Microsoft bu ay yayınladığı Patch Tuesday güncellemeleri ile 1 adet zero-day güvenlik açığı ve toplam 63 zafiyeti kapattı.
Kapatılan zafiyetler aşağıdaki gibi:
- 29 Elevation of Privilege Vulnerabilities
- 2 Security Feature Bypass Vulnerabilities
- 16 Remote Code Execution Vulnerabilities
- 11 Information Disclosure Vulnerabilities
- 3 Denial of Service Vulnerabilities
- 2 Spoofing Vulnerabilities
1 Adet Zero-Day Kapatıldı
CVE-2025-62215 – Windows Kernel Elevation of Privilege Vulnerability
Kasım 2025 Patch Tuesday Güvenlik Güncellemelerinin Tam Listesi
TagCVE IDCVE TitleSeverityAzure Monitor AgentCVE-2025-59504Azure Monitor Agent Remote Code Execution VulnerabilityImportantCustomer Experience Improvement Program (CEIP)CVE-2025-59512Customer Experience Improvement Program (CEIP) Elevation of Privilege VulnerabilityImportantDynamics 365 Field Service (online)CVE-2025-62211Dynamics 365 Field Service (online) Spoofing VulnerabilityImportantDynamics 365 Field Service (online)CVE-2025-62210Dynamics 365 Field Service (online) Spoofing VulnerabilityImportantGitHub Copilot and Visual Studio CodeCVE-2025-62453GitHub Copilot and Visual Studio Code Security Feature Bypass VulnerabilityImportantHost Process for Windows TasksCVE-2025-60710Host Process for Windows Tasks Elevation of Privilege VulnerabilityImportantMicrosoft Configuration ManagerCVE-2025-47179Configuration Manager Elevation of Privilege VulnerabilityImportantMicrosoft Dynamics 365 (on-premises)CVE-2025-62206Microsoft Dynamics 365 (On-Premises) Information Disclosure VulnerabilityImportantMicrosoft Graphics ComponentCVE-2025-60724GDI+ Remote Code Execution VulnerabilityImportantMicrosoft OfficeCVE-2025-62216Microsoft Office Remote Code Execution VulnerabilityImportantMicrosoft OfficeCVE-2025-62199Microsoft Office Remote Code Execution VulnerabilityCriticalMicrosoft Office ExcelCVE-2025-62200Microsoft Excel Remote Code Execution VulnerabilityImportantMicrosoft Office ExcelCVE-2025-62201Microsoft Excel Remote Code Execution VulnerabilityImportantMicrosoft Office ExcelCVE-2025-60726Microsoft Excel Information Disclosure VulnerabilityImportantMicrosoft Office ExcelCVE-2025-62203Microsoft Excel Remote Code Execution VulnerabilityImportantMicrosoft Office ExcelCVE-2025-62202Microsoft Excel Information Disclosure VulnerabilityImportantMicrosoft Office ExcelCVE-2025-60727Microsoft Excel Remote Code Execution VulnerabilityImportantMicrosoft Office ExcelCVE-2025-60728Microsoft Excel Information Disclosure VulnerabilityImportantMicrosoft Office ExcelCVE-2025-59240Microsoft Excel Information Disclosure VulnerabilityImportantMicrosoft Office SharePointCVE-2025-62204Microsoft SharePoint Remote Code Execution VulnerabilityImportantMicrosoft Office WordCVE-2025-62205Microsoft Office Remote Code Execution VulnerabilityImportantMicrosoft Streaming ServiceCVE-2025-59514Microsoft Streaming Service Proxy Elevation of Privilege VulnerabilityImportantMicrosoft Wireless Provisioning SystemCVE-2025-62218Microsoft Wireless Provisioning System Elevation of Privilege VulnerabilityImportantMicrosoft Wireless Provisioning SystemCVE-2025-62219Microsoft Wireless Provisioning System Elevation of Privilege VulnerabilityImportantMultimedia Class Scheduler Service (MMCSS)CVE-2025-60707Multimedia Class Scheduler Service (MMCSS) Driver Elevation of Privilege VulnerabilityImportantNuance PowerScribeCVE-2025-30398Nuance PowerScribe 360 Information Disclosure VulnerabilityCriticalOneDrive for AndroidCVE-2025-60722Microsoft OneDrive for Android Elevation of Privilege VulnerabilityImportantRole: Windows Hyper-VCVE-2025-60706Windows Hyper-V Information Disclosure VulnerabilityImportantSQL ServerCVE-2025-59499Microsoft SQL Server Elevation of Privilege VulnerabilityImportantStorvsp.sys DriverCVE-2025-60708Storvsp.sys Driver Denial of Service VulnerabilityImportantVisual