Microsoft выпустила апрельские обновления, в которых разработчики устранили 134 уязвимости, включая одну активно эксплуатируемую 0-day и 11 критических багов, связанных с удалённым выполнением кода.
Что именно закрыли
Вот как распределились уязвимости по типам:
- 49 — возможностей повышения привилегий.
- 9 — проблем обхода защитных механизмов.
- 31 — баг удалённого выполнения кода (RCE).
- 17 — раскрытие информации.
- 14 — отказ в обслуживании (DoS).
- 3 — спуфинг.
Важно: эти цифры не включают отдельные уязвимости в Microsoft Edge (13 штук) и систему Mariner.
Одна 0-day уже в деле
Главная угроза этого месяца — CVE-2025-29824, уязвимость в драйвере Windows Common Log File System. Она позволяет локальному атакующему получить права SYSTEM, то есть полный контроль над системой.
Microsoft подтвердила, что эту дыру уже используют киберпреступники — в частности, группа RansomEXX, известная атаками с применением программ-вымогателей. Обнаружение уязвимости приписывают Microsoft Threat Intelligence Center.
На момент публикации обновления доступны только для Windows Server и Windows 11. Версии для Windows 10 пока нет — Microsoft обещает выпустить их как можно скорее и уведомить об этом пользователей.
Таблицу с закрытыми в этом месяце уязвимостями приводим ниже:
| Затронутый компонент | CVE-идентификатор | CVE-наименование | Степень риска |
| Active Directory Domain Services | CVE-2025-29810 | Active Directory Domain Services Elevation of Privilege Vulnerability | Важная |
| ASP.NET Core | CVE-2025-26682 | ASP.NET Core and Visual Studio Denial of Service Vulnerability | Важная |
| Azure Local | CVE-2025-27489 | Azure Local Elevation of Privilege Vulnerability | Важная |
| Azure Local Cluster | CVE-2025-26628 | Azure Local Cluster Information Disclosure Vulnerability | Важная |
| Azure Local Cluster | CVE-2025-25002 | Azure Local Cluster Information Disclosure Vulnerability | Важная |
| Azure Portal Windows Admin Center | CVE-2025-29819 | Windows Admin Center in Azure Portal Information Disclosure Vulnerability | Важная |
| Dynamics Business Central | CVE-2025-29821 | Microsoft Dynamics Business Central Information Disclosure Vulnerability | Важная |
| Microsoft AutoUpdate (MAU) | CVE-2025-29800 | Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability | Важная |
| Microsoft AutoUpdate (MAU) | CVE-2025-29801 | Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability | Важная |
| Microsoft Edge (Chromium-based) | CVE-2025-3073 | Chromium: CVE-2025-3073 Inappropriate implementation in Autofill | Неизвестно |
| Microsoft Edge (Chromium-based) | CVE-2025-3068 | Chromium: CVE-2025-3068 Inappropriate implementation in Intents | Неизвестно |
| Microsoft Edge (Chromium-based) | CVE-2025-3074 | Chromium: CVE-2025-3074 Inappropriate implementation in Downloads | Неизвестно |
| Microsoft Edge (Chromium-based) | CVE-2025-3067 | Chromium: CVE-2025-3067 Inappropriate implementation in Custom Tabs | Неизвестно |
| Microsoft Edge (Chromium-based) | CVE-2025-3071 | Chromium: CVE-2025-3071 Inappropriate implementation in Navigations | Неизвестно |
| Microsoft Edge (Chromium-based) | CVE-2025-3072 | Chromium: CVE-2025-3072 Inappropriate implementation in Custom Tabs | Неизвестно |
| Microsoft Edge (Chromium-based) | CVE-2025-3070 | Chromium: CVE-2025-3070 Insufficient validation of untrusted input in Extensions | Неизвестно |
| Microsoft Edge (Chromium-based) | CVE-2025-3069 | Chromium: CVE-2025-3069 Inappropriate implementation in Extensions | Неизвестно |
| Microsoft Edge (Chromium-based) | CVE-2025-25000 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Важная |
| Microsoft Edge (Chromium-based) | CVE-2025-29815 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Важная |
| Microsoft Edge (Chromium-based) | CVE-2025-25001 | Microsoft Edge for iOS Spoofing Vulnerability | Низкая |
| Microsoft Edge (Chromium-based) | CVE-2025-3066 | Chromium: CVE-2025-3066 Use after free in Navigations | Неизвестно |
| Microsoft Edge for iOS | CVE-2025-29796 | Microsoft Edge for iOS Spoofing Vulnerability | Низкая |
| Microsoft Office | CVE-2025-27745 | Microsoft Office Remote Code Execution Vulnerability | Критическая |
| Microsoft Office | CVE-2025-27744 | Microsoft Office Elevation of Privilege Vulnerability | Важная |
| Microsoft Office | CVE-2025-26642 | Microsoft Office Remote Code Execution Vulnerability | Важная |
