Windows · Fixed build

10.0.25398.2207

MSRC advisory

40 CVEs fixed by this build, deployed across 1 Windows SKUs.

Published on: 2019-07-09
SKUs covered: 1
CVEs fixed: 40

Windows SKUs covered by this build

The SKUs below share this MSRC build number. Deploying the corresponding KB secures all of them at once.

Windows Server 2022

CISA KEV: 0
Critical: 0
High: 40
NVD pending: 0

CVEs fixed by this build

CVE	Severity	KEV	Published	Description
CVE-2026-23669 2026-03-10 RPC Runtime Library Remote Code Execution Vulnerability	HIGH 8.8	—	2026-03-10	RPC Runtime Library Remote Code Execution Vulnerability
CVE-2026-24283 2026-03-10 Multiple UNC Provider Kernel Driver Elevation of Privilege Vulnerability	HIGH 8.8	—	2026-03-10	Multiple UNC Provider Kernel Driver Elevation of Privilege Vulnerability
CVE-2026-25177 2026-03-10 Active Directory Domain Services Elevation of Privilege Vulnerability	HIGH 8.8	—	2026-03-10	Active Directory Domain Services Elevation of Privilege Vulnerability
CVE-2026-25188 2026-03-10 Windows Telephony Service Elevation of Privilege Vulnerability	HIGH 8.8	—	2026-03-10	Windows Telephony Service Elevation of Privilege Vulnerability
CVE-2026-25172 2026-03-10 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability	HIGH 8.0	—	2026-03-10	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2026-25173 2026-03-10 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability	HIGH 8.0	—	2026-03-10	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2026-26111 2026-03-10 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability	HIGH 8.0	—	2026-03-10	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2026-23672 2026-03-10 Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability	HIGH 7.8	—	2026-03-10	Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability
CVE-2026-23673 2026-03-10 Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability	HIGH 7.8	—	2026-03-10	Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability
CVE-2026-24287 2026-03-10 Windows Kernel Elevation of Privilege Vulnerability	HIGH 7.8	—	2026-03-10	Windows Kernel Elevation of Privilege Vulnerability
CVE-2026-24289 2026-03-10 Windows Kernel Elevation of Privilege Vulnerability	HIGH 7.8	—	2026-03-10	Windows Kernel Elevation of Privilege Vulnerability
CVE-2026-24290 2026-03-10 Windows Projected File System Elevation of Privilege Vulnerability	HIGH 7.8	—	2026-03-10	Windows Projected File System Elevation of Privilege Vulnerability
CVE-2026-24291 2026-03-10 Windows Accessibility Infrastructure (ATBroker.exe) Elevation of Privilege Vulnerability	HIGH 7.8	—	2026-03-10	Windows Accessibility Infrastructure (ATBroker.exe) Elevation of Privilege Vulnerability
CVE-2026-24292 2026-03-10 Windows Connected Devices Platform Service Elevation of Privilege Vulnerability	HIGH 7.8	—	2026-03-10	Windows Connected Devices Platform Service Elevation of Privilege Vulnerability
CVE-2026-24294 2026-03-10 Windows SMB Server Elevation of Privilege Vulnerability	HIGH 7.8	—	2026-03-10	Windows SMB Server Elevation of Privilege Vulnerability
CVE-2026-25165 2026-03-10 Performance Counters for Windows Elevation of Privilege Vulnerability	HIGH 7.8	—	2026-03-10	Performance Counters for Windows Elevation of Privilege Vulnerability
CVE-2026-25174 2026-03-10 Windows Extensible File Allocation Table Elevation of Privilege Vulnerability	HIGH 7.8	—	2026-03-10	Windows Extensible File Allocation Table Elevation of Privilege Vulnerability
CVE-2026-25175 2026-03-10 Windows NTFS Elevation of Privilege Vulnerability	HIGH 7.8	—	2026-03-10	Windows NTFS Elevation of Privilege Vulnerability
