Windows · Fixed build

10.0.25398.1849

MSRC advisory

61 CVEs fixed by this build, deployed across 1 Windows SKUs.

Published on: 2019-07-09
SKUs covered: 1
CVEs fixed: 61

Windows SKUs covered by this build

The SKUs below share this MSRC build number. Deploying the corresponding KB secures all of them at once.

Windows Server 2022

CISA KEV: 0
Critical: 8
High: 52
NVD pending: 0

CVEs fixed by this build

CVE	Severity	KEV	Published	Description
CVE-2025-54106 2025-09-09 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability	HIGH 8.8	—	2025-09-09	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2025-54110 2025-09-09 Windows Kernel Elevation of Privilege Vulnerability	HIGH 8.8	—	2025-09-09	Windows Kernel Elevation of Privilege Vulnerability
CVE-2025-54918 2025-09-09 Windows NTLM Elevation of Privilege Vulnerability	CRITICAL 8.8	—	2025-09-09	Windows NTLM Elevation of Privilege Vulnerability
CVE-2025-54113 2025-09-09 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability	HIGH 8.8	—	2025-09-09	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2025-55234 2025-09-09 Windows SMB Elevation of Privilege Vulnerability	HIGH 8.8	—	2025-09-09	Windows SMB Elevation of Privilege Vulnerability
CVE-2025-59290 2025-10-14 Windows Bluetooth Service Elevation of Privilege Vulnerability	HIGH 7.8	—	2025-10-14	Windows Bluetooth Service Elevation of Privilege Vulnerability
CVE-2025-54102 2025-09-09 Windows Connected Devices Platform Service Elevation of Privilege Vulnerability	HIGH 7.8	—	2025-09-09	Windows Connected Devices Platform Service Elevation of Privilege Vulnerability
CVE-2025-54111 2025-09-09 Windows UI XAML Phone DatePickerFlyout Elevation of Privilege Vulnerability	HIGH 7.8	—	2025-09-09	Windows UI XAML Phone DatePickerFlyout Elevation of Privilege Vulnerability
CVE-2025-54894 2025-09-09 Local Security Authority Subsystem Service Elevation of Privilege Vulnerability	HIGH 7.8	—	2025-09-09	Local Security Authority Subsystem Service Elevation of Privilege Vulnerability
CVE-2025-54895 2025-09-09 SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Elevation of Privilege Vulnerability	HIGH 7.8	—	2025-09-09	SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Elevation of Privilege Vulnerability
CVE-2025-54913 2025-09-09 Windows UI XAML Maps MapControlSettings Elevation of Privilege Vulnerability	HIGH 7.8	—	2025-09-09	Windows UI XAML Maps MapControlSettings Elevation of Privilege Vulnerability
CVE-2025-54916 2025-09-09 Windows NTFS Remote Code Execution Vulnerability	HIGH 7.8	—	2025-09-09	Windows NTFS Remote Code Execution Vulnerability
CVE-2025-55228 2025-09-09 Windows Graphics Component Remote Code Execution Vulnerability	CRITICAL 7.8	—	2025-09-09	Windows Graphics Component Remote Code Execution Vulnerability
CVE-2025-53800 2025-09-09 Windows Graphics Component Elevation of Privilege Vulnerability	CRITICAL 7.8	—	2025-09-09	Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2025-53801 2025-09-09 Microsoft DWM Core Library Elevation of Privilege Vulnerability	HIGH 7.8	—	2025-09-09	Microsoft DWM Core Library Elevation of Privilege Vulnerability
CVE-2025-54091 2025-09-09 Windows Hyper-V Elevation of Privilege Vulnerability	HIGH 7.8	—	2025-09-09	Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2025-54092 2025-09-09 Windows Hyper-V Elevation of Privilege Vulnerability	HIGH 7.8	—	2025-09-09	Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2025-54098 2025-09-09 Windows Hyper-V Elevation of Privilege Vulnerability	HIGH 7.8	—	2025-09-09	Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2025-54912 2025-09-09 Windows BitLocker Elevation of Privilege Vulnerability	HIGH 7.8	—	2025-09-09	Windows BitLocker Elevation of Privilege Vulnerability
