작성일
2025.11.13
수정일
2025.11.13
작성자
지현성
조회수
1

MS 11월 보안 위협에 따른 정기 보안 업데이트 권고

□ 개요

 o Microsoft 社는 자사 제품에서 발생하는 보안위협에 따른 정기 보안 업데이트 발표

 o 영향받는 버전을 사용 중인 시스템 사용자는 해결 방안에 따라 최신 버전으로 업데이트 권고

 

 11월 보안업데이트 개요 ( 14 종 

 o 등급  : 긴급 (Critical) 9 종 중요 (Important) 5 
 o 발표일  : 2025.11.11.()
 o 업데이트 내용

제품군

중요도

영향

Windows 11 25H2

긴급

권한 상승

Windows 11 24H2

긴급

권한 상승

Windows 11 23H2

긴급

권한 상승

Windows Server 2025, Windows Server 2025(Server Core 설치)

긴급

권한 상승

Windows Server 2022 23H2 버전(Server Core 설치),

Windows Server 2022, Windows Server 2022(Server Core 설치)

긴급

권한 상승

Windows Server 2019

긴급

권한 상승

Windows Server 2016

긴급

권한 상승

Microsoft Office

긴급

원격 코드 실행

Microsoft SharePoint

중요

원격 코드 실행

Microsoft Visual Studio

긴급

원격 코드 실행

Microsoft Dynamics 365

중요

스푸핑

Microsoft SQL Server

중요

권한 상승

Microsoft Azure

중요

원격 코드 실행

Microsoft System Center

중요

권한 상승

 

[참고 사이트]
[1] (한글https://msrc.microsoft.com/update-guide/ko-kr/
[2] (영문https://msrc.microsoft.com/update-guide/en-us/
[3] https://msrc.microsoft.com/update-guide/ko-kr/releaseNote/2025-Nov

 

 o  취약점 요약 정보 (총 134)

제품 카테고리

CVE 번호

CVE  제목

Mariner

CVE-2025-64437

KubeVirt Isolation Detection Flaw Allows Arbitrary File Permission Changes

Mariner

CVE-2025-64436

KubeVirt Excessive Role Permissions Could Enable Unauthorized VMI Migrations Between Nodes

Mariner

CVE-2025-64435

KubeVirt VMI Denial-of-Service (DoS) Using Pod Impersonation

Mariner

CVE-2025-64434

KubeVirt Improper TLS Certificate Management Handling Allows API Identity Spoofing

Mariner

CVE-2025-64433

KubeVirt Arbitrary Container File Read

Mariner

CVE-2025-64432

KubeVirt Affected by an Authentication Bypass in Kubernetes Aggregation Layer

Mariner

CVE-2025-64329

containerd CRI server: Host memory exhaustion through Attach goroutine leak

GitHub Copilot and Visual Studio Code

CVE-2025-62453

GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability

Windows Routing and Remote Access Service (RRAS)

CVE-2025-62452

Windows RRAS(Routing and Remote Access Service) 원격 코드 실행 취약성

Visual Studio Code CoPilot Chat Extension

CVE-2025-62449

Microsoft Visual Studio Code CoPilot Chat Extension Security Feature Bypass Vulnerability

Visual Studio Code CoPilot Chat Extension

CVE-2025-62222

에이전트 AI 및 Visual Studio Code 원격 코드 실행 취약성

Windows Subsystem for Linux GUI

CVE-2025-62220

Windows Subsystem for Linux GUI Remote Code Execution Vulnerability

Microsoft Wireless Provisioning System

CVE-2025-62219

Microsoft Wireless Provisioning System Elevation of Privilege Vulnerability

Microsoft Wireless Provisioning System

CVE-2025-62218

Microsoft Wireless Provisioning System Elevation of Privilege Vulnerability

Windows Ancillary Function Driver for WinSock

CVE-2025-62217

WinSock용 Windows 보조 기능 드라이버 권한 상승 취약성

Microsoft Office

CVE-2025-62216

Microsoft Office 원격 코드 실행 취약성

Windows Kernel

CVE-2025-62215

Windows 커널 권한 상승 취약성

Visual Studio

CVE-2025-62214

Visual Studio 원격 코드 실행 취약성

Windows Ancillary Function Driver for WinSock

CVE-2025-62213

WinSock용 Windows 보조 기능 드라이버 권한 상승 취약성

Dynamics 365 Field Service (online)

CVE-2025-62211

Dynamics 365 Field Service(온라인스푸핑 취약성

Dynamics 365 Field Service (online)

