Microsoft heeft kwetsbaarheden verholpen in Windows Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Manipulatie van gegevens
- Toegang tot gevoelige gegevens
- Uitvoeren van willekeurige code (gebruikersrechten)
- Verkrijgen van verhoogde rechten
- Omzeilen van een beveiligingsmaatregel
- Spoofing
```
Windows File Server:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-24283 | 8.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Push Message Routing Service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-24282 | 5.50 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows Mobile Broadband:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-24288 | 6.80 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Windows Ancillary Function Driver for WinSock:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-24293 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2026-25176 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2026-25178 | 7.00 | Verkrijgen van verhoogde rechten |
| CVE-2026-25179 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Kernel:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-24287 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2026-24289 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2026-26132 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Print Spooler Components:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-23669 | 8.80 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Microsoft Brokering File System:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-25167 | 7.40 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Resilient File System (ReFS):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-23673 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Telephony Service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-25188 | 8.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Microsoft Graphics Component:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-23668 | 7.00 | Verkrijgen van verhoogde rechten |
| CVE-2026-25168 | 6.20 | Denial-of-Service |
| CVE-2026-25169 | 6.20 | Denial-of-Service |
| CVE-2026-25180 | 5.50 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Broadcast DVR:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-23667 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Performance Counters:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-25165 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows System Image Manager:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-25166 | 7.80 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Winlogon:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-25187 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Kerberos:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-24297 | 6.50 | Omzeilen van beveiligingsmaatregel |
|----------------|------|-------------------------------------|
Windows Authentication Methods:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-25171 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows NTFS:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-25175 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Universal Disk Format File System Driver (UDFS):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-23672 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Shell Link Processing:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-25185 | 5.30 | Voordoen als andere gebruiker |
|----------------|------|-------------------------------------|
Windows Routing and Remote Access Service (RRAS):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-25172 | 8.80 | Uitvoeren van willekeurige code |
| CVE-2026-25173 | 8.00 | Uitvoeren van willekeurige code |
| CVE-2026-26111 | 8.80 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Windows Bluetooth RFCOM Protocol Driver:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-23671 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Extensible File Allocation:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-25174 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows MapUrlToZone:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-23674 | 7.50 | Omzeilen van beveiligingsmaatregel |
|----------------|------|-------------------------------------|
Windows Projected File System:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-24290 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Device Association Service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-24295 | 7.00 | Verkrijgen van verhoogde rechten |
| CVE-2026-24296 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Connected Devices Platform Service (Cdpsvc):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-24292 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Win32K:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-24285 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows App Installer:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-23656 | 5.90 | Voordoen als andere gebruiker |
|----------------|------|-------------------------------------|
Windows GDI:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-25190 | 7.80 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Role: Windows Hyper-V:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-25170 | 7.00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows GDI+:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-25181 | 7.50 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows Accessibility Infrastructure (ATBroker.exe):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-24291 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2026-25186 | 5.50 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows DWM Core Library:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-25189 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows SMB Server:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-24294 | 7.80 | Verkrijgen van verhoogde rechten |
| CVE-2026-26128 | 7.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Active Directory Domain Services:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2026-25177 | 8.80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
```
ncsc
10-03-2026 21:07