Сегодня Microsoft выпустила июльские обновления — в рамках традиционного Patch Tuesday были закрыты 137 уязвимостей, включая одну 0-day в SQL Server. Компания также устранила 14 критических уязвимостей, большинство из которых позволяют удалённо выполнить код (RCE).
Вот как распределились баги по категориям:
- 53 уязвимости повышения привилегий;
- 8 обходов защитных механизмов;
- 41 уязвимость удалённого выполнения кода;
- 18 утечек информации;
- 6 DoS-уязвимостей;
- 4 уязвимости подделки (spoofing).
Важно: сюда не входят отдельные исправления для Microsoft Edge и проекта Mariner, которые вышли ранее в июле.
Главная угроза — 0-day в Microsoft SQL Server
В центре внимания — уязвимость CVE-2025-49719 в Microsoft SQL Server. Она позволяет удалённому и неаутентифицированному злоумышленнику получить доступ к данным в памяти. Проблема кроется в некорректной валидации входных данных, и её можно использовать для слива информации через сеть.
Чтобы закрыть уязвимость, Microsoft рекомендует:
- обновить SQL Server до последней версии;
- установить OLE DB Driver 18 или 19.
Авторство находки Microsoft приписывает Владимиру Алексичу, но подробностей о том, как именно уязвимость стала публичной, не раскрывает.
Опасные RCE в Microsoft Office и SharePoint
Кроме SQL Server, Microsoft устранила целый ряд критических RCE в Microsoft Office — их можно использовать просто при открытии вредоносного документа или даже при просмотре через панель предварительного просмотра. Обновления для Office LTSC для macOS 2021 и 2024 пока не вышли — они появятся позже.
Также патч закрыл ещё одну серьёзную уязвимость RCE в SharePoint — CVE-2025-49704. Её можно эксплуатировать при наличии у атакующего учётной записи в системе.
Затронутый компонент | CVE-идентификатор | CVE-наименовение | Степень риска |
AMD L1 Data Queue | CVE-2025-36357 | AMD: CVE-2025-36357 Transient Scheduler Attack in L1 Data Queue | Критическая |
AMD Store Queue | CVE-2025-36350 | AMD: CVE-2024-36350 Transient Scheduler Attack in Store Queue | Критическая |
Azure Monitor Agent | CVE-2025-47988 | Azure Monitor Agent Remote Code Execution Vulnerability | Важная |
Capability Access Management Service (camsvc) | CVE-2025-49690 | Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability | Важная |
HID class driver | CVE-2025-48816 | HID Class Driver Elevation of Privilege Vulnerability | Важная |
Kernel Streaming WOW Thunk Service Driver | CVE-2025-49675 | Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability | Важная |
Microsoft Brokering File System | CVE-2025-49677 | Microsoft Brokering File System Elevation of Privilege Vulnerability | Важная |
Microsoft Brokering File System | CVE-2025-49694 | Microsoft Brokering File System Elevation of Privilege Vulnerability | Важная |
Microsoft Brokering File System | CVE-2025-49693 | Microsoft Brokering File System Elevation of Privilege Vulnerability | Важная |
Microsoft Configuration Manager | CVE-2025-47178 | Microsoft Configuration Manager Remote Code Execution Vulnerability | Важная |
Microsoft Graphics Component | CVE-2025-49732 | Windows Graphics Component Elevation of Privilege Vulnerability | Важная |
Microsoft Graphics Component | CVE-2025-49742 | Windows Graphics Component Remote Code Execution Vulnerability | Важная |
Microsoft Graphics Component | CVE-2025-49744 | Windows Graphics Component Elevation of Privilege Vulnerability | Важная |
Microsoft Input Method Editor (IME) | CVE-2025-49687 | Windows Input Method Editor (IME) Elevation of Privilege Vulnerability | Важная |
Microsoft Input Method Editor (IME) | CVE-2025-47991 | Windows Input Method Editor (IME) Elevation of Privilege Vulnerability | Важная |
Microsoft Input Method Editor (IME) | CVE-2025-47972 | Windows Input Method Editor (IME) Elevation of Privilege Vulnerability | Важная |
Microsoft MPEG-2 Video Extension | CVE-2025-48806 | Microsoft MPEG-2 Video Extension Remote Code Execution Vulnerability | Важная |
Microsoft MPEG-2 Video Extension | CVE-2025-48805 | Microsoft MPEG-2 Video Extension Remote Code Execution Vulnerability | Важная |
Microsoft Office | CVE-2025-47994 | Microsoft Office Elevation of Privilege Vulnerability | Важная |
Microsoft Office | CVE-2025-49697 | Microsoft Office Remote Code Execution Vulnerability | Критическая |
Microsoft Office | CVE-2025-49695 | Microsoft Office Remote Code Execution Vulnerability | Критическая |
Microsoft Office | CVE-2025-49696 | Microsoft Office Remote Code Execution Vulnerability | Критическая |