CVE-2025-62210

Dynamics 365 Field Service(온라인스푸핑 취약성

Windows License Manager

CVE-2025-62209

Windows License Manager Information Disclosure Vulnerability

Windows License Manager

CVE-2025-62208

Windows License Manager Information Disclosure Vulnerability

Microsoft Dynamics 365 (on-premises)

CVE-2025-62206

Microsoft Dynamics 365(-프레미스정보 공개 취약성

Microsoft Office Word

CVE-2025-62205

Microsoft Office 원격 코드 실행 취약성

Microsoft Office SharePoint

CVE-2025-62204

Microsoft SharePoint 원격 코드 실행 취약성

Microsoft Office Excel

CVE-2025-62203

Microsoft Excel 원격 코드 실행 취약성

Microsoft Office Excel

CVE-2025-62202

Microsoft Excel 정보 유출 취약성

Microsoft Office Excel

CVE-2025-62201

Microsoft Excel 원격 코드 실행 취약성

Microsoft Office Excel

CVE-2025-62200

Microsoft Excel 원격 코드 실행 취약성

Microsoft Office

CVE-2025-62199

Microsoft Office 원격 코드 실행 취약성

Mariner

CVE-2025-60753

An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).

Microsoft Office Excel

CVE-2025-60728

Microsoft Excel 정보 유출 취약성

Microsoft Office Excel

CVE-2025-60727

Microsoft Excel 원격 코드 실행 취약성

Microsoft Office Excel

CVE-2025-60726

Microsoft Excel 정보 유출 취약성

Microsoft Graphics Component

CVE-2025-60724

GDI+ 원격 코드 실행 취약성

Windows DirectX

CVE-2025-60723

DirectX Graphics 커널 서비스 거부 취약성

OneDrive for Android

CVE-2025-60722

Microsoft OneDrive for Android Elevation of Privilege Vulnerability

Windows Administrator Protection

CVE-2025-60721

Windows Administrator Protection Elevation of Privilege Vulnerability

Windows TDX.sys

CVE-2025-60720

Windows Transport Driver Interface(TDI) 변환 드라이버 권한 상승 취약성

Windows Ancillary Function Driver for WinSock

CVE-2025-60719

WinSock용 Windows 보조 기능 드라이버 권한 상승 취약성

Windows Administrator Protection

CVE-2025-60718

Windows Administrator Protection Elevation of Privilege Vulnerability

Windows Broadcast DVR User Service

CVE-2025-60717

Windows Broadcast DVR User Service Elevation of Privilege Vulnerability

Windows DirectX

CVE-2025-60716

DirectX Graphics 커널 권한 상승 취약성

Windows Routing and Remote Access Service (RRAS)

CVE-2025-60715

Windows RRAS(Routing and Remote Access Service) 원격 코드 실행 취약성

Windows OLE

CVE-2025-60714

Windows OLE 원격 코드 실행 취약성

Windows Routing and Remote Access Service (RRAS)

CVE-2025-60713

Windows RRAS(라우팅 및 원격 액세스 서비스권한 상승 취약성

Microsoft Edge (Chromium-based)

CVE-2025-60711

Microsoft Edge(Chromium 기반원격 코드 실행 취약성

Host Process for Windows Tasks

CVE-2025-60710

Host Process for Windows Tasks Elevation of Privilege Vulnerability

Windows Common Log File System Driver

CVE-2025-60709

Windows 공용 로그 파일 시스템 드라이버 권한 상승 취약성

Storvsp.sys Driver

CVE-2025-60708

Storvsp.sys Driver Denial of Service Vulnerability

Multimedia Class Scheduler Service (MMCSS)

CVE-2025-60707

Multimedia Class Scheduler Service (MMCSS) Driver Elevation of Privilege Vulnerability

Role: Windows Hyper-V

CVE-2025-60706

Windows Hyper-V 정보 유출 취약성

Windows Client-Side Caching (CSC) Service

CVE-2025-60705

Windows 클라이언트 쪽 캐싱 권한 상승 취약성

Windows Kerberos

CVE-2025-60704

Windows Kerberos 권한 상승 취약성

Windows Remote Desktop

CVE-2025-60703

Windows 원격 데스크톱 서비스 권한 상승 취약성

Windows Broadcast DVR User Service

CVE-2025-59515

Windows Broadcast DVR User Service Elevation of Privilege Vulnerability

Microsoft Streaming Service

CVE-2025-59514

Microsoft 스트리밍 서비스 프록시 권한 상승 취약성

Windows Bluetooth RFCOM Protocol Driver

CVE-2025-59513

Windows Bluetooth RFCOM Protocol Driver Information Disclosure Vulnerability

Customer Experience Improvement Program (CEIP)

