Windows · Fixed build

10.0.14393.7969

62 CVEs fixed by this build, deployed across 3 Windows SKUs.

Published on: 2016-08-09
SKUs covered: 3
CVEs fixed: 62

Windows SKUs covered by this build

The SKUs below share this MSRC build number. Deploying the corresponding KB secures all of them at once.

CISA KEV: 1
Critical: 7
High: 55
NVD pending: 0

CVEs fixed by this build

CVE	Severity	KEV	Published	Description
CVE-2025-29824 2025-04-08 KEV Windows Common Log File System Driver Elevation of Privilege Vulnerability	HIGH 7.8	KEV	2025-04-08	Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2025-26669 2025-04-08 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability	HIGH 8.8	—	2025-04-08	Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
CVE-2025-27477 2025-04-08 Windows Telephony Service Remote Code Execution Vulnerability	HIGH 8.8	—	2025-04-08	Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-27740 2025-04-08 Active Directory Certificate Services Elevation of Privilege Vulnerability	HIGH 8.8	—	2025-04-08	Active Directory Certificate Services Elevation of Privilege Vulnerability
CVE-2025-21205 2025-04-08 Windows Telephony Service Remote Code Execution Vulnerability	HIGH 8.8	—	2025-04-08	Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21221 2025-04-08 Windows Telephony Service Remote Code Execution Vulnerability	HIGH 8.8	—	2025-04-08	Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21222 2025-04-08 Windows Telephony Service Remote Code Execution Vulnerability	HIGH 8.8	—	2025-04-08	Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-26647 2025-04-08 Windows Kerberos Elevation of Privilege Vulnerability	HIGH 8.8	—	2025-04-08	Windows Kerberos Elevation of Privilege Vulnerability
CVE-2025-27481 2025-04-08 Windows Telephony Service Remote Code Execution Vulnerability	HIGH 8.8	—	2025-04-08	Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-27737 2025-04-08 Windows Security Zone Mapping Security Feature Bypass Vulnerability	HIGH 8.6	—	2025-04-08	Windows Security Zone Mapping Security Feature Bypass Vulnerability
CVE-2022-2601 2024-08-13 Redhat: CVE-2022-2601 grub2 - Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possibl…	HIGH 8.6	—	2024-08-13	Redhat: CVE-2022-2601 grub2 - Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass
CVE-2023-40547 2024-08-13 Redhat: CVE-2023-40547 Shim - RCE in HTTP boot support may lead to secure boot bypass	CRITICAL 8.3	—	2024-08-13	Redhat: CVE-2023-40547 Shim - RCE in HTTP boot support may lead to secure boot bypass
CVE-2025-26663 2025-04-08 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability	CRITICAL 8.1	—	2025-04-08	Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
CVE-2025-26670 2025-04-08 Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability	CRITICAL 8.1	—	2025-04-08	Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability
CVE-2025-26671 2025-04-08 Windows Remote Desktop Services Remote Code Execution Vulnerability	HIGH 8.1	—	2025-04-08	Windows Remote Desktop Services Remote Code Execution Vulnerability
CVE-2025-27480 2025-04-08 Windows Remote Desktop Services Remote Code Execution Vulnerability	CRITICAL 8.1	—	2025-04-08	Windows Remote Desktop Services Remote Code Execution Vulnerability
CVE-2025-27482 2025-04-08 Windows Remote Desktop Services Remote Code Execution Vulnerability	CRITICAL 8.1	—	2025-04-08	Windows Remote Desktop Services Remote Code Execution Vulnerability
CVE-2025-27487 2025-04-08 Remote Desktop Client Remote Code Execution Vulnerability	HIGH 8.0	—	2025-04-08	Remote Desktop Client Remote Code Execution Vulnerability
CVE-2025-26688 2025-04-08 Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability	HIGH 7.8	—	2025-04-08	Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability
CVE-2025-27741 2025-04-08 NTFS Elevation of Privilege Vulnerability	HIGH 7.8	—	2025-04-08	NTFS Elevation of Privilege Vulnerability
CVE-2025-24073 2025-04-08 Microsoft DWM Core Library Elevation of Privilege Vulnerability	HIGH 7.8	—	2025-04-08	Microsoft DWM Core Library Elevation of Privilege Vulnerability
CVE-2025-21204 2025-04-08 Windows Process Activation Elevation of Privilege Vulnerability	HIGH 7.8	—	2025-04-08	Windows Process Activation Elevation of Privilege Vulnerability
CVE-2025-26648 2025-04-08 Windows Kernel Elevation of Privilege Vulnerability	HIGH 7.8	—	2025-04-08	Windows Kernel Elevation of Privilege Vulnerability
CVE-2025-26679 2025-04-08 RPC Endpoint Mapper Service Elevation of Privilege Vulnerability	HIGH 7.8	—	2025-04-08	RPC Endpoint Mapper Service Elevation of Privilege Vulnerability
CVE-2025-27483 2025-04-08 NTFS Elevation of Privilege Vulnerability	HIGH 7.8	—	2025-04-08	NTFS Elevation of Privilege Vulnerability
CVE-2025-27727 2025-04-08 Windows Installer Elevation of Privilege Vulnerability	HIGH 7.8	—	2025-04-08	Windows Installer Elevation of Privilege Vulnerability
CVE-2025-27733 2025-04-08 NTFS Elevation of Privilege Vulnerability	HIGH 7.8	—	2025-04-08	NTFS Elevation of Privilege Vulnerability
CVE-2025-26687 2025-04-08 Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a network.	HIGH 7.5	—	2025-04-08	Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a network.
CVE-2025-26668 2025-04-08 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability	HIGH 7.5	—	2025-04-08	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2025-26680 2025-04-08 Windows Standards-Based Storage Management Service Denial of Service Vulnerability	HIGH 7.5	—	2025-04-08	Windows Standards-Based Storage Management Service Denial of Service Vulnerability