Microsoft Office | CVE-2025-49699 | Microsoft Office Remote Code Execution Vulnerability | Важная |
Microsoft Office | CVE-2025-49702 | Microsoft Office Remote Code Execution Vulnerability | Критическая |
Microsoft Office Excel | CVE-2025-48812 | Microsoft Excel Information Disclosure Vulnerability | Важная |
Microsoft Office Excel | CVE-2025-49711 | Microsoft Excel Remote Code Execution Vulnerability | Важная |
Microsoft Office PowerPoint | CVE-2025-49705 | Microsoft PowerPoint Remote Code Execution Vulnerability | Важная |
Microsoft Office SharePoint | CVE-2025-49701 | Microsoft SharePoint Remote Code Execution Vulnerability | Важная |
Microsoft Office SharePoint | CVE-2025-49704 | Microsoft SharePoint Remote Code Execution Vulnerability | Критическая |
Microsoft Office SharePoint | CVE-2025-49706 | Microsoft SharePoint Server Spoofing Vulnerability | Важная |
Microsoft Office Word | CVE-2025-49703 | Microsoft Word Remote Code Execution Vulnerability | Критическая |
Microsoft Office Word | CVE-2025-49698 | Microsoft Word Remote Code Execution Vulnerability | Критическая |
Microsoft Office Word | CVE-2025-49700 | Microsoft Word Remote Code Execution Vulnerability | Важная |
Microsoft PC Manager | CVE-2025-47993 | Microsoft PC Manager Elevation of Privilege Vulnerability | Важная |
Microsoft PC Manager | CVE-2025-49738 | Microsoft PC Manager Elevation of Privilege Vulnerability | Важная |
Microsoft Teams | CVE-2025-49731 | Microsoft Teams Elevation of Privilege Vulnerability | Важная |
Microsoft Teams | CVE-2025-49737 | Microsoft Teams Elevation of Privilege Vulnerability | Важная |
Microsoft Windows QoS scheduler | CVE-2025-49730 | Microsoft Windows QoS Scheduler Driver Elevation of Privilege Vulnerability | Важная |
Microsoft Windows Search Component | CVE-2025-49685 | Windows Search Service Elevation of Privilege Vulnerability | Важная |
Office Developer Platform | CVE-2025-49756 | Office Developer Platform Security Feature Bypass Vulnerability | Важная |
Remote Desktop Client | CVE-2025-48817 | Remote Desktop Client Remote Code Execution Vulnerability | Важная |
Remote Desktop Client | CVE-2025-33054 | Remote Desktop Spoofing Vulnerability | Важная |
Role: Windows Hyper-V | CVE-2025-48822 | Windows Hyper-V Discrete Device Assignment (DDA) Remote Code Execution Vulnerability | Критическая |
Role: Windows Hyper-V | CVE-2025-47999 | Windows Hyper-V Denial of Service Vulnerability | Важная |
Role: Windows Hyper-V | CVE-2025-48002 | Windows Hyper-V Information Disclosure Vulnerability | Важная |
Service Fabric | CVE-2025-21195 | Azure Service Fabric Runtime Elevation of Privilege Vulnerability | Важная |
SQL Server | CVE-2025-49719 | Microsoft SQL Server Information Disclosure Vulnerability | Важная |
SQL Server | CVE-2025-49718 | Microsoft SQL Server Information Disclosure Vulnerability | Важная |
SQL Server | CVE-2025-49717 | Microsoft SQL Server Remote Code Execution Vulnerability | Критическая |
Storage Port Driver | CVE-2025-49684 | Windows Storage Port Driver Information Disclosure Vulnerability | Важная |
Universal Print Management Service | CVE-2025-47986 | Universal Print Management Service Elevation of Privilege Vulnerability | Важная |
Virtual Hard Disk (VHDX) | CVE-2025-47971 | Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability | Важная |
Virtual Hard Disk (VHDX) | CVE-2025-49689 | Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability | Важная |
Virtual Hard Disk (VHDX) | CVE-2025-49683 | Microsoft Virtual Hard Disk Remote Code Execution Vulnerability | Важная |
Virtual Hard Disk (VHDX) | CVE-2025-47973 | Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability | Важная |
Visual Studio | CVE-2025-49739 | Visual Studio Elevation of Privilege Vulnerability | Важная |
Visual Studio | CVE-2025-27614 | MITRE: CVE-2025-27614 Gitk Arbitrary Code Execution Vulnerability | Неизвестно |
Visual Studio | CVE-2025-27613 | MITRE: CVE-2025-27613 Gitk Arguments Vulnerability | Неизвестно |
Visual Studio | CVE-2025-46334 | MITRE: CVE-2025-46334 Git Malicious Shell Vulnerability | Неизвестно |
Visual Studio | CVE-2025-46835 | MITRE: CVE-2025-46835 Git File Overwrite Vulnerability | Неизвестно |
Visual Studio | CVE-2025-48384 | MITRE: CVE-2025-48384 Git Symlink Vulnerability | Неизвестно |
Visual Studio | CVE-2025-48386 | MITRE: CVE-2025-48386 Git Credential Helper Vulnerability | Неизвестно |