StudioCVE-2025-62214Visual Studio Remote Code Execution VulnerabilityCriticalVisual Studio Code CoPilot Chat ExtensionCVE-2025-62449Microsoft Visual Studio Code CoPilot Chat Extension Security Feature Bypass VulnerabilityImportantVisual Studio Code CoPilot Chat ExtensionCVE-2025-62222Agentic AI and Visual Studio Code Remote Code Execution VulnerabilityImportantWindows Administrator ProtectionCVE-2025-60721Windows Administrator Protection Elevation of Privilege VulnerabilityImportantWindows Administrator ProtectionCVE-2025-60718Windows Administrator Protection Elevation of Privilege VulnerabilityImportantWindows Ancillary Function Driver for WinSockCVE-2025-62217Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityImportantWindows Ancillary Function Driver for WinSockCVE-2025-60719Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityImportantWindows Ancillary Function Driver for WinSockCVE-2025-62213Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityImportantWindows Bluetooth RFCOM Protocol DriverCVE-2025-59513Windows Bluetooth RFCOM Protocol Driver Information Disclosure VulnerabilityImportantWindows Broadcast DVR User ServiceCVE-2025-59515Windows Broadcast DVR User Service Elevation of Privilege VulnerabilityImportantWindows Broadcast DVR User ServiceCVE-2025-60717Windows Broadcast DVR User Service Elevation of Privilege VulnerabilityImportantWindows Client-Side Caching (CSC) ServiceCVE-2025-60705Windows Client-Side Caching Elevation of Privilege VulnerabilityImportantWindows Common Log File System DriverCVE-2025-60709Windows Common Log File System Driver Elevation of Privilege VulnerabilityImportantWindows DirectXCVE-2025-59506DirectX Graphics Kernel Elevation of Privilege VulnerabilityImportantWindows DirectXCVE-2025-60716DirectX Graphics Kernel Elevation of Privilege VulnerabilityCriticalWindows DirectXCVE-2025-60723DirectX Graphics Kernel Denial of Service VulnerabilityImportantWindows KerberosCVE-2025-60704Windows Kerberos Elevation of Privilege VulnerabilityImportantWindows KernelCVE-2025-62215Windows Kernel Elevation of Privilege VulnerabilityImportantWindows License ManagerCVE-2025-62208Windows License Manager Information Disclosure VulnerabilityImportantWindows License ManagerCVE-2025-62209Windows License Manager Information Disclosure VulnerabilityImportantWindows OLECVE-2025-60714Windows OLE Remote Code Execution VulnerabilityImportantWindows Remote DesktopCVE-2025-60703Windows Remote Desktop Services Elevation of Privilege VulnerabilityImportantWindows Routing and Remote Access Service (RRAS)CVE-2025-62452Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityImportantWindows Routing and Remote Access Service (RRAS)CVE-2025-59510Windows Routing and Remote Access Service (RRAS) Denial of Service VulnerabilityImportantWindows Routing and Remote Access Service (RRAS)CVE-2025-60715Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityImportantWindows Routing and Remote Access Service (RRAS)CVE-2025-60713Windows Routing and Remote Access Service (RRAS) Elevation of Privilege VulnerabilityImportantWindows Smart CardCVE-2025-59505Windows Smart Card Reader Elevation of Privilege VulnerabilityImportantWindows SpeechCVE-2025-59507Windows Speech Runtime Elevation of Privilege VulnerabilityImportantWindows SpeechCVE-2025-59508Windows Speech Recognition Elevation of Privilege VulnerabilityImportantWindows SpeechCVE-2025-59509Windows Speech Recognition Information Disclosure VulnerabilityImportantWindows Subsystem for Linux GUICVE-2025-62220Windows Subsystem for Linux GUI Remote Code Execution VulnerabilityImportantWindows TDX.sysCVE-2025-60720Windows Transport Driver Interface (TDI) Translation Driver Elevation of Privilege VulnerabilityImportantWindows WLAN ServiceCVE-2025-59511Windows WLAN Service Elevation of Privilege VulnerabilityImportant
