Information Disclosure Vulnerability in Windows Hello by Microsoft
CVE-2025-47969

4.4MEDIUM

Key Information:

Vendor: Microsoft
Status: Windows 11 Version 22h2; Windows Server 2025 (server Core Installation); Windows 11 Version 22h3; Windows 11 Version 23h2
Vendor: CVE Published:; 10 June 2025

What is CVE-2025-47969?

The vulnerability in Windows Hello allows unauthorized actors to gain access to sensitive information due to improper handling of data. This exposure can lead to significant risks, as attackers could disclose critical information locally, impacting user security and privacy. It is essential for users and administrators to ensure their systems are updated and configured correctly to mitigate potential exploitation of this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Windows 11 version 22H2 ARM64-based Systems 10.0.22621.0 < 10.0.22621.5335

Windows 11 version 22H3 ARM64-based Systems 10.0.22631.0 < 10.0.22621.5335

Windows 11 Version 23H2 x64-based Systems 10.0.22631.0 < 10.0.22621.5335

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

4.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 10, 2025
Vulnerability Reserved
May 14, 2025

JSON

Microsoft

What is CVE-2025-47969?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.