Visual Studio | CVE-2025-48385 | MITRE: CVE-2025-48385 Git Protocol Injection Vulnerability | Неизвестно |
Visual Studio Code - Python extension | CVE-2025-49714 | Visual Studio Code Python Extension Remote Code Execution Vulnerability | Важная |
Windows Ancillary Function Driver for WinSock | CVE-2025-49661 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | Важная |
Windows AppX Deployment Service | CVE-2025-48820 | Windows AppX Deployment Service Elevation of Privilege Vulnerability | Важная |
Windows BitLocker | CVE-2025-48818 | BitLocker Security Feature Bypass Vulnerability | Важная |
Windows BitLocker | CVE-2025-48001 | BitLocker Security Feature Bypass Vulnerability | Важная |
Windows BitLocker | CVE-2025-48804 | BitLocker Security Feature Bypass Vulnerability | Важная |
Windows BitLocker | CVE-2025-48003 | BitLocker Security Feature Bypass Vulnerability | Важная |
Windows BitLocker | CVE-2025-48800 | BitLocker Security Feature Bypass Vulnerability | Важная |
Windows Connected Devices Platform Service | CVE-2025-48000 | Windows Connected Devices Platform Service Elevation of Privilege Vulnerability | Важная |
Windows Connected Devices Platform Service | CVE-2025-49724 | Windows Connected Devices Platform Service Remote Code Execution Vulnerability | Важная |
Windows Cred SSProvider Protocol | CVE-2025-47987 | Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability | Важная |
Windows Cryptographic Services | CVE-2025-48823 | Windows Cryptographic Services Information Disclosure Vulnerability | Важная |
Windows Event Tracing | CVE-2025-47985 | Windows Event Tracing Elevation of Privilege Vulnerability | Важная |
Windows Event Tracing | CVE-2025-49660 | Windows Event Tracing Elevation of Privilege Vulnerability | Важная |
Windows Fast FAT Driver | CVE-2025-49721 | Windows Fast FAT File System Driver Elevation of Privilege Vulnerability | Важная |
Windows GDI | CVE-2025-47984 | Windows GDI Information Disclosure Vulnerability | Важная |
Windows Imaging Component | CVE-2025-47980 | Windows Imaging Component Information Disclosure Vulnerability | Критическая |
Windows KDC Proxy Service (KPSSVC) | CVE-2025-49735 | Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability | Критическая |
Windows Kerberos | CVE-2025-47978 | Windows Kerberos Denial of Service Vulnerability | Важная |
Windows Kernel | CVE-2025-49666 | Windows Server Setup and Boot Event Collection Remote Code Execution Vulnerability | Важная |
Windows Kernel | CVE-2025-26636 | Windows Kernel Information Disclosure Vulnerability | Важная |
Windows Kernel | CVE-2025-48809 | Windows Secure Kernel Mode Information Disclosure Vulnerability | Важная |
Windows Kernel | CVE-2025-48808 | Windows Kernel Information Disclosure Vulnerability | Важная |
Windows MBT Transport driver | CVE-2025-47996 | Windows MBT Transport Driver Elevation of Privilege Vulnerability | Важная |
Windows Media | CVE-2025-49682 | Windows Media Elevation of Privilege Vulnerability | Важная |
Windows Media | CVE-2025-49691 | Windows Miracast Wireless Display Remote Code Execution Vulnerability | Важная |
Windows Netlogon | CVE-2025-49716 | Windows Netlogon Denial of Service Vulnerability | Важная |
Windows Notification | CVE-2025-49726 | Windows Notification Elevation of Privilege Vulnerability | Важная |
Windows Notification | CVE-2025-49725 | Windows Notification Elevation of Privilege Vulnerability | Важная |
Windows NTFS | CVE-2025-49678 | NTFS Elevation of Privilege Vulnerability | Важная |
Windows Performance Recorder | CVE-2025-49680 | Windows Performance Recorder (WPR) Denial of Service Vulnerability | Важная |
Windows Print Spooler Components | CVE-2025-49722 | Windows Print Spooler Denial of Service Vulnerability | Важная |
Windows Remote Desktop Licensing Service | CVE-2025-48814 | Remote Desktop Licensing Service Security Feature Bypass Vulnerability | Важная |
Windows Routing and Remote Access Service (RRAS) | CVE-2025-49688 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Важная |
Windows Routing and Remote Access Service (RRAS) | CVE-2025-49676 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Важная |
Windows Routing and Remote Access Service (RRAS) | CVE-2025-49672 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Важная |
Windows Routing and Remote Access Service (RRAS) | CVE-2025-49670 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Важная |
Windows Routing and Remote Access Service (RRAS) | CVE-2025-49671 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability | Важная |
