CVE-2025-33053, CVE-2025-33055, CVE-2025-33056, CVE-2025-33057, CVE-2025-33058, CVE-2025-33059, CVE-2025-33060, CVE-2025-33061, CVE-2025-33062, CVE-2025-33063, CVE-2025-33064, CVE-2025-33065, CVE-2025-33066, CVE-2025-33067, CVE-2025-33068, CVE-2025-33069, CVE-2025-33070, CVE-2025-33071, CVE-2025-33073, CVE-2025-33075, CVE-2025-47160, CVE-2025-47955, CVE-2025-47956, CVE-2025-47969
|
| |
Versie 1.00 |
10-06-2025 |
NCSC-2025-0188 |
|
| |
medium
|
high
|
Signed-PGP →
CSAF →
PDF →
|
|
| 10-06-2025 |
medium
|
high
|
NCSC-2025-0188 [1.00] |
Signed-PGP →
Text,
CSAF
(sig),
PDF
|
Vrijwaringsverklaring
Door gebruik van deze security advisory gaat u akkoord met de
navolgende voorwaarden. Ondanks dat het NCSC de grootst mogelijke
zorg heeft betracht bij de samenstelling van dit beveiligingsadvies,
kan het NCSC niet instaan voor de volledigheid, juistheid of
(voortdurende) actualiteit van dit beveiligingsadvies. De informatie
in dit beveiligingsadvies is uitsluitend bedoeld als algemene
informatie voor professionele partijen. Aan de informatie in dit
beveiligingsadvies kunnen geen rechten worden ontleend.
Het NCSC en de Staat zijn niet aansprakelijk voor enige schade
ten gevolge van het gebruik of de onmogelijkheid van het gebruik
van dit beveiligingsadvies, waaronder begrepen schade ten gevolge
van de onjuistheid of onvolledigheid van de informatie in dit
beveiligingsadvies.
Op dit beveiligingsadvies is Nederlands recht van toepassing. Alle
geschillen in verband met en/of voortvloeiend uit dit beveiligingsadvies
zullen worden voorgelegd aan de exclusief bevoegde rechter te Den
Haag. Deze rechtskeuze geldt tevens voor de voorzieningenrechter in
kort geding.