CVE-2025-55224 2025-09-09 Windows Hyper-V Remote Code Execution Vulnerability	CRITICAL 7.8	—	2025-09-09	Windows Hyper-V Remote Code Execution Vulnerability
CVE-2025-59502 2025-10-14 Remote Procedure Call Denial of Service Vulnerability	MEDIUM 7.5	—	2025-10-14	Remote Procedure Call Denial of Service Vulnerability
CVE-2025-54919 2025-09-09 Windows Graphics Component Remote Code Execution Vulnerability	HIGH 7.5	—	2025-09-09	Windows Graphics Component Remote Code Execution Vulnerability
CVE-2025-53805 2025-09-09 HTTP.sys Denial of Service Vulnerability	HIGH 7.5	—	2025-09-09	HTTP.sys Denial of Service Vulnerability
CVE-2025-54103 2025-09-09 Windows Management Service Elevation of Privilege Vulnerability	HIGH 7.4	—	2025-09-09	Windows Management Service Elevation of Privilege Vulnerability
CVE-2025-55236 2025-09-09 Graphics Kernel Remote Code Execution Vulnerability	CRITICAL 7.3	—	2025-09-09	Graphics Kernel Remote Code Execution Vulnerability
CVE-2025-54116 2025-09-09 Windows MultiPoint Services Elevation of Privilege Vulnerability	HIGH 7.3	—	2025-09-09	Windows MultiPoint Services Elevation of Privilege Vulnerability
CVE-2025-54911 2025-09-09 Windows BitLocker Elevation of Privilege Vulnerability	HIGH 7.3	—	2025-09-09	Windows BitLocker Elevation of Privilege Vulnerability
CVE-2025-59289 2025-10-14 Windows Bluetooth Service Elevation of Privilege Vulnerability	HIGH 7.0	—	2025-10-14	Windows Bluetooth Service Elevation of Privilege Vulnerability
CVE-2025-49734 2025-09-09 PowerShell Direct Elevation of Privilege Vulnerability	HIGH 7.0	—	2025-09-09	PowerShell Direct Elevation of Privilege Vulnerability
CVE-2025-54099 2025-09-09 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability	HIGH 7.0	—	2025-09-09	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2025-55223 2025-09-09 DirectX Graphics Kernel Elevation of Privilege Vulnerability	HIGH 7.0	—	2025-09-09	DirectX Graphics Kernel Elevation of Privilege Vulnerability
CVE-2025-53802 2025-09-09 Windows Bluetooth Service Elevation of Privilege Vulnerability	HIGH 7.0	—	2025-09-09	Windows Bluetooth Service Elevation of Privilege Vulnerability
CVE-2025-53807 2025-09-09 Windows Graphics Component Elevation of Privilege Vulnerability	HIGH 7.0	—	2025-09-09	Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2025-54093 2025-09-09 Windows TCP/IP Driver Elevation of Privilege Vulnerability	HIGH 7.0	—	2025-09-09	Windows TCP/IP Driver Elevation of Privilege Vulnerability
CVE-2025-54105 2025-09-09 Microsoft Brokering File System Elevation of Privilege Vulnerability	HIGH 7.0	—	2025-09-09	Microsoft Brokering File System Elevation of Privilege Vulnerability
CVE-2025-54112 2025-09-09 Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability	HIGH 7.0	—	2025-09-09	Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability
CVE-2025-54114 2025-09-09 Windows Connected Devices Platform Service Elevation of Privilege Vulnerability	HIGH 7.0	—	2025-09-09	Windows Connected Devices Platform Service Elevation of Privilege Vulnerability
CVE-2025-54115 2025-09-09 Windows Hyper-V Elevation of Privilege Vulnerability	HIGH 7.0	—	2025-09-09	Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2025-59220 2025-09-09 Windows Bluetooth Service Elevation of Privilege Vulnerability	HIGH 7.0	—	2025-09-09	Windows Bluetooth Service Elevation of Privilege Vulnerability
CVE-2025-55226 2025-09-09 Graphics Kernel Remote Code Execution Vulnerability	CRITICAL 6.7	—	2025-09-09	Graphics Kernel Remote Code Execution Vulnerability
