November 10, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Multiple Google Chrome Vulnerabilities
November 7, 2025Multiple Adobe Substance Vulnerabilities
November 7, 2025Multiple Google Chrome Vulnerabilities
November 7, 2025Multiple Adobe Substance Vulnerabilities
November 7, 2025
Severity
Medium
Analysis Summary
CVE-2025-59196 CVSS:7
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.
CVE-2025-59280 CVSS:3.1
Improper authentication in Windows SMB Client allows an unauthorized attacker to perform tampering over a network.
CVE-2025-58726 CVSS:7.5
Improper access control in Windows SMB Server allows an authorized attacker to elevate privileges over a network.
CVE-2025-59203 CVSS:5.5
Insertion of sensitive information into log file in Windows StateRepository API allows an authorized attacker to disclose information locally.
CVE-2025-55325 CVSS:5.5
Buffer over-read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
CVE-2025-59294 CVSS:2.1
Exposure of sensitive information to an unauthorized actor in Windows Taskbar Live allows an unauthorized attacker to disclose information with a physical attack.
CVE-2025-59295 CVSS:8.8
Heap-based buffer overflow in Internet Explorer allows an unauthorized attacker to execute code over a network.
CVE-2025-55695 CVSS:5.5
Out-of-bounds read in Windows WLAN Auto Config Service allows an authorized attacker to disclose information locally.
Impact
- Gain Access
- Code Execution
- Privilege Escalation
- Information Disclosure
Indicators of Compromise
CVE
- CVE-2025-59196
- CVE-2025-59280
- CVE-2025-58726
- CVE-2025-59203
- CVE-2025-55325
- CVE-2025-59294
- CVE-2025-59295
- CVE-2025-55695
Affected Vendors
- Microsoft
Affected Products
- Microsoft Windows 10 Version 1607 for 32-bit Systems
- Microsoft Windows 10 Version 1607 for x64-based Systems
- Microsoft Windows 10 Version 1809 for 32-bit Systems
- Microsoft Windows 10 Version 1809 for x64-based Systems
- Microsoft Windows Server 2019 (Server Core installation)
- Microsoft Windows Server 2022 (Server Core installation)
- Microsoft Windows Server 2016 (Server Core installation)
- Microsoft Windows Server 2025
- Microsoft Windows 11 Version 24H2 for x64-based Systems
- Microsoft Windows 11 Version 24H2 for ARM64-based Systems
- Microsoft Windows 11 Version 23H2 for x64-based Systems
- Microsoft Windows 11 Version 23H2 for ARM64-based Systems
- Microsoft Windows Server 2025 (Server Core installation)
- Microsoft Windows 10 Version 22H2 for x64-based Systems
- Microsoft Windows 11 Version 22H2 for x64-based Systems
- Microsoft Windows 11 Version 22H2 for ARM64-based Systems
- Microsoft Windows 10 Version 21H2 for x64-based Systems
- Microsoft Windows 10 Version 22H2 for 32-bit Systems
- Microsoft Windows 10 Version 22H2 for ARM64-based Systems
- Microsoft Windows 10 Version 21H2 for ARM64-based Systems
- Microsoft Windows Server 2022 - 23H2 Edition (Server Core installation)
- Microsoft Windows 11 Version 25H2 for ARM64-based Systems
- Microsoft Windows 11 Version 25H2 for x64-based Systems
Remediation
Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.