SB2025111147 - Multiple vulnerabilities in Microsoft Windows Administrator Protection

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Untrusted search path (CVE-ID: CVE-2025-60718)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to usage of an untrusted search path in Windows Administrator Protection. A local user can place a malicious binary into a specific location on the system and execute arbitrary code with escalated privileges.

2) Privilege Context Switching Error (CVE-ID: CVE-2025-60721)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to privilege context switching error in Windows Administrator Protection, which leads to security restrictions bypass and privilege escalation.

Remediation

Install update from vendor's website.

References

• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-60718
• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-60721