CVE-2025-53808 2025-09-09 Windows Defender Firewall Service Elevation of Privilege Vulnerability	HIGH 6.7	—	2025-09-09	Windows Defender Firewall Service Elevation of Privilege Vulnerability
CVE-2025-53810 2025-09-09 Windows Defender Firewall Service Elevation of Privilege Vulnerability	HIGH 6.7	—	2025-09-09	Windows Defender Firewall Service Elevation of Privilege Vulnerability
CVE-2025-54094 2025-09-09 Windows Defender Firewall Service Elevation of Privilege Vulnerability	HIGH 6.7	—	2025-09-09	Windows Defender Firewall Service Elevation of Privilege Vulnerability
CVE-2025-54104 2025-09-09 Windows Defender Firewall Service Elevation of Privilege Vulnerability	HIGH 6.7	—	2025-09-09	Windows Defender Firewall Service Elevation of Privilege Vulnerability
CVE-2025-54109 2025-09-09 Windows Defender Firewall Service Elevation of Privilege Vulnerability	HIGH 6.7	—	2025-09-09	Windows Defender Firewall Service Elevation of Privilege Vulnerability
CVE-2025-54915 2025-09-09 Windows Defender Firewall Service Elevation of Privilege Vulnerability	HIGH 6.7	—	2025-09-09	Windows Defender Firewall Service Elevation of Privilege Vulnerability
CVE-2025-48807 2025-08-12 Windows Hyper-V Remote Code Execution Vulnerability	CRITICAL 6.7	—	2025-08-12	Windows Hyper-V Remote Code Execution Vulnerability
CVE-2025-53797 2025-09-09 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability	HIGH 6.5	—	2025-09-09	Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
CVE-2025-53798 2025-09-09 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability	HIGH 6.5	—	2025-09-09	Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
CVE-2025-54095 2025-09-09 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability	HIGH 6.5	—	2025-09-09	Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
CVE-2025-54096 2025-09-09 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability	HIGH 6.5	—	2025-09-09	Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
CVE-2025-54097 2025-09-09 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability	HIGH 6.5	—	2025-09-09	Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
CVE-2025-55225 2025-09-09 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability	HIGH 6.5	—	2025-09-09	Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
CVE-2025-53796 2025-09-09 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability	HIGH 6.5	—	2025-09-09	Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
CVE-2025-53806 2025-09-09 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability	HIGH 6.5	—	2025-09-09	Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
CVE-2025-53799 2025-09-09 Use of uninitialized resource in Windows Imaging Component allows an unauthorized attacker to disclose information loca…	CRITICAL 5.5	—	2025-09-09	Use of uninitialized resource in Windows Imaging Component allows an unauthorized attacker to disclose information locally.
CVE-2025-53803 2025-09-09 Windows Kernel Memory Information Disclosure Vulnerability	HIGH 5.5	—	2025-09-09	Windows Kernel Memory Information Disclosure Vulnerability
CVE-2025-53804 2025-09-09 Windows Kernel-Mode Driver Information Disclosure Vulnerability	HIGH 5.5	—	2025-09-09	Windows Kernel-Mode Driver Information Disclosure Vulnerability
CVE-2025-54101 2025-09-09 Windows SMB Client Remote Code Execution Vulnerability	HIGH 4.8	—	2025-09-09	Windows SMB Client Remote Code Execution Vulnerability
CVE-2025-54107 2025-09-09 MapUrlToZone Security Feature Bypass Vulnerability	HIGH 4.3	—	2025-09-09	MapUrlToZone Security Feature Bypass Vulnerability
CVE-2025-54917 2025-09-09 MapUrlToZone Security Feature Bypass Vulnerability	HIGH 4.3	—	2025-09-09	MapUrlToZone Security Feature Bypass Vulnerability