FVM will include the Microsoft Patch Tuesday checks in the NIRV 4.57.0 and FVM Agent 2.18.
• Microsoft addressed 158 vulnerabilities this release, including 10 rated as Critical.
Microsoft has publicly disclosed the below vulnerabilities:
- CVE-2025-21366 - Microsoft Access Remote Code Execution Vulnerabiliy
- CVE-2025-21395 - Microsoft Access Remote Code Execution Vulnerability
- CVE-2025-21186 - Microsoft Access Remote Code Execution Vulnerability
- CVE-2025-21275 - Windows App Package Installer Elevation of Privilege Vulnerability
- CVE-2025-21308 - Windows Themes Spoofing Vulnerability
The following vulnerabilities were reported as actively exploited by Microsoft:
- CVE-2025-21333 - Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability
- CVE-2025-21334 - Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability
- CVE-2025-21335 - Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability
Exploiting these vulnerabilities allows attackers to gain SYSTEM privileges on Windows devices. No further information is provided from Microsoft on how the security vulnerability was exploited in attacks at this moment.
| CVE/Advisory | Title | Tag | Microsoft Severity Rating | Base Score | Microsoft Impact | Exploited | Publicly Disclosed |
| CVE-2025-21411 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21413 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21171 | .NET Remote Code Execution Vulnerability | .NET | Important | 7.5 | Remote Code Execution | No | No |
| CVE-2025-21210 | Windows BitLocker Information Disclosure Vulnerability | Windows Virtual Trusted Platform Module | Important | 4.2 | Information Disclosure | No | No |
| CVE-2025-21214 | Windows BitLocker Information Disclosure Vulnerability | Windows BitLocker | Important | 4.2 | Information Disclosure | No | No |
| CVE-2025-21215 | Secure Boot Security Feature Bypass Vulnerability | Windows Boot Manager | Important | 4.6 | Information Disclosure | No | No |
| CVE-2025-21233 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21234 | Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | Windows PrintWorkflowUserSvc | Important | 7.8 | Elevation of Privilege | No | No |
| CVE-2025-21235 | Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | Windows PrintWorkflowUserSvc | Important | 7.8 | Elevation of Privilege | No | No |
| CVE-2025-21236 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21237 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21239 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21241 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21242 | Windows Kerberos Information Disclosure Vulnerability | Windows Kerberos | Important | 5.9 | Information Disclosure | No | No |
| CVE-2025-21243 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21244 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21248 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21249 | Windows Digital Media Elevation of Privilege Vulnerability | Windows Digital Media | Important | 6.6 | Elevation of Privilege | No | No |
| CVE-2025-21251 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | Windows Message Queuing | Important | 7.5 | Denial of Service | No | No |
| CVE-2025-21252 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21255 | Windows Digital Media Elevation of Privilege Vulnerability | Windows Digital Media | Important | 6.6 | Elevation of Privilege | No | No |
| CVE-2025-21257 | Windows WLAN AutoConfig Service Information Disclosure Vulnerability | Windows WLAN Auto Config Service | Important | 5.5 | Information Disclosure | No | No |
| CVE-2025-21258 | Windows Digital Media Elevation of Privilege Vulnerability | Windows Digital Media | Important | 6.6 | Elevation of Privilege | No | No |
| CVE-2025-21260 | Windows Digital Media Elevation of Privilege Vulnerability | Windows Digital Media | Important | 6.6 | Elevation of Privilege | No | No |
| CVE-2025-21263 | Windows Digital Media Elevation of Privilege Vulnerability | Windows Digital Media | Important | 6.6 | Elevation of Privilege | No | No |
| CVE-2025-21265 | Windows Digital Media Elevation of Privilege Vulnerability | Windows Digital Media | Important | 6.6 | Elevation of Privilege | No | No |
| CVE-2025-21266 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21268 | MapUrlToZone Security Feature Bypass Vulnerability | Windows MapUrlToZone | Important | 4.3 | Security Feature Bypass | No | No |
| CVE-2025-21269 | Windows HTML Platforms Security Feature Bypass Vulnerability | Windows MapUrlToZone | Important | 4.3 | Security Feature Bypass | No | No |
