CVE-2025-24990

Summary

Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with supported Windows operating systems. This is an announcement of the upcoming removal of ltmdm64.sys driver. The driver has been removed in the October cumulative update. Fax modem hardware dependent on this specific driver will no longer work on Windows. Microsoft recommends removing any existing dependencies on this hardware.

Affected Software

VendorProductVersion RangeStatus
MicrosoftWindows 10 Version 150710.0.10240.0 < 10.0.10240.21161affected
MicrosoftWindows 10 Version 160710.0.14393.0 < 10.0.14393.8519affected
MicrosoftWindows 10 Version 180910.0.17763.0 < 10.0.17763.7919affected
MicrosoftWindows 10 Version 21H210.0.19044.0 < 10.0.19044.6456affected
MicrosoftWindows 10 Version 22H210.0.19045.0 < 10.0.19045.6456affected
MicrosoftWindows 11 version 22H210.0.22621.0 < 10.0.22621.6060affected
MicrosoftWindows 11 Version 23H210.0.22631.0 < 10.0.22631.6060affected
MicrosoftWindows 11 Version 24H210.0.26100.0 < 10.0.26100.6899affected
MicrosoftWindows 11 Version 25H210.0.26200.0 < 10.0.26200.6899affected
MicrosoftWindows Server 2008 R2 Service Pack 16.1.7601.0 < 6.1.7601.27974affected
MicrosoftWindows Server 2008 R2 Service Pack 1 (Server Core installation)6.1.7601.0 < 6.1.7601.27974affected
MicrosoftWindows Server 2008 Service Pack 26.0.6003.0 < 6.0.6003.23571affected
MicrosoftWindows Server 2008 Service Pack 2 (Server Core installation)6.0.6003.0 < 6.0.6003.23571affected
MicrosoftWindows Server 20126.2.9200.0 < 6.2.9200.25722affected
MicrosoftWindows Server 2012 (Server Core installation)6.2.9200.0 < 6.2.9200.25722affected
MicrosoftWindows Server 2012 R26.3.9600.0 < 6.3.9600.22824affected
MicrosoftWindows Server 2012 R2 (Server Core installation)6.3.9600.0 < 6.3.9600.22824affected
MicrosoftWindows Server 201610.0.14393.0 < 10.0.14393.8519affected
MicrosoftWindows Server 2016 (Server Core installation)10.0.14393.0 < 10.0.14393.8519affected
MicrosoftWindows Server 201910.0.17763.0 < 10.0.17763.7919affected
MicrosoftWindows Server 2019 (Server Core installation)10.0.17763.0 < 10.0.17763.7919affected
MicrosoftWindows Server 202210.0.20348.0 < 10.0.20348.4294affected
MicrosoftWindows Server 2022, 23H2 Edition (Server Core installation)10.0.25398.0 < 10.0.25398.1913affected
MicrosoftWindows Server 202510.0.26100.0 < 10.0.26100.6899affected
MicrosoftWindows Server 2025 (Server Core installation)10.0.26100.0 < 10.0.26100.6899affected

Weaknesses

  • CWE-822: CWE-822: Untrusted Pointer Dereference

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: active
    • Automatable: no
    • Technical Impact: total

Additional References

CVE Program Container

Additional References

References