Windows Routing and Remote Access Service (RRAS) | CVE-2025-49753 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Важная |
Windows Routing and Remote Access Service (RRAS) | CVE-2025-49729 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Важная |
Windows Routing and Remote Access Service (RRAS) | CVE-2025-49673 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Важная |
Windows Routing and Remote Access Service (RRAS) | CVE-2025-49674 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Важная |
Windows Routing and Remote Access Service (RRAS) | CVE-2025-49669 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Важная |
Windows Routing and Remote Access Service (RRAS) | CVE-2025-49663 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Важная |
Windows Routing and Remote Access Service (RRAS) | CVE-2025-49668 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Важная |
Windows Routing and Remote Access Service (RRAS) | CVE-2025-49681 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability | Важная |
Windows Routing and Remote Access Service (RRAS) | CVE-2025-49657 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Важная |
Windows Routing and Remote Access Service (RRAS) | CVE-2025-47998 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Важная |
Windows Routing and Remote Access Service (RRAS) | CVE-2025-48824 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Важная |
Windows Secure Kernel Mode | CVE-2025-48810 | Windows Secure Kernel Mode Information Disclosure Vulnerability | Важная |
Windows Shell | CVE-2025-49679 | Windows Shell Elevation of Privilege Vulnerability | Важная |
Windows SmartScreen | CVE-2025-49740 | Windows SmartScreen Security Feature Bypass Vulnerability | Важная |
Windows SMB | CVE-2025-48802 | Windows SMB Server Spoofing Vulnerability | Важная |
Windows SPNEGO Extended Negotiation | CVE-2025-47981 | SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability | Критическая |
Windows SSDP Service | CVE-2025-47976 | Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability | Важная |
Windows SSDP Service | CVE-2025-47975 | Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability | Важная |
Windows SSDP Service | CVE-2025-48815 | Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability | Важная |
Windows StateRepository API | CVE-2025-49723 | Windows StateRepository API Server file Tampering Vulnerability | Важная |
Windows Storage | CVE-2025-49760 | Windows Storage Spoofing Vulnerability | Средняя |
Windows Storage VSP Driver | CVE-2025-47982 | Windows Storage VSP Driver Elevation of Privilege Vulnerability | Важная |
Windows TCP/IP | CVE-2025-49686 | Windows TCP/IP Driver Elevation of Privilege Vulnerability | Важная |
Windows TDX.sys | CVE-2025-49658 | Windows Transport Driver Interface (TDI) Translation Driver Information Disclosure Vulnerability | Важная |
Windows TDX.sys | CVE-2025-49659 | Windows Transport Driver Interface (TDI) Translation Driver Elevation of Privilege Vulnerability | Важная |
Windows Universal Plug and Play (UPnP) Device Host | CVE-2025-48821 | Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability | Важная |
Windows Universal Plug and Play (UPnP) Device Host | CVE-2025-48819 | Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability | Важная |
Windows Update Service | CVE-2025-48799 | Windows Update Service Elevation of Privilege Vulnerability | Важная |
Windows User-Mode Driver Framework Host | CVE-2025-49664 | Windows User-Mode Driver Framework Host Information Disclosure Vulnerability | Важная |
Windows Virtualization-Based Security (VBS) Enclave | CVE-2025-47159 | Windows Virtualization-Based Security (VBS) Elevation of Privilege Vulnerability | Важная |
Windows Virtualization-Based Security (VBS) Enclave | CVE-2025-48811 | Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability | Важная |
Windows Virtualization-Based Security (VBS) Enclave | CVE-2025-48803 | Windows Virtualization-Based Security (VBS) Elevation of Privilege Vulnerability | Важная |
Windows Win32K - GRFX | CVE-2025-49727 | Win32k Elevation of Privilege Vulnerability | Важная |
Windows Win32K - ICOMP | CVE-2025-49733 | Win32k Elevation of Privilege Vulnerability | Важная |
Windows Win32K - ICOMP | CVE-2025-49667 | Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability | Важная |
Workspace Broker | CVE-2025-49665 | Workspace Broker Elevation of Privilege Vulnerability | Важная |