| Microsoft Office | CVE-2025-29792 | Microsoft Office Elevation of Privilege Vulnerability | Важная |
| Microsoft Office | CVE-2025-29791 | Microsoft Excel Remote Code Execution Vulnerability | Критическая |
| Microsoft Office | CVE-2025-27748 | Microsoft Office Remote Code Execution Vulnerability | Критическая |
| Microsoft Office | CVE-2025-27746 | Microsoft Office Remote Code Execution Vulnerability | Важная |
| Microsoft Office | CVE-2025-27749 | Microsoft Office Remote Code Execution Vulnerability | Критическая |
| Microsoft Office Excel | CVE-2025-27751 | Microsoft Excel Remote Code Execution Vulnerability | Важная |
| Microsoft Office Excel | CVE-2025-27750 | Microsoft Excel Remote Code Execution Vulnerability | Важная |
| Microsoft Office Excel | CVE-2025-29823 | Microsoft Excel Remote Code Execution Vulnerability | Важная |
| Microsoft Office Excel | CVE-2025-27752 | Microsoft Excel Remote Code Execution Vulnerability | Критическая |
| Microsoft Office OneNote | CVE-2025-29822 | Microsoft OneNote Security Feature Bypass Vulnerability | Важная |
| Microsoft Office SharePoint | CVE-2025-29794 | Microsoft SharePoint Remote Code Execution Vulnerability | Важная |
| Microsoft Office SharePoint | CVE-2025-29793 | Microsoft SharePoint Remote Code Execution Vulnerability | Важная |
| Microsoft Office Word | CVE-2025-27747 | Microsoft Word Remote Code Execution Vulnerability | Важная |
| Microsoft Office Word | CVE-2025-29816 | Microsoft Word Security Feature Bypass Vulnerability | Важная |
| Microsoft Office Word | CVE-2025-29820 | Microsoft Word Remote Code Execution Vulnerability | Важная |
| Microsoft Streaming Service | CVE-2025-27471 | Microsoft Streaming Service Denial of Service Vulnerability | Важная |
| Microsoft Virtual Hard Drive | CVE-2025-26688 | Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability | Важная |
| OpenSSH for Windows | CVE-2025-27731 | Microsoft OpenSSH for Windows Elevation of Privilege Vulnerability | Важная |
| Outlook for Android | CVE-2025-29805 | Outlook for Android Information Disclosure Vulnerability | Важная |
| Remote Desktop Client | CVE-2025-27487 | Remote Desktop Client Remote Code Execution Vulnerability | Важная |
| Remote Desktop Gateway Service | CVE-2025-27482 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Критическая |
| Remote Desktop Gateway Service | CVE-2025-27480 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Критическая |
| RPC Endpoint Mapper Service | CVE-2025-26679 | RPC Endpoint Mapper Service Elevation of Privilege Vulnerability | Важная |
| System Center | CVE-2025-27743 | Microsoft System Center Elevation of Privilege Vulnerability | Важная |
| Visual Studio | CVE-2025-29802 | Visual Studio Elevation of Privilege Vulnerability | Важная |
| Visual Studio | CVE-2025-29804 | Visual Studio Elevation of Privilege Vulnerability | Важная |
| Visual Studio Code | CVE-2025-20570 | Visual Studio Code Elevation of Privilege Vulnerability | Важная |
| Visual Studio Tools for Applications and SQL Server Management Studio | CVE-2025-29803 | Visual Studio Tools for Applications and SQL Server Management Studio Elevation of Privilege Vulnerability | Важная |
| Windows Active Directory Certificate Services | CVE-2025-27740 | Active Directory Certificate Services Elevation of Privilege Vulnerability | Важная |
| Windows BitLocker | CVE-2025-26637 | BitLocker Security Feature Bypass Vulnerability | Важная |
| Windows Bluetooth Service | CVE-2025-27490 | Windows Bluetooth Service Elevation of Privilege Vulnerability | Важная |
| Windows Common Log File System Driver | CVE-2025-29824 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Важная |
| Windows Cryptographic Services | CVE-2025-29808 | Windows Cryptographic Services Information Disclosure Vulnerability | Важная |
| Windows Cryptographic Services | CVE-2025-26641 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | Важная |
| Windows Defender Application Control (WDAC) | CVE-2025-26678 | Windows Defender Application Control Security Feature Bypass Vulnerability | Важная |
| Windows Digital Media | CVE-2025-27730 | Windows Digital Media Elevation of Privilege Vulnerability | Важная |
| Windows Digital Media | CVE-2025-27467 | Windows Digital Media Elevation of Privilege Vulnerability | Важная |
