Связаться с нами
Услуги О компании Блог

Анализ обновлений Microsoft Patch Tuesday – Апрель 2025

Краткое Резюме

Во вторник, 08 апреля 2025 г., Microsoft выпустила ежемесячный патч безопасности, устраняющий 126 уязвимостй в своих продуктах.

По уровню опасности:

  • Critical - 11;
  • Important - 112;
  • Low - 2.

Эксплуатируемые (Zero-Days) и Публично Раскрытые Уязвимости

Особое внимание следует уделить на следующую уязвимость. Её исправление является наивысшим приоритетом:

  • CVE-2025-29824 (CVSS 7.8; Important) - Windows Common Log File System Driver Elevation of Privilege Vulnerability (Elevation of Privilege). Уязвимость CWE-416: Use After Free в Windows Common Log File System Driver позволяет локально повысить свои привилегии с уровня пользователя до уровня System.

Общий Обзор и Тенденции

Апрельский выпуск Patch Tuesday содержит значительное количество исправлений, охватывающих широкий спектр продуктов Microsoft. Наибольшее количество уязвимостей устранено в компонентах Windows (включая ядро, службы и приложения), а также в Microsoft Office и Edge. Преобладание уязвимостей Elevation of Privilege: Большая часть уязвимостей (около 40%) связана с возможностью повышения привилегий. Это указывает на продолжающиеся проблемы с безопасностью в управлении правами доступа в операционных системах и приложениях Microsoft. Уязвимости Remote Code Execution (RCE): 33 уязвимостей классифицированы как Critical или Important и связаны с возможностью удаленного выполнения кода. Эти уязвимости представляют серьезную угрозу, как наиболее опасный класс уязвимостей. Уязвимости в Office: Значительное количество уязвимостей обнаружено в Microsoft Office, включая Word, Excel и SharePoint. Это подчеркивает важность своевременного обновления Office и использования последних версий. Уязвимости в Edge: Также исправления коснулись браузера Microsoft Edge (Chromium-based), что указывает на актуальность угроз со стороны веб-браузеров. Уязвимости в RDP: Наличие нескольких уязвимостей в Remote Desktop Services (RDP) требует особого внимания, так как RDP часто используется как пользователями в легитимных целях, так является целью атак для злоуышленников.

Полный Список Уязвимостей

Ниже представлена таблица со всеми уязвимостями, исправленными в этом месяце.

