—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Multiple Vulnerabilities in Microsoft Products 

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: High

Software Affected

Open Source Software

Apps

Windows

ESU

Developer Tools

Microsoft Office

SQL Server

Server Software

System Center

Azure

Overview

Multiple vulnerabilities have been reported in Microsoft Products which could allow an attacker to gain elevated privileges, obtain Information Disclosure, Bypass Security restriction, and conduct remote code execution attacks, perform spoofing attacks, cause denial of service condition or tamper with system settings.

Target Audience:

Individuals and IT administrators, security teams responsible for maintaining and updating Microsoft products.

Risk Assessment:

High risk of unauthorized access of data and system instability/ or compromise.

Impact Assessment:

Bypass Security restriction, Elevation of Privilege, Information Disclosure, Denial of Service (DoS), Spoofing,

Remote Code Execution, Tampering.

Description

Multiple vulnerabilities have been reported in Microsoft products which could allow an attacker to gain elevated privileges, obtain Information Disclosure, Bypass Security restriction, and conduct remote code execution attacks, perform spoofing attacks, cause denial of service condition or tamper with system settings.

Note: It has been reported that CVEs (CVE-2025-24990, CVE-2025-47827, CVE-2025-59230) are exploited in the wild. Users are advised to apply patches urgently.

For complete list of affected products, CVEs, workarounds and solutions, refer to the Microsoft security updates.

https://msrc.microsoft.com/update-guide/releaseNote/2025-Oct

Solution

Apply appropriate security updates as mentioned in:  

https://msrc.microsoft.com/update-guide/releaseNote/2025-Oct

Vendor Information

Microsoft

https://msrc.microsoft.com/update-guide/releaseNote/2025-Oct

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmjyHmEACgkQ3jCgcSdc

ys97RA//RB8jcIWV4I2I7Fpb6LOyEEdwDFEHWyasLI1WkugHJ7eoqqLOtdHBnH9T

emdyNB/abzu2cX7nvBQ+mjFdQjqowvvpQFKAUyrOfylVUSlEioRVQbStw29zQI1c

gM3xGYOzaA8NMwpA//xZiXMLjZ48h7DMuHZb69JSH0HBvrH3e9hCjUCTUS1Y5yaV

+GZUT6EtShVehtNJ9bhe9Uh59t839jCPKh5KybLCMWfBcgW70LFTNK3IupYdnKtK

mb3OWNYrs+h03z8LiyfibHpzAZk6g82Pj5hRmkyP5pFEfxRaMdShDvmVu4A43u7O

ARsPBCVAd6TgYVutbuRi0WQMogSY6isdQ+frkeWZu0M+JMeBfZ6BaH76Tf1wQMUu

1FRSiBbyeEBZSt+EMH2j9hidyFmv4BQU1sLBc2Mp1frMywsHFJGHlceI76Rzu+vV

eOxD3RmifPvyeDmxuTS92kYtpNpF4gXZGl0+4oPGpX+JHtfV6jw49wejHfq8rFX9

W/ajU3O0m3jtnA6bNQxeNh5d4ruAF6qvv1UkEXlskBoJTPsuAmQdgZdXP+kRvMAD

GAOCl9rrvtu2isr/8JJVTdHoiXNig4YSEl1wgCgSOROIXdXNN/z5y8OiXjNNA5eA

pQo8p3suHygll0GeUHMBCfYr0P5HqidYATOF9ADO+SP2RQu7iW0=

=r/K4

—–END PGP SIGNATURE—–