Windows · Fixed build

10.0.25398.2149

MSRC advisory

29 CVEs fixed by this build, deployed across 1 Windows SKUs.

Published on: 2019-07-09
SKUs covered: 1
CVEs fixed: 29

Windows SKUs covered by this build

The SKUs below share this MSRC build number. Deploying the corresponding KB secures all of them at once.

Windows Server 2022

CISA KEV: 5
Critical: 0
High: 28
NVD pending: 0

CVEs fixed by this build

CVE	Severity	KEV	Published	Description
CVE-2026-21513 2026-02-10 KEV MSHTML Framework Security Feature Bypass Vulnerability	HIGH 8.8	KEV	2026-02-10	MSHTML Framework Security Feature Bypass Vulnerability
CVE-2026-21510 2026-02-10 KEV Windows Shell Security Feature Bypass Vulnerability	HIGH 8.8	KEV	2026-02-10	Windows Shell Security Feature Bypass Vulnerability
CVE-2026-21519 2026-02-10 KEV Desktop Window Manager Elevation of Privilege Vulnerability	HIGH 7.8	KEV	2026-02-10	Desktop Window Manager Elevation of Privilege Vulnerability
CVE-2026-21533 2026-02-10 KEV Windows Remote Desktop Services Elevation of Privilege Vulnerability	HIGH 7.8	KEV	2026-02-10	Windows Remote Desktop Services Elevation of Privilege Vulnerability
CVE-2026-21525 2026-02-10 KEV Windows Remote Access Connection Manager Denial of Service Vulnerability	MEDIUM 6.2	KEV	2026-02-10	Windows Remote Access Connection Manager Denial of Service Vulnerability
CVE-2026-21255 2026-02-10 Windows Hyper-V Security Feature Bypass Vulnerability	HIGH 8.8	—	2026-02-10	Windows Hyper-V Security Feature Bypass Vulnerability
CVE-2026-21236 2026-02-10 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability	HIGH 7.8	—	2026-02-10	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-21251 2026-02-10 Cluster Client Failover (CCF) Elevation of Privilege Vulnerability	HIGH 7.8	—	2026-02-10	Cluster Client Failover (CCF) Elevation of Privilege Vulnerability
CVE-2026-21250 2026-02-10 Windows HTTP.sys Elevation of Privilege Vulnerability	HIGH 7.8	—	2026-02-10	Windows HTTP.sys Elevation of Privilege Vulnerability
CVE-2026-21240 2026-02-10 Windows HTTP.sys Elevation of Privilege Vulnerability	HIGH 7.8	—	2026-02-10	Windows HTTP.sys Elevation of Privilege Vulnerability
CVE-2026-21239 2026-02-10 Windows Kernel Elevation of Privilege Vulnerability	HIGH 7.8	—	2026-02-10	Windows Kernel Elevation of Privilege Vulnerability
CVE-2026-21238 2026-02-10 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability	HIGH 7.8	—	2026-02-10	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-21232 2026-02-10 Windows HTTP.sys Elevation of Privilege Vulnerability	HIGH 7.8	—	2026-02-10	Windows HTTP.sys Elevation of Privilege Vulnerability
CVE-2026-21231 2026-02-10 Windows Kernel Elevation of Privilege Vulnerability	HIGH 7.8	—	2026-02-10	Windows Kernel Elevation of Privilege Vulnerability
CVE-2026-21246 2026-02-10 Windows Graphics Component Elevation of Privilege Vulnerability	HIGH 7.8	—	2026-02-10	Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2026-21243 2026-02-10 Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability	HIGH 7.5	—	2026-02-10	Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability
CVE-2026-20846 2026-02-10 GDI+ Denial of Service Vulnerability	HIGH 7.5	—	2026-02-10	GDI+ Denial of Service Vulnerability
CVE-2026-21248 2026-02-10 Windows Hyper-V Remote Code Execution Vulnerability	HIGH 7.3	—	2026-02-10	Windows Hyper-V Remote Code Execution Vulnerability
CVE-2026-21247 2026-02-10 Windows Hyper-V Remote Code Execution Vulnerability	HIGH 7.3	—	2026-02-10	Windows Hyper-V Remote Code Execution Vulnerability
CVE-2026-21244 2026-02-10 Windows Hyper-V Remote Code Execution Vulnerability	HIGH 7.3	—	2026-02-10	Windows Hyper-V Remote Code Execution Vulnerability
CVE-2026-21242 2026-02-10 Windows Subsystem for Linux Elevation of Privilege Vulnerability	HIGH 7.0	—	2026-02-10	Windows Subsystem for Linux Elevation of Privilege Vulnerability
CVE-2026-21234 2026-02-10 Windows Connected Devices Platform Service Elevation of Privilege Vulnerability	HIGH 7.0	—	2026-02-10	Windows Connected Devices Platform Service Elevation of Privilege Vulnerability
CVE-2026-21508 2026-02-10 Windows Storage Elevation of Privilege Vulnerability	HIGH 7.0	—	2026-02-10	Windows Storage Elevation of Privilege Vulnerability
CVE-2026-21253 2026-02-10 Mailslot File System Elevation of Privilege Vulnerability	HIGH 7.0	—	2026-02-10	Mailslot File System Elevation of Privilege Vulnerability
CVE-2026-21241 2026-02-10 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability	HIGH 7.0	—	2026-02-10	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-21237 2026-02-10 Windows Subsystem for Linux Elevation of Privilege Vulnerability	HIGH 7.0	—	2026-02-10	Windows Subsystem for Linux Elevation of Privilege Vulnerability
CVE-2023-2804 2026-02-10 Red Hat, Inc. CVE-2023-2804: Heap Based Overflow libjpeg-turbo	HIGH 6.5	—	2026-02-10	Red Hat, Inc. CVE-2023-2804: Heap Based Overflow libjpeg-turbo
CVE-2026-21222 2026-02-10 Windows Kernel Information Disclosure Vulnerability	HIGH 5.5	—	2026-02-10	Windows Kernel Information Disclosure Vulnerability
CVE-2026-21249 2026-02-10 Windows NTLM Spoofing Vulnerability	HIGH 3.3	—	2026-02-10	Windows NTLM Spoofing Vulnerability