CVE-2025-59512

Customer Experience Improvement Program (CEIP) Elevation of Privilege Vulnerability

Windows WLAN Service

CVE-2025-59511

Windows WLAN 서비스 권한 상승 취약성

Windows Routing and Remote Access Service (RRAS)

CVE-2025-59510

Windows 라우팅 및 원격 액세스 서비스(RRAS) 서비스 거부 취약성

Windows Speech

CVE-2025-59509

Windows Speech Recognition Information Disclosure Vulnerability

Windows Speech

CVE-2025-59508

Windows Speech Recognition Elevation of Privilege Vulnerability

Windows Speech

CVE-2025-59507

Windows 음성 런타임 권한 상승 취약성

Windows DirectX

CVE-2025-59506

DirectX Graphics 커널 권한 상승 취약성

Windows Smart Card

CVE-2025-59505

Windows Smart Card Reader Elevation of Privilege Vulnerability

Azure Monitor Agent

CVE-2025-59504

Azure Monitor 에이전트 원격 코드 실행 취약성

Azure Compute Gallery

CVE-2025-59503

Azure Compute Resource Provider Elevation of Privilege Vulnerability

Microsoft Configuration Manager

CVE-2025-59501

Microsoft Configuration Manager Spoofing Vulnerability

Azure Notification Service

CVE-2025-59500

Azure Notification Service Elevation of Privilege Vulnerability

SQL Server

CVE-2025-59499

Microsoft SQL Server 권한 상승 취약성

Internet Explorer

CVE-2025-59295

Windows URL 구문 분석 원격 코드 실행 취약성

Windows Server Update Service

CVE-2025-59287

Windows Server 업데이트 서비스(WSUS) 원격 코드 실행 취약성

Azure Event Grid

CVE-2025-59273

Azure Event Grid 시스템 권한 상승 취약성

Microsoft Office Excel

CVE-2025-59240

Microsoft Excel 정보 유출 취약성

Windows USB Video Driver

CVE-2025-55676

Windows USB 비디오 클래스 시스템 드라이버 정보 공개 취약성

Microsoft Configuration Manager

CVE-2025-55320

구성 관리자 권한 상승 취약성

ASP.NET Core

CVE-2025-55315

ASP.NET 보안 기능 바이패스 취약성

Microsoft Office Word

CVE-2025-53784

Microsoft Word 원격 코드 실행 취약성

Microsoft Teams

CVE-2025-53783

Microsoft Teams 원격 코드 실행 취약성

Microsoft Office PowerPoint

CVE-2025-53761

Microsoft PowerPoint 원격 코드 실행 취약성

Microsoft Office SharePoint

CVE-2025-53760

Microsoft SharePoint 권한 상승 취약성

Microsoft Office Excel

CVE-2025-53759

Microsoft Excel 원격 코드 실행 취약성

Microsoft Office Excel

CVE-2025-53741

Microsoft Excel 원격 코드 실행 취약성

Microsoft Office

CVE-2025-53740

Microsoft Office 원격 코드 실행 취약성

Microsoft Office Excel

CVE-2025-53739

Microsoft Excel 원격 코드 실행 취약성

Microsoft Office Word

CVE-2025-53738

Microsoft Word 원격 코드 실행 취약성

Microsoft Office Excel

CVE-2025-53737

Microsoft Excel 원격 코드 실행 취약성

Microsoft Office Word

CVE-2025-53736

Microsoft Word 정보 유출 취약성

Microsoft Office Excel

CVE-2025-53735

Microsoft Excel 원격 코드 실행 취약성

Microsoft Office Word

CVE-2025-53733

Microsoft Word 원격 코드 실행 취약성

Microsoft Office

CVE-2025-53731

Microsoft Office 원격 코드 실행 취약성

Mariner

CVE-2025-52881

runc: LSM labels can be bypassed with malicious config using dummy procfs files

Mariner

CVE-2025-52565

container escape due to /dev/console mount and related races

Windows File Explorer

CVE-2025-50154

Microsoft Windows 파일 탐색기 스푸핑 취약성

Windows Secure Boot

CVE-2025-47827

MITRE CVE-2025-47827: IGEL OS 11 이전 버전에서 보안 부팅 바이패스

Microsoft Configuration Manager

CVE-2025-47179

구성 관리자 권한 상승 취약성

Mariner

CVE-2025-40109

crypto: rng - Ensure set_ent is always present

Mariner

CVE-2025-40107

can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled

Mariner

CVE-2025-31133

runc container escape via "masked path" abuse due to mount race conditions

Nuance PowerScribe

CVE-2025-30398

Nuance PowerScribe 360 정보 공개 취약성

Microsoft PowerShell

CVE-2025-25004

PowerShell 권한 상승 취약성

Mariner

CVE-2025-12875

mruby array.c ary_fill_exec out-of-bounds write

Mariner

CVE-2025-12863

Libxml2: namespace use-after-free in xmlsettreedoc() function of libxml2

Microsoft Edge (Chromium-based)