CVE-2026-25176 2026-03-10 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability	HIGH 7.8	—	2026-03-10	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-25187 2026-03-10 Winlogon Elevation of Privilege Vulnerability	HIGH 7.8	—	2026-03-10	Winlogon Elevation of Privilege Vulnerability
CVE-2026-25190 2026-03-10 Windows GDI Remote Code Execution Vulnerability	HIGH 7.8	—	2026-03-10	Windows GDI Remote Code Execution Vulnerability
CVE-2026-26128 2026-03-10 Windows SMB Server Elevation of Privilege Vulnerability	HIGH 7.8	—	2026-03-10	Windows SMB Server Elevation of Privilege Vulnerability
CVE-2026-26132 2026-03-10 Windows Kernel Elevation of Privilege Vulnerability	HIGH 7.8	—	2026-03-10	Windows Kernel Elevation of Privilege Vulnerability
CVE-2026-24293 2026-03-10 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability	HIGH 7.8	—	2026-03-10	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-25181 2026-03-10 GDI+ Information Disclosure Vulnerability	HIGH 7.5	—	2026-03-10	GDI+ Information Disclosure Vulnerability
CVE-2026-23674 2026-03-10 MapUrlToZone Security Feature Bypass Vulnerability	HIGH 7.5	—	2026-03-10	MapUrlToZone Security Feature Bypass Vulnerability
CVE-2026-24285 2026-03-10 Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally.	HIGH 7.0	—	2026-03-10	Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally.
CVE-2026-23668 2026-03-10 Windows Graphics Component Elevation of Privilege Vulnerability	HIGH 7.0	—	2026-03-10	Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2026-23671 2026-03-10 Windows Bluetooth RFCOM Protocol Driver Elevation of Privilege Vulnerability	HIGH 7.0	—	2026-03-10	Windows Bluetooth RFCOM Protocol Driver Elevation of Privilege Vulnerability
CVE-2026-24295 2026-03-10 Windows Device Association Service Elevation of Privilege Vulnerability	HIGH 7.0	—	2026-03-10	Windows Device Association Service Elevation of Privilege Vulnerability
CVE-2026-24296 2026-03-10 Windows Device Association Service Elevation of Privilege Vulnerability	HIGH 7.0	—	2026-03-10	Windows Device Association Service Elevation of Privilege Vulnerability
CVE-2026-25170 2026-03-10 Windows Hyper-V Elevation of Privilege Vulnerability	HIGH 7.0	—	2026-03-10	Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2026-25171 2026-03-10 Windows Authentication Elevation of Privilege Vulnerability	HIGH 7.0	—	2026-03-10	Windows Authentication Elevation of Privilege Vulnerability
CVE-2026-25178 2026-03-10 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability	HIGH 7.0	—	2026-03-10	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-25179 2026-03-10 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability	HIGH 7.0	—	2026-03-10	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-25168 2026-03-10 Windows Graphics Component Denial of Service Vulnerability	HIGH 6.2	—	2026-03-10	Windows Graphics Component Denial of Service Vulnerability
CVE-2026-25169 2026-03-10 Windows Graphics Component Denial of Service Vulnerability	HIGH 6.2	—	2026-03-10	Windows Graphics Component Denial of Service Vulnerability
CVE-2026-25180 2026-03-10 Out-of-bounds read in Microsoft Graphics Component allows an unauthorized attacker to disclose information locally.	HIGH 5.5	—	2026-03-10	Out-of-bounds read in Microsoft Graphics Component allows an unauthorized attacker to disclose information locally.
CVE-2026-25186 2026-03-10 Windows Accessibility Infrastructure (ATBroker.exe) Information Disclosure Vulnerability	HIGH 5.5	—	2026-03-10	Windows Accessibility Infrastructure (ATBroker.exe) Information Disclosure Vulnerability
CVE-2026-25185 2026-03-10 Windows Shell Link Processing Spoofing Vulnerability	HIGH 5.3	—	2026-03-10	Windows Shell Link Processing Spoofing Vulnerability