Связаться с нами
Услуги О компании Pert Блог
MS Patch Tuesday

Анализ обновлений Microsoft Patch Tuesday – Апрель 2025

Краткое Резюме

Во вторник, 08 апреля 2025 г., Microsoft выпустила ежемесячный патч безопасности, устраняющий 126 уязвимостй в своих продуктах.

По уровню опасности:

  • Critical - 11;
  • Important - 112;
  • Low - 2.

Эксплуатируемые (Zero-Days) и Публично Раскрытые Уязвимости

Особое внимание следует уделить на следующую уязвимость. Её исправление является наивысшим приоритетом:

  • CVE-2025-29824 (CVSS 7.8; Important) - Windows Common Log File System Driver Elevation of Privilege Vulnerability (Elevation of Privilege). Уязвимость CWE-416: Use After Free в Windows Common Log File System Driver позволяет локально повысить свои привилегии с уровня пользователя до уровня System.

Общий Обзор и Тенденции

Апрельский выпуск Patch Tuesday содержит значительное количество исправлений, охватывающих широкий спектр продуктов Microsoft. Наибольшее количество уязвимостей устранено в компонентах Windows (включая ядро, службы и приложения), а также в Microsoft Office и Edge.

  • Преобладание уязвимостей Elevation of Privilege: Большая часть уязвимостей (около 40%) связана с возможностью повышения привилегий. Это указывает на продолжающиеся проблемы с безопасностью в управлении правами доступа в операционных системах и приложениях Microsoft.
  • Уязвимости Remote Code Execution (RCE): 33 уязвимостей классифицированы как Critical или Important и связаны с возможностью удаленного выполнения кода. Эти уязвимости представляют серьезную угрозу, как наиболее опасный класс уязвимостей.
  • Уязвимости в Office: Значительное количество уязвимостей обнаружено в Microsoft Office, включая Word, Excel и SharePoint. Это подчеркивает важность своевременного обновления Office и использования последних версий.
  • Уязвимости в Edge: Также исправления коснулись браузера Microsoft Edge (Chromium-based), что указывает на актуальность угроз со стороны веб-браузеров.
  • Уязвимости в RDP: Наличие нескольких уязвимостей в Remote Desktop Services (RDP) требует особого внимания, так как RDP часто используется как пользователями в легитимных целях, так является целью атак для злоуышленников.

Полный Список Уязвимостей

Ниже представлена таблица со всеми уязвимостями, исправленными в этом месяце.