CVE-2025-12729

Chromium: CVE-2025-12729 Omnibox에서 부적절한 구현

Microsoft Edge (Chromium-based)

CVE-2025-12728

Chromium: CVE-2025-12728 Omnibox에서 부적절한 구현

Microsoft Edge (Chromium-based)

CVE-2025-12727

Chromium: CVE-2025-12727 V8에서 부적절한 구현

Microsoft Edge (Chromium-based)

CVE-2025-12726

Chromium: CVE-2025-12726 보기에서 부적절한 구현

Microsoft Edge (Chromium-based)

CVE-2025-12725

Chromium: CVE-2025-12725 WebGPU에서 범위를 벗어난 쓰기

Microsoft Edge (Chromium-based)

CVE-2025-12447

Chromium: CVE-2025-12447 Incorrect security UI in Omnibox

Microsoft Edge (Chromium-based)

CVE-2025-12446

Chromium: CVE-2025-12446 Incorrect security UI in SplitView

Microsoft Edge (Chromium-based)

CVE-2025-12445

Chromium: CVE-2025-12445 Policy bypass in Extensions

Microsoft Edge (Chromium-based)

CVE-2025-12444

Chromium: CVE-2025-12444 Incorrect security UI in Fullscreen UI

Microsoft Edge (Chromium-based)

CVE-2025-12443

Chromium: CVE-2025-12433 Inappropriate implementation in V8

Microsoft Edge (Chromium-based)

CVE-2025-12441

Chromium: CVE-2025-12441 Out of bounds read in V8

Microsoft Edge (Chromium-based)

CVE-2025-12440

Chromium: CVE-2025-12440 Inappropriate implementation in Autofill

Microsoft Edge (Chromium-based)

CVE-2025-12439

Chromium: CVE-2025-12439 Inappropriate implementation in App-Bound Encryption

Microsoft Edge (Chromium-based)

CVE-2025-12438

Chromium: CVE-2025-12438 Use after free in Ozone

Microsoft Edge (Chromium-based)

CVE-2025-12437

Chromium: CVE-2025-12437 Use after free in PageInfo

Microsoft Edge (Chromium-based)

CVE-2025-12436

Chromium: CVE-2025-12436 Policy bypass in Extensions

Microsoft Edge (Chromium-based)

CVE-2025-12435

Chromium: CVE-2025-12435 Incorrect security UI in Omnibox

Microsoft Edge (Chromium-based)

CVE-2025-12434

Chromium: CVE-2025-12434 Race in Storage

Microsoft Edge (Chromium-based)

CVE-2025-12433

Chromium: CVE-2025-12433 Inappropriate implementation in V8

Microsoft Edge (Chromium-based)

CVE-2025-12432

Chromium: CVE-2025-12432 Race in V8

Microsoft Edge (Chromium-based)

CVE-2025-12431

Chromium: CVE-2025-12431 Inappropriate implementation in Extensions

Microsoft Edge (Chromium-based)

CVE-2025-12430

Chromium: CVE-2025-12430 x-object lifecycle issue in Media

Microsoft Edge (Chromium-based)

CVE-2025-12429

Chromium: CVE-2025-12429 Inappropriate implementation in V8

Microsoft Edge (Chromium-based)

CVE-2025-12428

Chromium: CVE-2025-12428 Type Confusion in V8

Microsoft Edge (Chromium-based)

CVE-2025-12036

Chromium: CVE-2025-12036 Inappropriate implementation in V8

Microsoft Edge (Chromium-based)

CVE-2025-11756

Chromium: CVE-2025-11756 Use after free in Safe Browsing

Mariner

CVE-2025-10966

missing SFTP host verification with wolfSSH

Mariner

CVE-2024-25621

containerd affected by a local privilege escalation via wide permissions on CRI directory

Microsoft Edge (Chromium-based)

CVE-2023-4863

Chromium: CVE-2023-4863 WebP에서 힙 버퍼 오버플로

□ 출처

 o KISA 보호나라 & KrCERT/CC

첨부파일
첨부파일이(가) 없습니다.