发布日期：2025-10-14
更新日期：2025-10-15

受影响系统：

Microsoft Windows Server 2025 (Server Core installation
Microsoft Windows Server 2025
Microsoft Windows Server 2022, 23H2 Edition (Server Cor
Microsoft Windows Server 2022 (Server Core installation
Microsoft Windows Server 2022
Microsoft Windows Server 2019 (Server Core Installation
Microsoft Windows Server 2019
Microsoft Windows 10 22H2 for x64-based Systems
Microsoft Windows 10 22H2 for ARM64-based Systems
Microsoft Windows 10 22H2 for 32-bit Systems
Microsoft Windows 10 21H2 for x64-based Systems
Microsoft Windows 10 21H2 for ARM64-based Systems
Microsoft Windows 10 21H2 for 32-bit Systems
Microsoft Windows 10 1809 for x64-based Systems
Microsoft Windows 10 1809 for 32-bit Systems
Microsoft Windows 11 25H2 for x64-based Systems
Microsoft Windows 11 25H2 for ARM64-based Systems
Microsoft Windows 11 24H2 for x64-based Systems
Microsoft Windows 11 24H2 for ARM64-based Systems
Microsoft Windows 11 23H2 for x64-based Systems
Microsoft Windows 11 23H2 for ARM64-based Systems
Microsoft Windows 11 22H2 for x64-based Systems
Microsoft Windows 11 22H2 for ARM64-based Systems

描述：

---

CVE(CAN) ID: CVE-2025-48813

Microsoft Windows Virtual Secure Mode是微软在Windows 10及Windows Server 2016中引入的安全技术，基于Hyper-V的虚拟化技术，通过创建虚拟信任级别（VTLs）实现内核与用户态代码的隔离，防止不同权限级别的进程互相访问内存。
Microsoft Windows Virtual Secure Mode存在欺骗漏洞，攻击者可借助特制网站利用该漏洞欺骗内容并诱导用户相信该网站的合法性，同时结合网页服务中的其他漏洞发起攻击。

<**>

建议：

---

厂商补丁：

Microsoft
---------
目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-48813

浏览次数：53
严重程度：0（网友投票）