| CVE-2025-21270 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | Windows Message Queuing | Important | 7.5 | Denial of Service | No | No |
| CVE-2025-21271 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | Windows Cloud Files Mini Filter Driver | Important | 7.8 | Elevation of Privilege | No | No |
| CVE-2025-21272 | Windows COM Server Information Disclosure Vulnerability | Windows COM | Important | 6.5 | Information Disclosure | No | No |
| CVE-2025-21277 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | Windows Message Queuing | Important | 7.5 | Denial of Service | No | No |
| CVE-2025-21280 | Windows Virtual Trusted Platform Module Denial of Service Vulnerability | Windows Virtual Trusted Platform Module | Important | 5.5 | Denial of Service | No | No |
| CVE-2025-21281 | Microsoft COM for Windows Elevation of Privilege Vulnerability | Windows COM | Important | 7.8 | Elevation of Privilege | No | No |
| CVE-2025-21282 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21284 | Windows Virtual Trusted Platform Module Denial of Service Vulnerability | Windows Virtual Trusted Platform Module | Important | 5.5 | Denial of Service | No | No |
| CVE-2025-21285 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | Windows Message Queuing | Important | 7.5 | Denial of Service | No | No |
| CVE-2025-21288 | Windows COM Server Information Disclosure Vulnerability | Windows COM | Important | 6.5 | Information Disclosure | No | No |
| CVE-2025-21289 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | Windows Message Queuing | Important | 7.5 | Denial of Service | No | No |
| CVE-2025-21290 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | Windows Message Queuing | Important | 7.5 | Denial of Service | No | No |
| CVE-2025-21291 | Windows Direct Show Remote Code Execution Vulnerability | Windows Direct Show | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21293 | Active Directory Domain Services Elevation of Privilege Vulnerability | Active Directory Domain Services | Important | 8.8 | Elevation of Privilege | No | No |
| CVE-2025-21294 | Microsoft Digest Authentication Remote Code Execution Vulnerability | Microsoft Digest Authentication | Critical | 8.1 | Remote Code Execution | No | No |
| CVE-2025-21295 | SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability | Windows SPNEGO Extended Negotiation | Critical | 8.1 | Remote Code Execution | No | No |
| CVE-2025-21296 | BranchCache Remote Code Execution Vulnerability | BranchCache | Critical | 7.5 | Remote Code Execution | No | No |
| CVE-2025-21297 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Windows Remote Desktop Services | Critical | 8.1 | Remote Code Execution | No | No |
| CVE-2025-21298 | Windows OLE Remote Code Execution Vulnerability | Windows OLE | Critical | 9.8 | Remote Code Execution | No | No |
| CVE-2025-21299 | Windows Kerberos Security Feature Bypass Vulnerability | Windows Kerberos | Important | 7.1 | Security Feature Bypass | No | No |
| CVE-2025-21301 | Windows Geolocation Service Information Disclosure Vulnerability | Windows Geolocation Service | Important | 6.5 | Information Disclosure | No | No |
| CVE-2025-21302 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21303 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21304 | Microsoft DWM Core Library Elevation of Privilege Vulnerability | Windows DWM Core Library | Important | 7.8 | Elevation of Privilege | No | No |
| CVE-2025-21306 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21309 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Windows Remote Desktop Services | Critical | 8.1 | Remote Code Execution | No | No |
| CVE-2025-21314 | Windows SmartScreen Spoofing Vulnerability | Windows SmartScreen | Important | 6.5 | Spoofing | No | No |
| CVE-2025-21315 | Microsoft Brokering File System Elevation of Privilege Vulnerability | Microsoft Brokering File System | Important | 7.8 | Elevation of Privilege | No | No |
| CVE-2025-21316 | Windows Kernel Memory Information Disclosure Vulnerability | Windows Kernel Memory | Important | 5.5 | Information Disclosure | No | No |
| CVE-2025-21318 | Windows Kernel Memory Information Disclosure Vulnerability | Windows Kernel Memory | Important | 5.5 | Information Disclosure | No | No |
| CVE-2025-21319 | Windows Kernel Memory Information Disclosure Vulnerability | Windows Kernel Memory | Important | 5.5 | Information Disclosure | No | No |
| CVE-2025-21320 | Windows Kernel Memory Information Disclosure Vulnerability | Windows Kernel Memory | Important | 5.5 | Information Disclosure | No | No |
| CVE-2025-21321 | Windows Kernel Memory Information Disclosure Vulnerability | Windows Kernel Memory | Important | 5.5 | Information Disclosure | No | No |
