2025-08 Cumulative security Hotpatch for Azure Stack HCI, version 21H2 and Windows Server 2022 Datacenter: Azure Edition for x64-based Systems (KB5063812)

Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information...

Microsoft Windows TrueType Font (TTF)远程代码执行漏洞（MS12-078)

BUGTRAQ ID: 56842 CVECAN ID: CVE-2012-4786 Microsoft Windows是Microsoft开发的Windows是目前世界上用户最多、并且兼容性最强的操作系统。 Microsoft Windows未正确处理TrueType Font TTF文件而存在安全漏洞。通过诱使用户浏览恶意网站或打开恶意文件，未经身份验证的远程攻击者可利用此漏洞在内核态中执行任意代码。 0 Microsoft Windows RT Microsoft Windows 8 Microsoft Windows 7 Microsoft Windows XP...

Microsoft Windows Kernel 'Win32k.sys'整数溢出权限提升漏洞（MS12-068）

BUGTRAQ ID: 55793 CVECAN ID: CVE-2012-2529 Microsoft Windows是微软发布的非常流行的操作系统。 Windows Kernel不正确地处理了内存对象，存在权限提升漏洞，可导致在内核模式下运行任意代码。 0 Microsoft Windows 7 Microsoft Windows XP Professional Microsoft Windows XP Home Edition Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server...

Microsoft Windows ClickOnce Application Installer Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a malformed file. Successful exploits can allow attackers to execute arbitrary code within the privileges of the user running the...

Microsoft Windows 'Win32k.sys' TrueType Font Handling Remote Code Execution Vulnerability

Description Microsoft Windows kernel is prone to a remote code-execution vulnerability. An attacker can exploit this issue by tricking an unsuspecting victim into opening a specially malformed TrueType font. Successful exploits can allow attackers to execute arbitrary code with kernel-level...

Microsoft Windows DNS Server Uninitialized Memory Remote Denial of Service Vulnerability

Description The Microsoft Windows DNS Server is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the DNS server service to stop responding, denying service to legitimate users. Technologies Affected Microsoft Windows Server 2003 Datacenter Edition...

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1227) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a NULL-pointer dereference. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1238) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free condition. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

Microsoft Help and Support Center 'sysinfo/sysinfomain.htm' Cross Site Scripting Weakness

Description Help and Support Center is prone to a cross-site scripting weakness because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the privileged zone of the browser of an unsuspecting user. NOTE: This issue is a...

Microsoft Windows Kernel Registry Key Symbolic Link Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Fail...

Microsoft Windows Kernel NULL Pointer Local Denial Of Service Vulnerability

Description Microsoft Windows is prone to a local denial-of-service vulnerability that affects the Windows kernel. Attackers can exploit this issue to cause affected computers to become unresponsive and restart, causing a denial-of-service condition. Due to the nature of this issue, code executio...

Microsoft Windows SMTP Server MX Record Denial of Service Vulnerability

Description The Microsoft Windows Simple Mail Transfer Protocol SMTP Server is prone to a denial-of-service vulnerability. Successful exploits will cause the affected SMTP server to stop responding, denying service to legitimate users. Technologies Affected Avaya Meeting Exchange - Client...

Microsoft Windows WINS Server Network Packet Remote Heap Buffer Overflow Vulnerability

Description The Microsoft Windows WINS Server is prone to a remote heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges...

Microsoft Active Template Library Header Data Remote Code Execution Vulnerability

Description The Microsoft Active Template Library ATL is prone to a remote code-execution vulnerability. This issue affects a private version of the ATL used internally by Microsoft; components written by other vendors are likely unaffected. Remote attackers can exploit this issue to execute...

Microsoft Windows Pointer Validation Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers...

Microsoft Windows WMI Service Isolation Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a privilege-escalation vulnerability. Successful exploits may allow attackers to elevate their privileges to LocalSystem, which would facilitate the complete compromise of affected computers. The issue affects the following: Windows XP SP2 Windows Server...

Microsoft Windows TCP/IP IGMP MLD Remote Buffer Overflow Vulnerability

Description Microsoft Windows is prone to a remote buffer-overflow vulnerability because it fails to adequately handle specially crafted TCP/IP traffic. Attackers can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful exploits will completely compromise affected...

Microsoft Windows Manifest File Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability because the software fails to properly process and manage file manifests. An attacker may exploit this issue to manipulate file manifests to elevate user privileges. Successful exploits will result in the complet...

Microsoft Windows图形设备接口附加库拒绝服务漏洞

Microsoft Windows是一款流行的操作系统。 Microsoft Windows图形社诶接口附加库处理畸形图象文件存在问题，远程攻击者可以利用漏洞可对系统进行拒绝服务攻击。 问题存在于Windows GDI+库'gdiplus.dll'中，构建恶意的图象文件，诱使用户打开，可导致系统崩溃。 Microsoft Windows XP Tablet PC Edition SP2 Microsoft Windows XP Tablet PC Edition SP1 Microsoft Windows XP Tablet PC Edition Microsoft Windows XP...

Microsoft Internet Explorer Vector Markup Language Buffer Overflow Vulnerability

Description Microsoft Internet Explorer is prone to a buffer-overflow vulnerability that arises because of an error in the processing of Vector Markup Language documents. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. The method...