SB2025111147 - Multiple vulnerabilities in Microsoft Windows Administrator Protection

Description

This security bulletin contains information about 2 vulnerabilities.

1) Untrusted search path (CVE-ID: CVE-2025-60718)

CWE-ID: CWE-426 - Untrusted Search Path

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to usage of an untrusted search path in Windows Administrator Protection. A local user can place a malicious binary into a specific location on the system and execute arbitrary code with escalated privileges.

2) Privilege Context Switching Error (CVE-ID: CVE-2025-60721)

CWE-ID: CWE-270 - Privilege Context Switching Error

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to privilege context switching error in Windows Administrator Protection, which leads to security restrictions bypass and privilege escalation.

Remediation

Install update from vendor's website.

References

• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-60718
• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-60721