| CVE-2025-21327 | Windows Digital Media Elevation of Privilege Vulnerability | Windows Digital Media | Important | 6.6 | Elevation of Privilege | No | No |
| CVE-2025-21176 | .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability | .NET, .NET Framework, Visual Studio | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21178 | Visual Studio Remote Code Execution Vulnerability | Visual Studio | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21173 | .NET Elevation of Privilege Vulnerability | .NET | Important | 7.3 | Elevation of Privilege | No | No |
| CVE-2025-21341 | Windows Digital Media Elevation of Privilege Vulnerability | Windows Digital Media | Important | 6.6 | Elevation of Privilege | No | No |
| CVE-2025-21344 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Microsoft Office SharePoint | Important | 7.8 | Remote Code Execution | No | No |
| CVE-2025-21345 | Microsoft Office Visio Remote Code Execution Vulnerability | Microsoft Office Visio | Important | 7.8 | Remote Code Execution | No | No |
| CVE-2025-21346 | Microsoft Office Security Feature Bypass Vulnerability | Microsoft Office | Important | 7.1 | Security Feature Bypass | No | No |
| CVE-2025-21348 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Microsoft Office SharePoint | Important | 7.2 | Remote Code Execution | No | No |
| CVE-2025-21354 | Microsoft Excel Remote Code Execution Vulnerability | Microsoft Office Excel | Critical | 7.8 | Remote Code Execution | No | No |
| CVE-2025-21356 | Microsoft Office Visio Remote Code Execution Vulnerability | Microsoft Office Visio | Important | 7.8 | Remote Code Execution | No | No |
| CVE-2025-21357 | Microsoft Outlook Remote Code Execution Vulnerability | Microsoft Office Outlook | Important | 6.7 | Remote Code Execution | No | No |
| CVE-2025-21362 | Microsoft Excel Remote Code Execution Vulnerability | Microsoft Office Excel | Critical | 7.8 | Remote Code Execution | No | No |
| CVE-2025-21363 | Microsoft Word Remote Code Execution Vulnerability | Microsoft Office Word | Important | 7.8 | Remote Code Execution | No | No |
| CVE-2025-21364 | Microsoft Excel Security Feature Bypass Vulnerability | Microsoft Office Excel | Important | 7.8 | Security Feature Bypass | No | No |
| CVE-2025-21365 | Microsoft Office Remote Code Execution Vulnerability | Microsoft Office | Important | 7.8 | Remote Code Execution | No | No |
| CVE-2025-21366 | Microsoft Access Remote Code Execution Vulnerability | Microsoft Office Access | Important | 7.8 | Remote Code Execution | No | Yes |
| CVE-2025-21382 | Windows Graphics Component Elevation of Privilege Vulnerability | Microsoft Graphics Component | Important | 7.8 | Elevation of Privilege | No | No |
| CVE-2025-21219 | MapUrlToZone Security Feature Bypass Vulnerability | Windows MapUrlToZone | Important | 4.3 | Security Feature Bypass | No | No |
| CVE-2025-21389 | Windows upnphost.dll Denial of Service Vulnerability | Windows UPnP Device Host | Important | 7.5 | Denial of Service | No | No |
| CVE-2025-21393 | Microsoft SharePoint Server Spoofing Vulnerability | Microsoft Office SharePoint | Important | 6.3 | Spoofing | No | No |
| CVE-2025-21395 | Microsoft Access Remote Code Execution Vulnerability | Microsoft Office Access | Important | 7.8 | Remote Code Execution | No | Yes |
| CVE-2025-21403 | On-Premises Data Gateway Information Disclosure Vulnerability | Microsoft Azure Gateway Manager | Important | 6.4 | Information Disclosure | No | No |
| CVE-2025-21217 | Windows NTLM Spoofing Vulnerability | Windows NTLM | Important | 6.5 | Spoofing | No | No |
| CVE-2025-21405 | Visual Studio Elevation of Privilege Vulnerability | Visual Studio | Important | 7.3 | Elevation of Privilege | No | No |
| CVE-2025-21278 | Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability | Windows Remote Desktop Services | Important | 6.2 | Denial of Service | No | No |
| CVE-2025-21329 | MapUrlToZone Security Feature Bypass Vulnerability | Windows MapUrlToZone | Important | 4.3 | Security Feature Bypass | No | No |
| CVE-2025-21328 | MapUrlToZone Security Feature Bypass Vulnerability | Windows MapUrlToZone | Important | 4.3 | Security Feature Bypass | No | No |
| CVE-2025-21330 | Windows Remote Desktop Services Denial of Service Vulnerability | Windows Remote Desktop Services | Important | 7.5 | Denial of Service | No | No |
| CVE-2025-21220 | Microsoft Message Queuing Information Disclosure Vulnerability | Windows Message Queuing | Important | 7.5 | Information Disclosure | No | No |