CVE-2025-26686 2025-04-08 Windows TCP/IP Remote Code Execution Vulnerability	CRITICAL 7.5	—	2025-04-08	Windows TCP/IP Remote Code Execution Vulnerability
CVE-2025-27470 2025-04-08 Windows Standards-Based Storage Management Service Denial of Service Vulnerability	HIGH 7.5	—	2025-04-08	Windows Standards-Based Storage Management Service Denial of Service Vulnerability
CVE-2025-27473 2025-04-08 HTTP.sys Denial of Service Vulnerability	HIGH 7.5	—	2025-04-08	HTTP.sys Denial of Service Vulnerability
CVE-2025-27479 2025-04-08 Kerberos Key Distribution Proxy Service Denial of Service Vulnerability	HIGH 7.5	—	2025-04-08	Kerberos Key Distribution Proxy Service Denial of Service Vulnerability
CVE-2025-21174 2025-04-08 Windows Standards-Based Storage Management Service Denial of Service Vulnerability	HIGH 7.5	—	2025-04-08	Windows Standards-Based Storage Management Service Denial of Service Vulnerability
CVE-2025-26641 2025-04-08 Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability	HIGH 7.5	—	2025-04-08	Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
CVE-2025-26652 2025-04-08 Windows Standards-Based Storage Management Service Denial of Service Vulnerability	HIGH 7.5	—	2025-04-08	Windows Standards-Based Storage Management Service Denial of Service Vulnerability
CVE-2025-26673 2025-04-08 Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability	HIGH 7.5	—	2025-04-08	Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability
CVE-2025-27469 2025-04-08 Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability	HIGH 7.5	—	2025-04-08	Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability
CVE-2025-27485 2025-04-08 Windows Standards-Based Storage Management Service Denial of Service Vulnerability	HIGH 7.5	—	2025-04-08	Windows Standards-Based Storage Management Service Denial of Service Vulnerability
CVE-2025-27484 2025-04-08 Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability	HIGH 7.5	—	2025-04-08	Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability
CVE-2025-27486 2025-04-08 Windows Standards-Based Storage Management Service Denial of Service Vulnerability	HIGH 7.5	—	2025-04-08	Windows Standards-Based Storage Management Service Denial of Service Vulnerability
CVE-2025-29810 2025-04-08 Active Directory Domain Services Elevation of Privilege Vulnerability	HIGH 7.5	—	2025-04-08	Active Directory Domain Services Elevation of Privilege Vulnerability
CVE-2025-27491 2025-04-08 Windows Hyper-V Remote Code Execution Vulnerability	CRITICAL 7.1	—	2025-04-08	Windows Hyper-V Remote Code Execution Vulnerability
CVE-2025-29809 2025-04-08 Windows Kerberos Security Feature Bypass Vulnerability	HIGH 7.1	—	2025-04-08	Windows Kerberos Security Feature Bypass Vulnerability
CVE-2025-26665 2025-04-08 Windows upnphost.dll Elevation of Privilege Vulnerability	HIGH 7.0	—	2025-04-08	Windows upnphost.dll Elevation of Privilege Vulnerability
CVE-2025-27478 2025-04-08 Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability	HIGH 7.0	—	2025-04-08	Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability
CVE-2025-21191 2025-04-08 Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability	HIGH 7.0	—	2025-04-08	Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability
CVE-2025-27732 2025-04-08 Windows Graphics Component Elevation of Privilege Vulnerability	HIGH 7.0	—	2025-04-08	Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2025-26637 2025-04-08 Windows BitLocker Security Feature Bypass Vulnerability	HIGH 6.8	—	2025-04-08	Windows BitLocker Security Feature Bypass Vulnerability
CVE-2025-26664 2025-04-08 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability	HIGH 6.5	—	2025-04-08	Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
CVE-2025-26667 2025-04-08 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability	HIGH 6.5	—	2025-04-08	Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
CVE-2025-27474 2025-04-08 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability	HIGH 6.5	—	2025-04-08	Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
CVE-2025-21197 2025-04-08 Windows NTFS Information Disclosure Vulnerability	HIGH 6.5	—	2025-04-08	Windows NTFS Information Disclosure Vulnerability
CVE-2025-21203 2025-04-08 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability	HIGH 6.5	—	2025-04-08	Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
CVE-2025-26672 2025-04-08 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability	HIGH 6.5	—	2025-04-08	Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
CVE-2025-26676 2025-04-08 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability	HIGH 6.5	—	2025-04-08	Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
CVE-2025-27738 2025-04-08 Windows Resilient File System (ReFS) Information Disclosure Vulnerability	HIGH 6.5	—	2025-04-08	Windows Resilient File System (ReFS) Information Disclosure Vulnerability
CVE-2025-27735 2025-04-08 Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability	HIGH 6.0	—	2025-04-08	Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability
CVE-2025-27471 2025-04-08 Microsoft Streaming Service Denial of Service Vulnerability	HIGH 5.9	—	2025-04-08	Microsoft Streaming Service Denial of Service Vulnerability
CVE-2025-27742 2025-04-08 NTFS Information Disclosure Vulnerability	HIGH 5.5	—	2025-04-08	NTFS Information Disclosure Vulnerability
CVE-2025-27736 2025-04-08 Windows Power Dependency Coordinator Information Disclosure Vulnerability	HIGH 5.5	—	2025-04-08	Windows Power Dependency Coordinator Information Disclosure Vulnerability