CVE-2025-49677: Microsoft Brokering File System Elevation of Privilege Vulnerability

CVE-2025-49676: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

CVE-2025-49661: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

CVE-2025-49658: Windows Transport Driver Interface (TDI) Translation Driver Information Disclosure Vulnerability

CVE-2025-49672: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

**According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L)? What does that mean for this vulnerability?**

Information in the victim's browser associated with the vulnerable URL can be read by the malicious JavaScript code and sent to the attacker.

Headline

CVE-2025-47977: Nuance Digital Engagement Platform Spoofing Vulnerability

Microsoft Security Response Center: Latest News