| CVE-2025-21335 | Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability | Windows Hyper-V NT Kernel Integration VSP | Important | 7.8 | Elevation of Privilege | Yes | No |
| CVE-2025-21193 | Active Directory Federation Server Spoofing Vulnerability | Active Directory Federation Services | Important | 6.5 | Spoofing | No | No |
| CVE-2025-21207 | Windows Connected Devices Platform Service (Cdpsvc) Denial of Service Vulnerability | Windows Connected Devices Platform Service | Important | 7.5 | Denial of Service | No | No |
| CVE-2025-21202 | Windows Recovery Environment Agent Elevation of Privilege Vulnerability | Windows Recovery Environment Agent | Important | 6.1 | Elevation of Privilege | No | No |
| CVE-2025-21187 | Microsoft Power Automate Remote Code Execution Vulnerability | Power Automate | Important | 7.8 | Remote Code Execution | No | No |
| CVE-2025-21186 | Microsoft Access Remote Code Execution Vulnerability | Microsoft Office Access | Important | 7.8 | Remote Code Execution | No | Yes |
| CVE-2025-21211 | Secure Boot Security Feature Bypass Vulnerability | Windows Boot Loader | Important | 6.8 | Security Feature Bypass | No | No |
| CVE-2025-21213 | Secure Boot Security Feature Bypass Vulnerability | Windows BitLocker | Important | 4.6 | Security Feature Bypass | No | No |
| CVE-2025-21224 | Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability | Line Printer Daemon Service (LPD) | Important | 8.1 | Remote Code Execution | No | No |
| CVE-2025-21225 | Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability | Windows Remote Desktop Services | Important | 5.9 | Denial of Service | No | No |
| CVE-2025-21226 | Windows Digital Media Elevation of Privilege Vulnerability | Windows Digital Media | Important | 6.6 | Elevation of Privilege | No | No |
| CVE-2025-21227 | Windows Digital Media Elevation of Privilege Vulnerability | Windows Digital Media | Important | 6.6 | Elevation of Privilege | No | No |
| CVE-2025-21228 | Windows Digital Media Elevation of Privilege Vulnerability | Windows Digital Media | Important | 6.6 | Elevation of Privilege | No | No |
| CVE-2025-21229 | Windows Digital Media Elevation of Privilege Vulnerability | Windows Digital Media | Important | 6.6 | Elevation of Privilege | No | No |
| CVE-2025-21230 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | Windows Message Queuing | Important | 7.5 | Denial of Service | No | No |
| CVE-2025-21231 | IP Helper Denial of Service Vulnerability | IP Helper | Important | 7.5 | Denial of Service | No | No |
| CVE-2025-21232 | Windows Digital Media Elevation of Privilege Vulnerability | Windows Digital Media | Important | 6.6 | Elevation of Privilege | No | No |
| CVE-2025-21256 | Windows Digital Media Elevation of Privilege Vulnerability | Windows Digital Media | Important | 6.6 | Elevation of Privilege | No | No |
| CVE-2025-21261 | Windows Digital Media Elevation of Privilege Vulnerability | Windows Digital Media | Important | 6.6 | Elevation of Privilege | No | No |
| CVE-2025-21189 | MapUrlToZone Security Feature Bypass Vulnerability | Windows MapUrlToZone | Important | 4.3 | Security Feature Bypass | No | No |
| CVE-2025-21273 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21274 | Windows Event Tracing Denial of Service Vulnerability | Windows Event Tracing | Important | 5.5 | Denial of Service | No | No |
| CVE-2025-21275 | Windows App Package Installer Elevation of Privilege Vulnerability | Windows Installer | Important | 7.8 | Elevation of Privilege | No | Yes |
| CVE-2025-21276 | Windows MapUrlToZone Denial of Service Vulnerability | Windows MapUrlToZone | Important | 7.5 | Denial of Service | No | No |
| CVE-2025-21286 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21287 | Windows Installer Elevation of Privilege Vulnerability | Windows Installer | Important | 7.8 | Elevation of Privilege | No | No |
| CVE-2025-21292 | Windows Search Service Elevation of Privilege Vulnerability | Microsoft Windows Search Component | Important | 8.8 | Elevation of Privilege | No | No |
| CVE-2025-21300 | Windows upnphost.dll Denial of Service Vulnerability | Windows UPnP Device Host | Important | 7.5 | Denial of Service | No | No |
| CVE-2025-21305 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21307 | Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability | Reliable Multicast Transport Driver (RMCAST) | Critical | 9.8 | Remote Code Execution | No | No |
| CVE-2025-21308 | Windows Themes Spoofing Vulnerability | Windows Themes | Important | 6.5 | Spoofing | No | Yes |
| CVE-2025-21310 | Windows Digital Media Elevation of Privilege Vulnerability | Windows Digital Media | Important | 6.6 | Elevation of Privilege | No | No |