CVETitleTypeCVSSSeverityЭксплуатируетсяПублично Раскрыта
CVE-2025-21205Windows Telephony Service Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantНетНет
CVE-2025-21221Windows Telephony Service Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantНетНет
CVE-2025-21222Windows Telephony Service Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantНетНет
CVE-2025-25000Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantНетНет
CVE-2025-26669Windows Routing and Remote Access Service (RRAS) Information Disclosure VulnerabilityInformation Disclosure8.8ImportantНетНет
CVE-2025-27477Windows Telephony Service Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantНетНет
CVE-2025-27481Windows Telephony Service Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantНетНет
CVE-2025-27740Active Directory Certificate Services Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantНетНет
CVE-2025-29794Microsoft SharePoint Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantНетНет
CVE-2025-27737Windows Security Zone Mapping Security Feature Bypass VulnerabilitySecurity Feature Bypass8.6ImportantНетНет
CVE-2025-26678Windows Defender Application Control Security Feature Bypass VulnerabilitySecurity Feature Bypass8.4ImportantНетНет
CVE-2025-26647Windows Kerberos Elevation of Privilege VulnerabilityElevation of Privilege8.1ImportantНетНет
CVE-2025-26663Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution VulnerabilityRemote Code Execution8.1CriticalНетНет
CVE-2025-26670Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution VulnerabilityRemote Code Execution8.1CriticalНетНет
CVE-2025-26671Windows Remote Desktop Services Remote Code Execution VulnerabilityRemote Code Execution8.1ImportantНетНет
CVE-2025-27480Windows Remote Desktop Services Remote Code Execution VulnerabilityRemote Code Execution8.1CriticalНетНет
CVE-2025-27482Windows Remote Desktop Services Remote Code Execution VulnerabilityRemote Code Execution8.1CriticalНетНет
CVE-2025-27487Remote Desktop Client Remote Code Execution VulnerabilityRemote Code Execution8.0ImportantНетНет
CVE-2025-21204Windows Process Activation Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-24058Windows DWM Core Library Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-24060Microsoft DWM Core Library Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-24062Microsoft DWM Core Library Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-24073Microsoft DWM Core Library Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-24074Microsoft DWM Core Library Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-26639Windows USB Print Driver Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-26642Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2025-26648Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-26666Windows Media Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2025-26674Windows Media Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2025-26675Windows Subsystem for Linux Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-26679RPC Endpoint Mapper Service Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-26688Microsoft Virtual Hard Disk Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-27467Windows Digital Media Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-27476Windows Digital Media Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-27483NTFS Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-27489Azure Local Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-27490Windows Bluetooth Service Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-27727Windows Installer Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-27728Windows Kernel-Mode Driver Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-27729Windows Shell Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2025-27730Windows Digital Media Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-27731Microsoft OpenSSH for Windows Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-27733NTFS Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-27739Windows Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-27741NTFS Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-27743Microsoft System Center Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-27744Microsoft Office Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-27745Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalНетНет
CVE-2025-27746Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2025-27747Microsoft Word Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2025-27748Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalНетНет
CVE-2025-27749Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalНетНет
CVE-2025-27750Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2025-27751Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2025-27752Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalНетНет
CVE-2025-29791Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8CriticalНетНет
CVE-2025-29800Microsoft AutoUpdate (MAU) Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-29801Microsoft AutoUpdate (MAU) Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-29811Windows Mobile Broadband Driver Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-29812DirectX Graphics Kernel Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantНетНет
CVE-2025-29820Microsoft Word Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2025-29822Microsoft OneNote Security Feature Bypass VulnerabilitySecurity Feature Bypass7.8ImportantНетНет
CVE-2025-29823Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantНетНет
CVE-2025-29824Windows Common Log File System Driver Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantДаНет
CVE-2025-29815Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityRemote Code Execution7.6ImportantНетНет
CVE-2025-21174Windows Standards-Based Storage Management Service Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2025-26641Microsoft Message Queuing (MSMQ) Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2025-26652Windows Standards-Based Storage Management Service Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2025-26668Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityRemote Code Execution7.5ImportantНетНет
