Advisory 2025-0472 - Microsoft Windows/Windows Server: Multiple Vulnerabilities
The CTI portal is available at the following address: https://cti-portal.telekom.net/advisories/2025-0472
Date
2025-03-12
State
2025-03-20
Risk*
Damage: HIGH
Attack Probability: MEDIUM-HIGH
Attack
A remote, anonymous attacker can exploit multiple vulnerabilities in Microsoft Windows Server, Microsoft Windows Server 2012, Microsoft Windows Server 2012 R2, Microsoft Windows 10, Microsoft Windows Server 2016, Microsoft Windows Server 2019, Microsoft Windows, Microsoft Windows Server 2022, and Microsoft Windows 11 to execute arbitrary code, escalate privileges, spoof, bypass security measures, disclose information, or cause a denial of service.
* The probability of an attack is determined by the attacker's motivation, the necessary expend and the possibilities for an attack. The damage probability is determined by the expend needed to resolute the attack and probable indirecte consequences of an attack for business processes. Telekom Security assumes worst case scenarios.
Copyright © 1999-2025 Deutsche Telekom Security GmbH. All rights reserved. Reproduction and distribution of this publication in any form - even in parts - without prior written permission is forbidden.
The information contained herein has been obtained from sources believed to be reliable and trusted or have been verified. Telekom Security can take liability for completeness, accuracy and correctness only in so far, as gross negligence or intention create liability. Any liability beyond it, in particular possible damages resulting from using or non-usability of the information contained herein, is excluded.