|
Versie 1.00 |
08-07-2025 |
NCSC-2025-0213 |
|
|
medium
|
high
|
Signed-PGP →
CSAF →
PDF →
|
|
08-07-2025 |
medium
|
high
|
NCSC-2025-0213 [1.00] |
Signed-PGP →
Text,
CSAF
(sig),
PDF
|
Kenmerken |
Kenmerken
- Untrusted Pointer Dereference
- Insufficient UI Warning of Dangerous Operations
- NULL Pointer Dereference
- Improper Certificate Validation
- Integer Overflow or Wraparound
- Missing Authorization
- Exposure of Sensitive Information to an Unauthorized Actor
- Missing Synchronization
- Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
- Improper Link Resolution Before File Access ('Link Following')
- Double Free
- Acceptance of Extraneous Untrusted Data With Trusted Data
- Use After Free
- Sensitive Data Storage in Improperly Locked Memory
- Numeric Truncation Error
- Buffer Over-read
- Time-of-check Time-of-use (TOCTOU) Race Condition
- Missing Support for Integrity Check
- Integer Underflow (Wrap or Wraparound)
- Improper Input Validation
- Out-of-bounds Read
- Uncontrolled Resource Consumption
- Relative Path Traversal
- Improper Access Control
- Missing Authentication for Critical Function
- Processor Optimization Removal or Modification of Security-critical Code
- Protection Mechanism Failure
- Heap-based Buffer Overflow
- Access of Resource Using Incompatible Type ('Type Confusion')
|
Omschrijving |
Omschrijving
Microsoft heeft kwetsbaarheden verholpen in Windows.
Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
Denial-of-Service (DoS)
Manipulatie van gegevens
Omzeilen van een beveiligingsmaatregel
Uitvoeren van willekeurige code
Toegang tot gevoelige gegevens
Verkrijgen van verhoogde rechten
Spoofing
```
Windows Cryptographic Services:
Windows Visual Basic Scripting:
Capability Access Management Service (camsvc):
Windows Update Service:
Windows Win32K - ICOMP:
AMD Store Queue:
Windows StateRepository API:
Microsoft Windows Search Component:
Microsoft Graphics Component:
Role: Windows Hyper-V:
Microsoft Input Method Editor (IME):
Windows Ancillary Function Driver for WinSock:
Microsoft Windows QoS scheduler:
Windows KDC Proxy Service (KPSSVC):
Windows Print Spooler Components:
Remote Desktop Client:
Windows Virtualization-Based Security (VBS) Enclave:
Windows Storage VSP Driver:
Windows Cred SSProvider Protocol:
Microsoft Brokering File System:
AMD L1 Data Queue:
Windows Connected Devices Platform Service:
Virtual Hard Disk (VHDX):
Storage Port Driver:
Windows User-Mode Driver Framework Host:
Windows SmartScreen:
Workspace Broker:
HID class driver:
Windows Kerberos:
Windows Imaging Component:
Windows TDX.sys:
Microsoft PC Manager:
Windows NTFS:
Windows Routing and Remote Access Service (RRAS):
Windows Kernel:
Windows Remote Desktop Licensing Service:
Windows Fast FAT Driver:
Microsoft MPEG-2 Video Extension:
Windows Win32K - GRFX:
Universal Print Management Service:
Windows Media:
Windows Netlogon:
Windows Event Tracing:
Windows SMB:
Windows SPNEGO Extended Negotiation:
Windows Performance Recorder:
Windows Secure Kernel Mode:
Windows GDI:
Windows SSDP Service:
Windows TCP/IP:
Kernel Streaming WOW Thunk Service Driver:
Windows MBT Transport driver:
Windows Universal Plug and Play (UPnP) Device Host:
Windows AppX Deployment Service:
Windows BitLocker:
Windows Shell:
Windows Notification:
```
|
Bereik |
Bereik
Platforms |
Producten |
Versies |
|
Microsoft Remote Desktop client for Windows Desktop
Microsoft Windows 10 Version 1507
Microsoft Windows 10 Version 1607
Microsoft Windows 10 Version 1809
Microsoft Windows 10 Version 21H2
Microsoft Windows 10 Version 22H2
Microsoft Windows 11 Version 23H2
Microsoft Windows 11 Version 24H2
Microsoft Windows 11 version 22H2
Microsoft Windows 11 version 22H3
Microsoft Windows App Client for Windows Desktop
Microsoft Windows Server 2008 Service Pack 2
