CNNVD-202507-1080 Information
CNNVD ID
CNNVD-202507-1080
Related CVE
- CNNVD Published: 2025-07-08
Description (Chinese)
Microsoft Windows Update是美国微软(Microsoft)公司的一个程序更新服务。 Microsoft Windows Update存在后置链接漏洞。攻击者利用该漏洞可以提升权限。以下产品和版本受到影响:Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based Systems,Windows 10 Version 21H2 for 32-bit Systems,Windows 10 Version 21H2 for ARM64-based Systems,Windows 10 Version 21H2 for x64-based Systems,Windows 11 Version 22H2 for ARM64-based Systems,Windows 11 Version 22H2 for x64-based Systems,Windows 10 Version 22H2 for x64-based Systems,Windows 10 Version 22H2 for ARM64-based Systems,Windows 10 Version 22H2 for 32-bit Systems,Windows Server 2025 (Server Core installation),Windows 11 Version 23H2 for ARM64-based Systems,Windows 11 Version 23H2 for x64-based Systems,Windows 11 Version 24H2 for ARM64-based Systems,Windows 11 Version 24H2 for x64-based Systems,Windows Server 2025,Windows 10 Version 1607 for x64-based Systems,Windows 10 Version 1607 for 32-bit Systems。
Description (English)
Microsoft Windows Update is a program update service for Microsoft USA. Microsoft Windows Update has a backlink loophole. The attackers use this loophole to enhance their authority. The following products and versions have been affected: Windows 10.
Hazard Level
Medium
Vulnerability Type
后置链接
Affected Vendor
微软
Published
2025-07-08
Last Modified
2026-02-24
References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48799
Patch
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48799
Share on: