Summary
This update deploys cumulative Microsoft Windows security patches through March 2026 for LTSB 2016, LTSC 2019, and LTSC 2021.
Impact
Not deploying Windows security patches increases the attack surface, leaves systems exposed to known vulnerabilities, and elevates operational risk.
Affected Product(s)
| Model no. | Product name | Affected versions |
|---|---|---|
| FreshWay B | Microsoft Windows 10 LTSC 2021 lacking KB5066135, Microsoft Windows 10 LTSC 2019 lacking KB5005112, Microsoft Windows 10 LTSC 2019 lacking KB5066143, Microsoft Windows 10 LTSB 2016 lacking KB4577586, Microsoft Windows 10 LTSC 2019 lacking KB5078752, Microsoft Windows 10 LTSB 2016 lacking KB5078938, Microsoft Windows 10 LTSC 2021 lacking KB5031539, Microsoft Windows 10 LTSC 2021 lacking KB5078885, Microsoft Windows 10 LTSB 2016 lacking KB5075902 | |
| FreshWay D | Microsoft Windows 10 LTSC 2019 lacking KB5078752, Microsoft Windows 10 LTSC 2019 lacking KB5066143, Microsoft Windows 10 LTSC 2021 lacking KB5031539, Microsoft Windows 10 LTSC 2021 lacking KB5078885, Microsoft Windows 10 LTSC 2019 lacking KB5005112, Microsoft Windows 10 LTSC 2021 lacking KB5066135 |
Vulnerabilities
Expand / Collapse allHeap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to elevate privileges over an adjacent network.
Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.
Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.
Out-of-bounds read in Windows Extensible File Allocation allows an authorized attacker to elevate privileges locally.
Out-of-bounds read in Windows NTFS allows an authorized attacker to elevate privileges locally.
Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally.
Out-of-bounds read in Windows GDI+ allows an unauthorized attacker to disclose information over a network.
Use after free in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.
Improper validation of specified type of input in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
Exposure of sensitive information to an unauthorized actor in Windows Shell Link Processing allows an unauthorized attacker to perform spoofing over a network.
Mitigation
Install the cumulative Windows security patches through March 2026 for LTSB 2016, LTSC 2019, and LTSC 2021. The patches have to be applied to scales FreshWay B and FreshWay D with Windows operating system.
Acknowledgments
Mettler-Toledo GmbH thanks the following parties for their efforts:
- CERT@VDE for coordination (see https://certvde.com )
Revision History
| Version | Date | Summary |
|---|---|---|
| 1.0.0 | 14.07.2026 12:00 | Initial revision |