Microsoft Windows Server 2025
Moderate fix1 remedy
cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*
Moderate fix1 remedy
Microsoft Windows NTFS Improper Access Control Vulnerability Allowing Information Disclosure
Vulnerability
A vulnerability exists in Windows NTFS due to improper access control, which allows an authorized attacker to disclose file path information from a folder where they lack permission to view contents. This issue affects multiple Windows versions, including various releases of Windows 10, Windows 11, Windows Server 2008, 2012, 2016, 2022, and 2025.
Impact
Exploitation of this vulnerability could lead to unauthorized disclosure of file system information, specifically file path details, from restricted folders.
Remediation
Security updates addressing this vulnerability have been released and are available through the Microsoft Update Catalog. For Windows 10 and 11 users, specific update details can be found in the Security Updates table. Additionally, the vulnerability fix has been released as disabled by default, but administrators can enable it through a registry key.
Added: Sep 1, 2025, 7:22 PM
Updated: Sep 1, 2025, 7:22 PM
Vulnerability Rating
Custom Algorithm
spread
8.4impact
2.5exploitability
3.3remediation
7.7relevance
0.0threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.