Microsoft Windows Server 2008 R2 Service Pack 1
Microsoft Windows Server 2008 R2 Service Pack 1 (Server Core installation) Microsoft Windows Server 2008 Service Pack 2 Microsoft Windows Server 2008 Service Pack 2 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server 2022 Microsoft Windows Server 2022, 23H2 Edition (Server Core installation) Microsoft Windows Server 2025 Microsoft Windows Server 2025 (Server Core installation)
|
1.2.0.0|<1.2.6353.0 - 10.0.10240.0|<10.0.10240.21073 - 10.0.14393.0|<10.0.14393.8246 - 10.0.17763.0|<10.0.17763.7558 - 10.0.19044.0|<10.0.19044.6093 - 10.0.19045.0|<10.0.19045.6093 - 10.0.22631.0|<10.0.22631.5624 - 10.0.26100.0|<10.0.26100.4652 - 10.0.22621.0|<10.0.22621.5624 - 10.0.22631.0|<10.0.22631.5624 - 1.00|<2.0.559.0 - 6.0.6003.0|<6.0.6003.23418 - 6.1.7601.0|<6.1.7601.27820 - 6.1.7601.0|<6.1.7601.27820 - 6.0.6003.0|<6.0.6003.23418 - 6.0.6003.0|<6.0.6003.23418 - 6.2.9200.0|<6.2.9200.25522 - 6.2.9200.0|<6.2.9200.25573 - 6.2.9200.0|<6.2.9200.25522 - 6.2.9200.0|<6.2.9200.25573 - 6.3.9600.0|<6.3.9600.22620 - 6.3.9600.0|<6.3.9600.22676 - 6.3.9600.0|<6.3.9600.22620 - 6.3.9600.0|<6.3.9600.22676 - 10.0.14393.0|<10.0.14393.8148 - 10.0.14393.0|<10.0.14393.8246 - 10.0.14393.0|<10.0.14393.8148 - 10.0.14393.0|<10.0.14393.8246 - 10.0.17763.0|<10.0.10240.21034 - 10.0.17763.0|<10.0.17763.7558 - 10.0.17763.0|<10.0.10240.21034 - 10.0.17763.0|<10.0.17763.7558 - 10.0.20348.0|<10.0.20348.3807 - 10.0.20348.0|<10.0.20348.3932 - 10.0.25398.0|<10.0.22621.5472 - 10.0.25398.0|<10.0.25398.1732 - 10.0.26100.0|<10.0.26100.4652 - 10.0.26100.0|<10.0.26200.4349 - 10.0.26100.0|<10.0.26100.4652 - 10.0.26100.0|<10.0.26200.4349
|
|
Oplossingen |
Oplossingen
Microsoft heeft updates beschikbaar gesteld waarmee de beschreven kwetsbaarheden worden verholpen. We raden u aan om deze updates te installeren. Meer informatie over de kwetsbaarheden, de installatie van de updates en eventuele work-arounds [Link]
|
CVE’s |
CVE’s
CVE-2025-26636, CVE-2025-33054, CVE-2025-36350, CVE-2025-36357, CVE-2025-47159, CVE-2025-47971, CVE-2025-47972, CVE-2025-47973, CVE-2025-47975, CVE-2025-47976, CVE-2025-47978, CVE-2025-47980, CVE-2025-47981, CVE-2025-47982, CVE-2025-47984, CVE-2025-47985, CVE-2025-47986, CVE-2025-47987, CVE-2025-47991, CVE-2025-47993, CVE-2025-47996, CVE-2025-47998, CVE-2025-47999, CVE-2025-48000, CVE-2025-48001, CVE-2025-48002, CVE-2025-48003, CVE-2025-48799, CVE-2025-48800, CVE-2025-48802, CVE-2025-48803, CVE-2025-48804, CVE-2025-48805, CVE-2025-48806, CVE-2025-48808, CVE-2025-48809, CVE-2025-48810, CVE-2025-48811, CVE-2025-48814, CVE-2025-48815, CVE-2025-48816, CVE-2025-48817, CVE-2025-48818, CVE-2025-48819, CVE-2025-48820, CVE-2025-48821, CVE-2025-48822, CVE-2025-48823, CVE-2025-48824, CVE-2025-49657, CVE-2025-49658, CVE-2025-49659, CVE-2025-49660, CVE-2025-49661, CVE-2025-49663, CVE-2025-49664, CVE-2025-49665, CVE-2025-49666, CVE-2025-49667, CVE-2025-49668, CVE-2025-49669, CVE-2025-49670, CVE-2025-49671, CVE-2025-49672, CVE-2025-49673, CVE-2025-49674, CVE-2025-49675, CVE-2025-49676, CVE-2025-49677, CVE-2025-49678, CVE-2025-49679, CVE-2025-49680, CVE-2025-49681, CVE-2025-49682, CVE-2025-49683, CVE-2025-49684, CVE-2025-49685, CVE-2025-49686, CVE-2025-49687, CVE-2025-49688, CVE-2025-49689, CVE-2025-49690, CVE-2025-49691, CVE-2025-49693, CVE-2025-49694, CVE-2025-49716, CVE-2025-49721, CVE-2025-49722, CVE-2025-49723, CVE-2025-49724, CVE-2025-49725, CVE-2025-49726, CVE-2025-49727, CVE-2025-49729, CVE-2025-49730, CVE-2025-49732, CVE-2025-49733, CVE-2025-49735, CVE-2025-49740, CVE-2025-49742, CVE-2025-49744, CVE-2025-49753
|
|
Versie 1.00 |
08-07-2025 |
NCSC-2025-0213 |
|
|
medium
|
high
|
Signed-PGP →
CSAF →
PDF →
|
|
08-07-2025 |
medium
|
high
|
NCSC-2025-0213 [1.00] |
Signed-PGP →
Text,
CSAF
(sig),
PDF
|