| CVE-2025-21312 | Windows Smart Card Reader Information Disclosure Vulnerability | Windows Smart Card | Important | 2.4 | Information Disclosure | No | No |
| CVE-2025-21317 | Windows Kernel Memory Information Disclosure Vulnerability | Windows Kernel Memory | Important | 5.5 | Information Disclosure | No | No |
| CVE-2025-21323 | Windows Kernel Memory Information Disclosure Vulnerability | Windows Kernel Memory | Important | 5.5 | Information Disclosure | No | No |
| CVE-2025-21172 | .NET and Visual Studio Remote Code Execution Vulnerability | .NET and Visual Studio | Important | 7.5 | Remote Code Execution | No | No |
| CVE-2025-21324 | Windows Digital Media Elevation of Privilege Vulnerability | Windows Digital Media | Important | 6.6 | Elevation of Privilege | No | No |
| CVE-2025-21331 | Windows Installer Elevation of Privilege Vulnerability | Windows Installer | Important | 7.3 | Elevation of Privilege | No | No |
| CVE-2025-21336 | Windows Cryptographic Information Disclosure Vulnerability | Windows Cryptographic Services | Important | 5.6 | Information Disclosure | No | No |
| CVE-2025-21338 | GDI+ Remote Code Execution Vulnerability | Windows Win32K - GRFX | Important | 7.8 | Remote Code Execution | No | No |
| CVE-2025-21339 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21340 | Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability | Windows Hello | Important | 5.5 | Security Feature Bypass | No | No |
| CVE-2025-21343 | Windows Web Threat Defense User Service Information Disclosure Vulnerability | Windows Web Threat Defense User Service | Important | 7.5 | Information Disclosure | No | No |
| CVE-2025-21360 | Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability | Microsoft AutoUpdate (MAU) | Important | 7.8 | Elevation of Privilege | No | No |
| CVE-2025-21361 | Microsoft Outlook Remote Code Execution Vulnerability | Microsoft Office Outlook for Mac | Important | 7.8 | Remote Code Execution | No | No |
| CVE-2025-21370 | Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability | Windows Virtualization-Based Security (VBS) Enclave | Important | 7.8 | Elevation of Privilege | No | No |
| CVE-2025-21372 | Microsoft Brokering File System Elevation of Privilege Vulnerability | Microsoft Brokering File System | Important | 7.8 | Elevation of Privilege | No | No |
| CVE-2025-21374 | Windows CSC Service Information Disclosure Vulnerability | Windows Client-Side Caching (CSC) Service | Important | 5.5 | Information Disclosure | No | No |
| CVE-2025-21378 | Windows CSC Service Elevation of Privilege Vulnerability | Windows Client-Side Caching (CSC) Service | Important | 7.8 | Elevation of Privilege | No | No |
| CVE-2025-21402 | Microsoft Office OneNote Remote Code Execution Vulnerability | Microsoft Office OneNote | Important | 7.8 | Remote Code Execution | No | No |
| CVE-2025-21218 | Windows Kerberos Denial of Service Vulnerability | Windows Kerberos | Important | 7.5 | Denial of Service | No | No |
| CVE-2025-21313 | Windows Security Account Manager (SAM) Denial of Service Vulnerability | Windows Security Account Manager | Important | 6.5 | Denial of Service | No | No |
| CVE-2025-21332 | MapUrlToZone Security Feature Bypass Vulnerability | Windows MapUrlToZone | Important | 4.3 | Security Feature Bypass | No | No |
| CVE-2025-21326 | Internet Explorer Remote Code Execution Vulnerability | Internet Explorer | Important | 7.8 | Remote Code Execution | No | No |
| CVE-2025-21311 | Windows NTLM V1 Elevation of Privilege Vulnerability | Windows NTLM | Critical | 9.8 | Elevation of Privilege | No | No |
| CVE-2025-21333 | Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability | Windows Hyper-V NT Kernel Integration VSP | Important | 7.8 | Elevation of Privilege | Yes | No |
| CVE-2025-21334 | Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability | Windows Hyper-V NT Kernel Integration VSP | Important | 7.8 | Elevation of Privilege | Yes | No |
| CVE-2025-21246 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21417 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21250 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21240 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21238 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21223 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21409 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
| CVE-2025-21245 | Windows Telephony Service Remote Code Execution Vulnerability | Windows Telephony Service | Important | 8.8 | Remote Code Execution | No | No |
Quickly Find and Fix Your Most At-Risk Weaknesses
Watch this demo to see how Fortra VM can help.