| Windows Digital Media | CVE-2025-26640 | Windows Digital Media Elevation of Privilege Vulnerability | Важная |
| Windows Digital Media | CVE-2025-27476 | Windows Digital Media Elevation of Privilege Vulnerability | Важная |
| Windows DWM Core Library | CVE-2025-24074 | Microsoft DWM Core Library Elevation of Privilege Vulnerability | Важная |
| Windows DWM Core Library | CVE-2025-24073 | Microsoft DWM Core Library Elevation of Privilege Vulnerability | Важная |
| Windows DWM Core Library | CVE-2025-24058 | Windows DWM Core Library Elevation of Privilege Vulnerability | Важная |
| Windows DWM Core Library | CVE-2025-24062 | Microsoft DWM Core Library Elevation of Privilege Vulnerability | Важная |
| Windows DWM Core Library | CVE-2025-24060 | Microsoft DWM Core Library Elevation of Privilege Vulnerability | Важная |
| Windows Hello | CVE-2025-26635 | Windows Hello Security Feature Bypass Vulnerability | Важная |
| Windows Hello | CVE-2025-26644 | Windows Hello Spoofing Vulnerability | Важная |
| Windows HTTP.sys | CVE-2025-27473 | HTTP.sys Denial of Service Vulnerability | Важная |
| Windows Hyper-V | CVE-2025-27491 | Windows Hyper-V Remote Code Execution Vulnerability | Критическая |
| Windows Installer | CVE-2025-27727 | Windows Installer Elevation of Privilege Vulnerability | Важная |
| Windows Kerberos | CVE-2025-26647 | Windows Kerberos Elevation of Privilege Vulnerability | Важная |
| Windows Kerberos | CVE-2025-27479 | Kerberos Key Distribution Proxy Service Denial of Service Vulnerability | Важная |
| Windows Kerberos | CVE-2025-29809 | Windows Kerberos Security Feature Bypass Vulnerability | Важная |
| Windows Kernel | CVE-2025-26648 | Windows Kernel Elevation of Privilege Vulnerability | Важная |
| Windows Kernel | CVE-2025-27739 | Windows Kernel Elevation of Privilege Vulnerability | Важная |
| Windows Kernel Memory | CVE-2025-29812 | DirectX Graphics Kernel Elevation of Privilege Vulnerability | Важная |
| Windows Kernel-Mode Drivers | CVE-2025-27728 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | Важная |
| Windows LDAP - Lightweight Directory Access Protocol | CVE-2025-26673 | Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | Важная |
| Windows LDAP - Lightweight Directory Access Protocol | CVE-2025-26663 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | Критическая |
| Windows LDAP - Lightweight Directory Access Protocol | CVE-2025-27469 | Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | Важная |
| Windows LDAP - Lightweight Directory Access Protocol | CVE-2025-26670 | Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability | Критическая |
| Windows Local Security Authority (LSA) | CVE-2025-21191 | Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability | Важная |
| Windows Local Security Authority (LSA) | CVE-2025-27478 | Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability | Важная |
| Windows Local Session Manager (LSM) | CVE-2025-26651 | Windows Local Session Manager (LSM) Denial of Service Vulnerability | Важная |
| Windows Mark of the Web (MOTW) | CVE-2025-27472 | Windows Mark of the Web Security Feature Bypass Vulnerability | Важная |
| Windows Media | CVE-2025-26666 | Windows Media Remote Code Execution Vulnerability | Важная |
| Windows Media | CVE-2025-26674 | Windows Media Remote Code Execution Vulnerability | Важная |
| Windows Mobile Broadband | CVE-2025-29811 | Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | Важная |
| Windows NTFS | CVE-2025-27742 | NTFS Information Disclosure Vulnerability | Важная |
| Windows NTFS | CVE-2025-21197 | Windows NTFS Information Disclosure Vulnerability | Важная |
| Windows NTFS | CVE-2025-27741 | NTFS Elevation of Privilege Vulnerability | Важная |
| Windows NTFS | CVE-2025-27483 | NTFS Elevation of Privilege Vulnerability | Важная |
| Windows NTFS | CVE-2025-27733 | NTFS Elevation of Privilege Vulnerability | Важная |
| Windows Power Dependency Coordinator | CVE-2025-27736 | Windows Power Dependency Coordinator Information Disclosure Vulnerability | Важная |
| Windows Remote Desktop Services | CVE-2025-26671 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Важная |
| Windows Resilient File System (ReFS) | CVE-2025-27738 | Windows Resilient File System (ReFS) Information Disclosure Vulnerability | Важная |
| Windows Routing and Remote Access Service (RRAS) | CVE-2025-27474 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability | Важная |
