Concurrent execution using shared resource with improper synchronization (‘race condition’) in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62469

Out-of-bounds read in Windows Defender Firewall Service allows an authorized attacker to disclose information locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62468

Integer overflow or wraparound in Windows Projected File System allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62467

Null pointer dereference in Windows Client-Side Caching (CSC) Service allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62466

Null pointer dereference in Windows DirectX allows an authorized attacker to deny service locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62465

Buffer over-read in Windows Projected File System allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62464

Null pointer dereference in Windows DirectX allows an authorized attacker to deny service locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62463

Buffer over-read in Windows Projected File System allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62462

Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62461

Heap-based buffer overflow in Windows Win32K – GRFX allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62458

Out-of-bounds read in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62457

Heap-based buffer overflow in Windows Resilient File System (ReFS) allows an authorized attacker to execute code over a network. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62456

Improper input validation in Windows Message Queuing allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62455

Heap-based buffer overflow in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally. More information : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62454