Security Updates for Windows App Client for Windows Desktop (April 2025)

🗓️ 11 Apr 2025 00:00:00Reported by TenableType

Windows App Client for Windows Desktop has a remote code execution vulnerability requiring an update.

Reporter	Title	Published	Views	Family All 46
Circl	CVE-2025-27487	8 Apr 202516:14	–	circl
CNNVD	Microsoft Remote Desktop Client 安全漏洞	8 Apr 202500:00	–	cnnvd
CVE	CVE-2025-27487	8 Apr 202517:24	–	cve
Cvelist	CVE-2025-27487 Remote Desktop Client Remote Code Execution Vulnerability	8 Apr 202517:24	–	cvelist
EUVD	EUVD-2025-10159	3 Oct 202520:07	–	euvd
Microsoft KB	April 8, 2025—KB5055518 (OS Builds 19044.5737 and 19045.5737) - EXPIRED	8 Apr 202507:00	–	mskb
Microsoft KB	April 8, 2025—KB5055519 (OS Build 17763.7136) - EXPIRED	8 Apr 202507:00	–	mskb
Microsoft KB	April 8, 2025—KB5055521 (OS Build 14393.7969)	8 Apr 202507:00	–	mskb
Microsoft KB	April 8, 2025—KB5055523 (OS Build 26100.3775)	8 Apr 202507:00	–	mskb
Microsoft KB	April 8, 2025—KB5055526 (OS Build 20348.3453)	8 Apr 202507:00	–	mskb

Source	Link
msrc	www.msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27487
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(234238);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/09/17");

  script_cve_id("CVE-2025-27487");

  script_name(english:"Security Updates for Windows App Client for Windows Desktop (April 2025)");

  script_set_attribute(attribute:"synopsis", value:
"The Windows app installed on the remote host is affected by a remote code execution vulnerability.");
  script_set_attribute(attribute:"description", value:
"The Windows App Client for Windows Desktop installed on the remote host is affected by a remote code execution
vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version 
number.");
  # 
  script_set_attribute(attribute:"see_also", value:"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27487");
  script_set_attribute(attribute:"solution", value:
"Upgrade to version 2.0.379.0 or later via the Microsoft Store.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:S/C:C/I:C/A:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2025-27487");
  script_cwe_id(122, 787);

  script_set_attribute(attribute:"vuln_publication_date", value:"2025/04/08");
  script_set_attribute(attribute:"patch_publication_date", value:"2025/04/08");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/04/11");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:microsoft:windows_app");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows : Microsoft Bulletins");

  script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("smb_hotfixes.nasl", "wmi_enum_windows_app_store.nbin");
  script_require_keys("SMB/Registry/Enumerated", "WMI/Windows App Store/Enumerated");
  script_require_ports(139, 445);

  exit(0);
}

include('vcf.inc');
include('vcf_extras.inc');

var app = 'MicrosoftCorporationII.Windows365';

var app_info = vcf::microsoft_appstore::get_app_info(app:app);

vcf::check_granularity(app_info:app_info, sig_segments:3);

var constraints = [
    { 'fixed_version' : '2.0.379.0'}
];

vcf::microsoft_appstore::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);

17 Sep 2025 00:00Current

8.5High risk

Vulners AI Score8.5

CVSS 3.18

EPSS0.00311

SSVC