| Windows Routing and Remote Access Service (RRAS) | CVE-2025-21203 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability | Важная |
| Windows Routing and Remote Access Service (RRAS) | CVE-2025-26668 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Важная |
| Windows Routing and Remote Access Service (RRAS) | CVE-2025-26667 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability | Важная |
| Windows Routing and Remote Access Service (RRAS) | CVE-2025-26664 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability | Важная |
| Windows Routing and Remote Access Service (RRAS) | CVE-2025-26672 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability | Важная |
| Windows Routing and Remote Access Service (RRAS) | CVE-2025-26669 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability | Важная |
| Windows Routing and Remote Access Service (RRAS) | CVE-2025-26676 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability | Важная |
| Windows Secure Channel | CVE-2025-27492 | Windows Secure Channel Elevation of Privilege Vulnerability | Важная |
| Windows Secure Channel | CVE-2025-26649 | Windows Secure Channel Elevation of Privilege Vulnerability | Важная |
| Windows Security Zone Mapping | CVE-2025-27737 | Windows Security Zone Mapping Security Feature Bypass Vulnerability | Важная |
| Windows Shell | CVE-2025-27729 | Windows Shell Remote Code Execution Vulnerability | Важная |
| Windows Standards-Based Storage Management Service | CVE-2025-27485 | Windows Standards-Based Storage Management Service Denial of Service Vulnerability | Важная |
| Windows Standards-Based Storage Management Service | CVE-2025-27486 | Windows Standards-Based Storage Management Service Denial of Service Vulnerability | Важная |
| Windows Standards-Based Storage Management Service | CVE-2025-21174 | Windows Standards-Based Storage Management Service Denial of Service Vulnerability | Важная |
| Windows Standards-Based Storage Management Service | CVE-2025-26680 | Windows Standards-Based Storage Management Service Denial of Service Vulnerability | Важная |
| Windows Standards-Based Storage Management Service | CVE-2025-27470 | Windows Standards-Based Storage Management Service Denial of Service Vulnerability | Важная |
| Windows Standards-Based Storage Management Service | CVE-2025-26652 | Windows Standards-Based Storage Management Service Denial of Service Vulnerability | Важная |
| Windows Subsystem for Linux | CVE-2025-26675 | Windows Subsystem for Linux Elevation of Privilege Vulnerability | Важная |
| Windows TCP/IP | CVE-2025-26686 | Windows TCP/IP Remote Code Execution Vulnerability | Критическая |
| Windows Telephony Service | CVE-2025-27481 | Windows Telephony Service Remote Code Execution Vulnerability | Важная |
| Windows Telephony Service | CVE-2025-21222 | Windows Telephony Service Remote Code Execution Vulnerability | Важная |
| Windows Telephony Service | CVE-2025-21205 | Windows Telephony Service Remote Code Execution Vulnerability | Важная |
| Windows Telephony Service | CVE-2025-21221 | Windows Telephony Service Remote Code Execution Vulnerability | Важная |
| Windows Telephony Service | CVE-2025-27477 | Windows Telephony Service Remote Code Execution Vulnerability | Важная |
| Windows Universal Plug and Play (UPnP) Device Host | CVE-2025-27484 | Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability | Важная |
| Windows Update Stack | CVE-2025-21204 | Windows Process Activation Elevation of Privilege Vulnerability | Важная |
| Windows Update Stack | CVE-2025-27475 | Windows Update Stack Elevation of Privilege Vulnerability | Важная |
| Windows upnphost.dll | CVE-2025-26665 | Windows upnphost.dll Elevation of Privilege Vulnerability | Важная |
| Windows USB Print Driver | CVE-2025-26639 | Windows USB Print Driver Elevation of Privilege Vulnerability | Важная |
| Windows Virtualization-Based Security (VBS) Enclave | CVE-2025-27735 | Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability | Важная |
| Windows Win32K - GRFX | CVE-2025-27732 | Windows Graphics Component Elevation of Privilege Vulnerability | Важная |
| Windows Win32K - GRFX | CVE-2025-26687 | Win32k Elevation of Privilege Vulnerability | Важная |
| Windows Win32K - GRFX | CVE-2025-26681 | Win32k Elevation of Privilege Vulnerability | Важная |