CVETitleTypeCVSSSeverityЭксплуатируетсяПублично Раскрыта
CVE-2025-21205Windows Telephony Service Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantНетНет
CVE-2025-21221Windows Telephony Service Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantНетНет
CVE-2025-21222Windows Telephony Service Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantНетНет
CVE-2025-25000Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantНетНет
CVE-2025-26669Windows Routing and Remote Access Service (RRAS) Information Disclosure VulnerabilityInformation Disclosure8.8ImportantНетНет
CVE-2025-27477Windows Telephony Service Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantНетНет
CVE-2025-27481Windows Telephony Service Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantНетНет
CVE-2025-27740Active Directory Certificate Services Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantНетНет
CVE-2025-29794Microsoft SharePoint Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantНетНет
CVE-2025-27737Windows Security Zone Mapping Security Feature Bypass VulnerabilitySecurity Feature Bypass8.6ImportantНетНет
CVE-2025-26678Windows Defender Application Control Security Feature Bypass VulnerabilitySecurity Feature Bypass8.4ImportantНетНет
CVE-2025-26647Windows Kerberos Elevation of Privilege VulnerabilityElevation of Privilege8.1ImportantНетНет
CVE-2025-26663Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution VulnerabilityRemote Code Execution8.1CriticalНетНет
CVE-2025-26670Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution VulnerabilityRemote Code Execution8.1CriticalНетНет
CVE-2025-26671Windows Remote Desktop Services Remote Code Execution VulnerabilityRemote Code Execution8.1ImportantНетНет
CVE-2025-27480Windows Remote Desktop Services Remote Code Execution VulnerabilityRemote Code Execution8.1CriticalНетНет
CVE-2025-27482Windows Remote Desktop Services Remote Code Execution VulnerabilityRemote Code Execution8.1CriticalНетНет
CVE-2025-27487Remote Desktop Client Remote Code Execution VulnerabilityRemote Code Execution8.0ImportantНетНет
CVE-2025-21204Windows Process Activation Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-24058Windows DWM Core Library Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-24060Microsoft DWM Core Library Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-24062Microsoft DWM Core Library Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-24073Microsoft DWM Core Library Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-24074Microsoft DWM Core Library Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-26639Windows USB Print Driver Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-26642Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2025-26648Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-26666Windows Media Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2025-26674Windows Media Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2025-26675Windows Subsystem for Linux Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-26679RPC Endpoint Mapper Service Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-26688Microsoft Virtual Hard Disk Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-27467Windows Digital Media Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-27476Windows Digital Media Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-27483NTFS Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-27489Azure Local Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-27490Windows Bluetooth Service Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-27727Windows Installer Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-27728Windows Kernel-Mode Driver Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-27729Windows Shell Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2025-27730Windows Digital Media Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-27731Microsoft OpenSSH for Windows Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-27733NTFS Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-27739Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-27741NTFS Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-27743Microsoft System Center Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-27744Microsoft Office Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-27745Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalНетНет
CVE-2025-27746Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2025-27747Microsoft Word Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2025-27748Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalНетНет
CVE-2025-27749Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalНетНет
CVE-2025-27750Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2025-27751Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2025-27752Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalНетНет
CVE-2025-29791Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalНетНет
CVE-2025-29800Microsoft AutoUpdate (MAU) Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-29801Microsoft AutoUpdate (MAU) Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-29811Windows Mobile Broadband Driver Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-29812DirectX Graphics Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-29820Microsoft Word Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2025-29822Microsoft OneNote Security Feature Bypass VulnerabilitySecurity Feature Bypass7.8ImportantНетНет
CVE-2025-29823Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2025-29824Windows Common Log File System Driver Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantДаНет
CVE-2025-29815Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution7.6ImportantНетНет
CVE-2025-21174Windows Standards-Based Storage Management Service Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2025-26641Microsoft Message Queuing (MSMQ) Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2025-26652Windows Standards-Based Storage Management Service Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2025-26668Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityRemote Code Execution7.5ImportantНетНет
CVE-2025-26673Windows Lightweight Directory Access Protocol (LDAP) Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2025-26680Windows Standards-Based Storage Management Service Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2025-26682ASP.NET Core and Visual Studio Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2025-26686Windows TCP/IP Remote Code Execution VulnerabilityRemote Code Execution7.5CriticalНетНет
CVE-2025-26687Win32k Elevation of Privilege VulnerabilityElevation of Privilege7.5ImportantНетНет
CVE-2025-27469Windows Lightweight Directory Access Protocol (LDAP) Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2025-27470Windows Standards-Based Storage Management Service Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2025-27473HTTP.sys Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2025-27479Kerberos Key Distribution Proxy Service Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2025-27484Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege VulnerabilityElevation of Privilege7.5ImportantНетНет
CVE-2025-27485Windows Standards-Based Storage Management Service Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2025-27486Windows Standards-Based Storage Management Service Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2025-29805Outlook for Android Information Disclosure VulnerabilityInformation Disclosure7.5ImportantНетНет
CVE-2025-29810Active Directory Domain Services Elevation of Privilege VulnerabilityElevation of Privilege7.5ImportantНетНет
CVE-2025-29816Microsoft Word Security Feature Bypass VulnerabilitySecurity Feature Bypass7.5ImportantНетНет
CVE-2025-26628Azure Local Cluster Information Disclosure VulnerabilityInformation Disclosure7.3ImportantНетНет
CVE-2025-29792Microsoft Office Elevation of Privilege VulnerabilityElevation of Privilege7.3ImportantНетНет
CVE-2025-29802Visual Studio Elevation of Privilege VulnerabilityElevation of Privilege7.3ImportantНетНет
CVE-2025-29803Visual Studio Tools for Applications and SQL Server Management Studio Elevation of Privilege VulnerabilityElevation of Privilege7.3ImportantНетНет
CVE-2025-29804Visual Studio Elevation of Privilege VulnerabilityElevation of Privilege7.3ImportantНетНет
CVE-2025-29793Microsoft SharePoint Remote Code Execution VulnerabilityRemote Code Execution7.2ImportantНетНет
CVE-2025-27491Windows Hyper-V Remote Code Execution VulnerabilityRemote Code Execution7.1CriticalНетНет
CVE-2025-29809Windows Kerberos Security Feature Bypass VulnerabilitySecurity Feature Bypass7.1ImportantНетНет
CVE-2025-21191Windows Local Security Authority (LSA) Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2025-26640Windows Digital Media Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2025-26649Windows Secure Channel Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2025-26665Windows upnphost.dll Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2025-27475Windows Update Stack Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2025-27478Windows Local Security Authority (LSA) Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2025-27492Windows Secure Channel Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2025-27732Windows Graphics Component Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2025-20570Visual Studio Code Elevation of Privilege VulnerabilityElevation of Privilege6.8ImportantНетНет
CVE-2025-25002Azure Local Cluster Information Disclosure VulnerabilityInformation Disclosure6.8ImportantНетНет
CVE-2025-26637BitLocker Security Feature Bypass VulnerabilitySecurity Feature Bypass6.8ImportantНетНет
CVE-2025-26681Win32k Elevation of Privilege VulnerabilityElevation of Privilege6.7ImportantНетНет
CVE-2025-21197Windows NTFS Information Disclosure VulnerabilityInformation Disclosure6.5ImportantНетНет
CVE-2025-21203Windows Routing and Remote Access Service (RRAS) Information Disclosure VulnerabilityInformation Disclosure6.5ImportantНетНет
CVE-2025-26635Windows Hello Security Feature Bypass VulnerabilitySecurity Feature Bypass6.5ImportantНетНет
CVE-2025-26651Windows Local Session Manager (LSM) Denial of Service VulnerabilityDenial of Service6.5ImportantНетНет
CVE-2025-26664Windows Routing and Remote Access Service (RRAS) Information Disclosure VulnerabilityInformation Disclosure6.5ImportantНетНет
CVE-2025-26667Windows Routing and Remote Access Service (RRAS) Information Disclosure VulnerabilityInformation Disclosure6.5ImportantНетНет
CVE-2025-26672Windows Routing and Remote Access Service (RRAS) Information Disclosure VulnerabilityInformation Disclosure6.5ImportantНетНет
CVE-2025-26676Windows Routing and Remote Access Service (RRAS) Information Disclosure VulnerabilityInformation Disclosure6.5ImportantНетНет
CVE-2025-27474Windows Routing and Remote Access Service (RRAS) Information Disclosure VulnerabilityInformation Disclosure6.5ImportantНетНет
CVE-2025-27738Windows Resilient File System (ReFS) Information Disclosure VulnerabilityInformation Disclosure6.5ImportantНетНет
CVE-2025-29819Windows Admin Center in Azure Portal Information Disclosure VulnerabilityInformation Disclosure6.2ImportantНетНет
CVE-2025-27735Windows Virtualization-Based Security (VBS) Security Feature Bypass VulnerabilitySecurity Feature Bypass6.0ImportantНетНет
CVE-2025-27471Microsoft Streaming Service Denial of Service VulnerabilityDenial of Service5.9ImportantНетНет
CVE-2025-27736Windows Power Dependency Coordinator Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2025-27742NTFS Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2025-29808Windows Cryptographic Services Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2025-29821Microsoft Dynamics Business Central Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2025-27472Windows Mark of the Web Security Feature Bypass VulnerabilitySecurity Feature Bypass5.4ImportantНетНет
CVE-2025-26644Windows Hello Spoofing VulnerabilitySpoofing5.1ImportantНетНет
CVE-2025-29796Microsoft Edge for iOS Spoofing VulnerabilitySpoofing4.7LowНетНет
CVE-2025-25001Microsoft Edge for iOS Spoofing VulnerabilitySpoofing4.3LowНетНет
Paraniod Security Уязвимости манипуляции MSR: полный контроль? Обзор эксплуатации на примере уязвимого драйвера. 1 февраля
Уязвимости манипуляции MSR: полный контроль? Обзор эксплуатации на примере уязвимого драйвера.