CVE-2025-26673Windows Lightweight Directory Access Protocol (LDAP) Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2025-26680Windows Standards-Based Storage Management Service Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2025-26682ASP.NET Core and Visual Studio Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2025-26686Windows TCP/IP Remote Code Execution VulnerabilityRemote Code Execution7.5CriticalНетНет
CVE-2025-26687Win32k Elevation of Privilege VulnerabilityElevation of Privilege7.5ImportantНетНет
CVE-2025-27469Windows Lightweight Directory Access Protocol (LDAP) Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2025-27470Windows Standards-Based Storage Management Service Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2025-27473HTTP.sys Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2025-27479Kerberos Key Distribution Proxy Service Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2025-27484Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege VulnerabilityElevation of Privilege7.5ImportantНетНет
CVE-2025-27485Windows Standards-Based Storage Management Service Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2025-27486Windows Standards-Based Storage Management Service Denial of Service VulnerabilityDenial of Service7.5ImportantНетНет
CVE-2025-29805Outlook for Android Information Disclosure VulnerabilityInformation Disclosure7.5ImportantНетНет
CVE-2025-29810Active Directory Domain Services Elevation of Privilege VulnerabilityElevation of Privilege7.5ImportantНетНет
CVE-2025-29816Microsoft Word Security Feature Bypass VulnerabilitySecurity Feature Bypass7.5ImportantНетНет
CVE-2025-26628Azure Local Cluster Information Disclosure VulnerabilityInformation Disclosure7.3ImportantНетНет
CVE-2025-29792Microsoft Office Elevation of Privilege VulnerabilityElevation of Privilege7.3ImportantНетНет
CVE-2025-29802Visual Studio Elevation of Privilege VulnerabilityElevation of Privilege7.3ImportantНетНет
CVE-2025-29803Visual Studio Tools for Applications and SQL Server Management Studio Elevation of Privilege VulnerabilityElevation of Privilege7.3ImportantНетНет
CVE-2025-29804Visual Studio Elevation of Privilege VulnerabilityElevation of Privilege7.3ImportantНетНет
CVE-2025-29793Microsoft SharePoint Remote Code Execution VulnerabilityRemote Code Execution7.2ImportantНетНет
CVE-2025-27491Windows Hyper-V Remote Code Execution VulnerabilityRemote Code Execution7.1CriticalНетНет
CVE-2025-29809Windows Kerberos Security Feature Bypass VulnerabilitySecurity Feature Bypass7.1ImportantНетНет
CVE-2025-21191Windows Local Security Authority (LSA) Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2025-26640Windows Digital Media Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2025-26649Windows Secure Channel Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2025-26665Windows upnphost.dll Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2025-27475Windows Update Stack Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2025-27478Windows Local Security Authority (LSA) Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2025-27492Windows Secure Channel Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2025-27732Windows Graphics Component Elevation of Privilege VulnerabilityElevation of Privilege7.0ImportantНетНет
CVE-2025-20570Visual Studio Code Elevation of Privilege VulnerabilityElevation of Privilege6.8ImportantНетНет
CVE-2025-25002Azure Local Cluster Information Disclosure VulnerabilityInformation Disclosure6.8ImportantНетНет
CVE-2025-26637BitLocker Security Feature Bypass VulnerabilitySecurity Feature Bypass6.8ImportantНетНет
CVE-2025-26681Win32k Elevation of Privilege VulnerabilityElevation of Privilege6.7ImportantНетНет
CVE-2025-21197Windows NTFS Information Disclosure VulnerabilityInformation Disclosure6.5ImportantНетНет
CVE-2025-21203Windows Routing and Remote Access Service (RRAS) Information Disclosure VulnerabilityInformation Disclosure6.5ImportantНетНет
CVE-2025-26635Windows Hello Security Feature Bypass VulnerabilitySecurity Feature Bypass6.5ImportantНетНет
CVE-2025-26651Windows Local Session Manager (LSM) Denial of Service VulnerabilityDenial of Service6.5ImportantНетНет
CVE-2025-26664Windows Routing and Remote Access Service (RRAS) Information Disclosure VulnerabilityInformation Disclosure6.5ImportantНетНет
CVE-2025-26667Windows Routing and Remote Access Service (RRAS) Information Disclosure VulnerabilityInformation Disclosure6.5ImportantНетНет
CVE-2025-26672Windows Routing and Remote Access Service (RRAS) Information Disclosure VulnerabilityInformation Disclosure6.5ImportantНетНет
CVE-2025-26676Windows Routing and Remote Access Service (RRAS) Information Disclosure VulnerabilityInformation Disclosure6.5ImportantНетНет
CVE-2025-27474Windows Routing and Remote Access Service (RRAS) Information Disclosure VulnerabilityInformation Disclosure6.5ImportantНетНет
CVE-2025-27738Windows Resilient File System (ReFS) Information Disclosure VulnerabilityInformation Disclosure6.5ImportantНетНет
CVE-2025-29819Windows Admin Center in Azure Portal Information Disclosure VulnerabilityInformation Disclosure6.2ImportantНетНет
CVE-2025-27735Windows Virtualization-Based Security (VBS) Security Feature Bypass VulnerabilitySecurity Feature Bypass6.0ImportantНетНет
CVE-2025-27471Microsoft Streaming Service Denial of Service VulnerabilityDenial of Service5.9ImportantНетНет
CVE-2025-27736Windows Power Dependency Coordinator Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2025-27742NTFS Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2025-29808Windows Cryptographic Services Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2025-29821Microsoft Dynamics Business Central Information Disclosure VulnerabilityInformation Disclosure5.5ImportantНетНет
CVE-2025-27472Windows Mark of the Web Security Feature Bypass VulnerabilitySecurity Feature Bypass5.4ImportantНетНет
CVE-2025-26644Windows Hello Spoofing VulnerabilitySpoofing5.1ImportantНетНет
CVE-2025-29796Microsoft Edge for iOS Spoofing VulnerabilitySpoofing4.7LowНетНет
CVE-2025-25001Microsoft Edge for iOS Spoofing VulnerabilitySpoofing4.3LowНетНет
Paranoid Security Уязвимости манипуляции MSR: полный контроль? 1 февраля
Уязвимости манипуляции MSR: полный контроль?
Paranoid Security Как злоумышленники используют подписанные драйверы для захвата инфраструктуры. Разбор техники BYOVD. 10 октября
Vulnerability Research Как злоумышленники используют подписанные драйверы для захвата инфраструктуры. Разбор техники BYOVD.
Paranoid Security Анализ обновлений Microsoft Patch Tuesday – Сентябрь 2025 9 сентября
MS Patch Tuesday Анализ обновлений Microsoft Patch Tuesday – Сентябрь 2025