Below is a detailed, publish-ready technical brief on the Windows Imaging Component information-disclosure issue you asked about. I’ve also checked the public advisories and noticed a likely mismatch in the CVE number you supplied — see the “Note on the CVE number” section first.
Note on the CVE...
An HPE ProLiant DL325 class server running Windows Server 2025 has been reported to crash to a Blue Screen of Death with the stop code IRQL_NOT_LESS_OR_EQUAL (what failed: ntoskrnl.exe) after applying the July 2025 cumulative updates (KB5062553 and follow-ons), sparking fresh warnings for server...
Microsoft’s Security Update Guide entry for the StateRepository API points to a missing authorization check that can be abused by a locally authorized attacker to tamper with files and escalate privileges — but there’s an important CVE-number mismatch in public reporting that every admin must...