CNNVD-202507-1085 Information

Jul 08, 2025 cve

CNNVD ID

CNNVD-202507-1085

CVE-2025-48806

  • CNNVD Published: 2025-07-08

Description (Chinese)

Microsoft MPEG-2 Video Extension是美国微软(Microsoft)公司的在 Windows 10 设备上的常用视频应用中播放 MPEG 视频。 Microsoft MPEG-2 Video Extension存在资源管理错误漏洞。攻击者利用该漏洞可以远程执行代码。以下产品和版本受到影响:Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based Systems,Windows Server 2019,Windows Server 2019 (Server Core installation),Windows Server 2022,Windows Server 2022 (Server Core installation),Windows 10 Version 21H2 for 32-bit Systems,Windows 10 Version 21H2 for ARM64-based Systems,Windows 10 Version 21H2 for x64-based Systems,Windows 11 Version 22H2 for ARM64-based Systems,Windows 11 Version 22H2 for x64-based Systems,Windows 10 Version 22H2 for x64-based Systems,Windows 10 Version 22H2 for ARM64-based Systems,Windows 10 Version 22H2 for 32-bit Systems,Windows Server 2025 (Server Core installation),Windows 11 Version 23H2 for ARM64-based Systems,Windows 11 Version 23H2 for x64-based Systems,Windows Server 2022, 23H2 Edition (Server Core installation),Windows 11 Version 24H2 for ARM64-based Systems,Windows 11 Version 24H2 for x64-based Systems,Windows Server 2025,Windows 10 for 32-bit Systems,Windows 10 for x64-based Systems,Windows 10 Version 1607 for 32-bit Systems,Windows 10 Version 1607 for x64-based Systems,Windows Server 2016,Windows Server 2016 (Server Core installation),Windows Server 2008 for 32-bit Systems Service Pack 2,Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation),Windows Server 2008 for x64-based Systems Service Pack 2,Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation),Windows Server 2008 R2 for x64-based Systems Service Pack 1,Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation),Windows Server 2012,Windows Server 2012 (Server Core installation),Windows Server 2012 R2,Windows Server 2012 R2 (Server Core installation)。

Description (English)

Microsoft MPEG-2 Video Extension is a common United States Microsoft (MSC) video application for Windows 10 devices. Microsoft MPEG-2 Video Extension has an error in resource management. The attackers used the loophole to implement the code remotely. The following products and versions are affected: Wows & & , Wows & & , Wows & & & & , Wows & & & , Wows & & & & , Wows & & & & & & , Wows & & & & & & & & , Wows & & & &s & & & & & & & , &s &s / / &s / &s / / / / / / / / / / / / / / / / / / / / / / / / / / / / W / / / / / / / / / / / / / / / / / / / / / / / / /

Hazard Level

Medium

Vulnerability Type

资源管理错误

Affected Vendor

微软

Published

2025-07-08

Last Modified

2026-02-24

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48806

Patch

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48806

Share on: