Microsoft on Tuesday introduced 109 patches affecting 16 product households. Eighteen of the addressed points are thought-about by Microsoft to be of Important severity, and 31 have a CVSS base rating of 8.0 or increased, together with a \u201cexcellent\u201d 10.0 affecting Azure. None are recognized to be underneath energetic exploit within the wild, although two Home windows points (CVE-2025-53786 and CVE-2025-53779) are already publicly disclosed.<\/p>\n
At patch time, 9 CVEs are judged extra prone to be exploited within the subsequent 30 days by the corporate\u2019s estimation. Varied of this month\u2019s points are amenable to direct detection by Sophos protections, and we embody data on these in a desk beneath. As well as, eight CVEs included on this month\u2019s set, largely involving cloud-centric product households resembling Azure and 365, are already patched \u2013 together with the CVSS-10 merchandise talked about above. We now have included data on all eight in Appendix D. Curiously, two of these had been truly patched a full month in the past, within the July cycle, however a clerical mix-up left that data out of Microsoft\u2019s July launch supplies. We embody these two in our August depend. Advisory data on ten Edge fixes was additionally included on this month\u2019s launch, and could be seen in Appendix D.<\/p>\n
We’re as at all times together with on the finish of this submit further appendices itemizing all Microsoft\u2019s patches sorted by severity, by predicted exploitability timeline and CVSS Base rating, and by product household. One other appendix covers advisory-style updates and the listing of points mentioned on this month\u2019s launch supplies however mitigated previous to the discharge, and one other gives breakout of the patches affecting the varied Home windows Server platforms nonetheless in assist.<\/p>\n
By the numbers<\/strong><\/p>\n * Microsoft\u2019s official launch materials states that only one vulnerability, CVE-2025-53779, is publicly disclosed by their requirements. Nonetheless, CVE-2025-53786 was publicly demonstrated at Black Hat final week and has been very broadly mentioned since then, with a CISA Emergency Directive<\/a> issued. We embody it in our tally for completeness.<\/p>\n Determine 1: Elevation of Privilege vulnerabilities outpace Distant Code Execution flaws for the second month in a row, however RCE points account for extra Important-severity patches<\/em><\/p>\n Merchandise<\/strong><\/p>\n * As talked about, the discharge data states that two of those had been patched with the July launch; we embody these two within the August counts right here and all through this submit.<\/p>\n ** Consists of two Important-severity patches for Microsoft 365 Copilot\u2019s Enterprise Chat.<\/p>\n *** The discharge data notes that 4 of the Azure vulnerabilities have already been mitigated.<\/p>\n As is our customized for this listing, CVEs that apply to a couple of product household are counted as soon as for every household they have an effect on. We observe, by the best way, that CVE names don\u2019t at all times mirror affected product households carefully. Specifically, some CVEs names within the Workplace household could point out merchandise that don\u2019t seem within the listing of merchandise affected by the CVE, and vice versa.<\/p>\n Determine 2: Home windows patches 5 Important-severity patches in August, however so do Azure and Workplace \u2013 and 365 has all of them beat with six<\/em><\/p>\n Notable August updates<\/strong><\/p>\n Along with the problems mentioned above, quite a lot of particular gadgets advantage consideration.<\/p>\n CVE-2025-50165 \u2014 Home windows Graphics Element Distant Code Execution Vulnerability It\u2019s a tricky month for Home windows graphics-related componentry, as these two vulnerabilities weigh in with 9.8 CVSS Base scores. CVE-2025-50165 requires no person interplay, and could be exploited by an uninitialized operate pointer being known as when decoding a malicious JPEG, which may very well be embedded in a doc, a Net web page, or what you’ll. It impacts strictly the latest variations of Home windows (Win 11 2H24, Server 2025). Equally, CVE-2025-53766 may very well be triggered with out person interplay, ought to an attacker handle to add paperwork containing a specifically crafted metafile to an internet service. (Alternately, they might craft a doc containing the metafile, ship it to an unwary person, and get them to open it.) Unusually, this CVE impacts each Home windows and Workplace.<\/p>\n CVE-2025-49712 \u2014 Microsoft SharePoint Distant Code Execution Vulnerability<\/strong><\/p>\n As most Microsoft observers know properly, there was loads to say<\/a> between the July and August Patch Tuesday releases about SharePoint. This challenge, nonetheless, appears unrelated to ToolShell, although it\u2019s pretty disagreeable all by itself, permitting any authenticated attacker to execute code over the community with little prior information of the community required.<\/p>\n CVE-2025-53731, CVE-2025-53733, CVE-2025-53740, CVE-2025-53784 \u2013 4 365\/Workplace points<\/strong><\/p>\n Preview Pane is a vector for all 4 of those vulnerabilities.<\/p>\n CVE-2025-53774, CVE-2025-53787 \u2014 Microsoft 365 Copilot BizChat Data Disclosure Vulnerability<\/strong><\/p>\n These identically titled information-disclosure vulnerabilities, each Important-severity, are talked about in Microsoft\u2019s abstract data for August, however the firm notes that each have already been mitigated. Nonetheless, CVE-2025-53787 specifically didn’t go quietly, and web commenters had issues to say<\/a> concerning the future implications of bugs of this nature. (It\u2019s fascinating to notice that earlier data from Microsoft, as per the WindowsForum submit, thought-about the problem to be Essential in severity; the discharge on Tuesday categorised it as Important.)<\/p>\n CVE-2025-53786 \u2014 Microsoft Trade Server Hybrid Deployment Elevation of Privilege Vulnerability<\/strong><\/p>\n As famous above, this Essential-severity EoP challenge bought loads of consideration at Black Hat and from CISA earlier this month. It\u2019s a bug to be taken severely, and Microsoft states that they consider it\u2019s one of many vulnerabilities extra prone to be exploited throughout the first 30 days post-release. However the story of how this patch arrived at launch is an fascinating one from a disclosure standpoint. The finder, Dirk-jan Mollema\u00a0with\u00a0Outsider Safety, labored with Microsoft to type out the problem previous to his Black Hat presentation. In flip, Microsoft credit his discover of their launch supplies, an indication that the disclosure was well-coordinated. The difficulty itself pertains to an April hotfix for hybrid Trade deployments.<\/p>\n CVE-2024-53772 \u2014 Net Deploy Distant Code Execution Vulnerability<\/strong><\/p>\n Net Deploy, for these not conversant in the instrument<\/a>, is used to deploy Net purposes and Internet sites to IIS servers. It can seemingly be acquainted to customers of Visible Studio.<\/p>\n Determine 3: Distant Code Execution points proceed to steer all different varieties in 2025\u2019s Patch Tuesday releases, however Elevation of Privilege points are shut behind \u2013 266 to 257, by our depend. In the meantime, Spoofing picks up its first Important-severity case in August, and the primary non-advisory Average-severity patch of the 12 months is famous<\/em><\/p>\n Sophos protections<\/strong><\/p>\n As you’ll be able to each month, when you don\u2019t wish to wait to your system to tug down Microsoft\u2019s updates itself, you’ll be able to obtain them manually from the Home windows Replace Catalog web site. Run the winver.exe <\/strong>instrument to find out which construct of Home windows 10 or 11 you\u2019re working, then obtain the Cumulative Replace package deal to your particular system\u2019s structure and construct quantity.<\/p>\n Appendix A: Vulnerability Affect and Severity<\/strong><\/p>\n It is a listing of August patches sorted by affect, then sub-sorted by severity. Every listing is additional organized by CVE.<\/p>\n Elevation of Privilege (44 CVEs)<\/strong><\/p>\n \u00a0<\/strong><\/p>\n Distant Code Execution (35 CVEs)<\/strong><\/p>\n \u00a0<\/strong><\/p>\n Data Disclosure (18 CVEs)<\/strong><\/p>\n \u00a0<\/p>\n Spoofing (7 CVEs)<\/strong><\/p>\n \u00a0<\/p>\n Denial of Service (4 CVEs)<\/strong><\/p>\n \u00a0<\/p>\n Tampering (1 CVE)<\/strong><\/p>\n \u00a0<\/p>\n Appendix B: Exploitability and CVSS<\/strong><\/p>\n It is a listing of the August CVEs judged by Microsoft to be extra prone to be exploited within the wild throughout the first 30 days post-release. (No CVE amongst this month\u2019s patches is thought to be already exploited within the wild, in order that listing doesn\u2019t seem this month.) The listing is additional organized by CVE.<\/p>\n \u00a0<\/p>\n It is a listing of August\u2019s CVEs with a Microsoft-assessed CVSS Base rating of 8.0 or increased. They’re organized by rating and additional sorted by CVE. For extra data on how CVSS works, please see our sequence on patch prioritization schema<\/a>.<\/p>\n \u00a0<\/p>\n Appendix C: Merchandise Affected<\/strong><\/p>\n It is a listing of August\u2019s patches sorted by product household, then sub-sorted by severity. Every listing is additional organized by CVE. Patches which might be shared amongst a number of product households are listed a number of instances, as soon as for every product household. Sure vital points for which advisories have been issued are coated in Appendix D, and points affecting Home windows Server are additional sorted in Appendix E. All CVE titles are correct as made accessible by Microsoft; for additional data on why sure merchandise could seem in titles and never product households (or vice versa), please seek the advice of Microsoft.<\/p>\n Home windows (65 CVEs)<\/strong><\/p>\n \u00a0<\/strong><\/p>\n 365 (16 CVEs)<\/strong><\/p>\n \u00a0<\/p>\n Workplace (16 CVEs)<\/strong><\/p>\n \u00a0<\/p>\n Azure (7 CVEs)<\/strong><\/p>\n \u00a0<\/p>\n SQL (6 CVEs)<\/strong><\/p>\n \u00a0<\/p>\n Trade (5 CVEs)<\/strong><\/p>\n \u00a0<\/p>\n Excel (4 CVEs)<\/strong><\/p>\n SharePoint (4 CVEs)<\/strong><\/p>\n\n
\n
\n
![\"A](\"https:\/\/news.sophos.com\/wp-content\/uploads\/2025\/08\/pt2508-fig01.png\")
<\/a><\/p>\n\n
![\"A](\"https:\/\/news.sophos.com\/wp-content\/uploads\/2025\/08\/pt2508-fig02.png\")
<\/a><\/p>\n
CVE-2025-53766 \u2014 GDI+ Distant Code Execution Vulnerability<\/strong><\/p>\n![\"A](\"https:\/\/news.sophos.com\/wp-content\/uploads\/2025\/08\/pt2508-fig03.png\")
<\/a><\/p>\n\n\n
\n CVE<\/strong><\/td>\n Sophos Intercept X\/Endpoint IPS<\/strong><\/td>\n Sophos XGS Firewall<\/strong><\/td>\n<\/tr>\n \n CVE-2025-49743<\/td>\n Exp\/2549743-A<\/td>\n Exp\/2549743-A<\/td>\n<\/tr>\n \n CVE-2025-50167<\/td>\n Exp\/2550167-A<\/td>\n Exp\/2550167-A<\/td>\n<\/tr>\n \n CVE-2025-50168<\/td>\n Exp\/2550168-A<\/td>\n Exp\/2550168-A<\/td>\n<\/tr>\n \n CVE-2025-50177<\/td>\n SID:2311472,2311473<\/td>\n SID:2311472,2311473<\/td>\n<\/tr>\n \n CVE-2025-53132<\/td>\n Exp\/2553132-A<\/td>\n Exp\/2553132-A<\/td>\n<\/tr>\n \n CVE-2025-53147<\/td>\n Exp\/2553147-A<\/td>\n Exp\/2553147-A<\/td>\n<\/tr>\n \n CVE-2025-53778<\/td>\n SID:2311491<\/td>\n SID:2311491<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n \n\n
\n Important severity<\/strong><\/td>\n<\/tr>\n \n CVE-2025-24999<\/td>\n Microsoft SQL Server Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53767<\/td>\n Azure OpenAI Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53778<\/td>\n Home windows NTLM Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53792<\/td>\n Azure Portal Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n Essential severity<\/strong><\/td>\n<\/tr>\n \n CVE-2025-47954<\/td>\n Microsoft SQL Server Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-49743<\/td>\n Home windows Graphics Element Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-49758<\/td>\n Microsoft SQL Server Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-49759<\/td>\n Microsoft SQL Server Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-49761<\/td>\n Home windows Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-49762<\/td>\n Home windows Ancillary Perform Driver for WinSock Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50153<\/td>\n Desktop Home windows Supervisor Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50155<\/td>\n Home windows Push Notifications Apps Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50159<\/td>\n Distant Entry Level-to-Level Protocol (PPP) EAP-TLS Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50161<\/td>\n Win32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50167<\/td>\n Home windows Hyper-V Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50168<\/td>\n Win32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50170<\/td>\n Home windows Cloud Information Mini Filter Driver Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50173<\/td>\n Home windows Installer Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53132<\/td>\n Win32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53133<\/td>\n Home windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53134<\/td>\n Home windows Ancillary Perform Driver for WinSock Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53135<\/td>\n DirectX Graphics Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53137<\/td>\n Home windows Ancillary Perform Driver for WinSock Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53140<\/td>\n Home windows Kernel Transaction Supervisor Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53141<\/td>\n Home windows Ancillary Perform Driver for WinSock Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53142<\/td>\n Microsoft Brokering File System Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53147<\/td>\n Home windows Ancillary Perform Driver for WinSock Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53149<\/td>\n Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53151<\/td>\n Home windows Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53154<\/td>\n Home windows Ancillary Perform Driver for WinSock Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53155<\/td>\n Home windows Hyper-V Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53718<\/td>\n Home windows Ancillary Perform Driver for WinSock Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53721<\/td>\n Home windows Related Gadgets Platform Service Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53723<\/td>\n Home windows Hyper-V Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53724<\/td>\n Home windows Push Notifications Apps Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53725<\/td>\n Home windows Push Notifications Apps Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53726<\/td>\n Home windows Push Notifications Apps Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53727<\/td>\n Microsoft SQL Server Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53729<\/td>\n Microsoft Azure File Sync Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53760<\/td>\n Microsoft SharePoint Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53786<\/td>\n Microsoft Trade Server Hybrid Deployment Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53788<\/td>\n Home windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53789<\/td>\n Home windows StateRepository API Server file Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n Average severity<\/strong><\/td>\n<\/tr>\n \n CVE-2025-53779<\/td>\n Home windows Kerberos Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n \n\n
\n Important severity<\/strong><\/td>\n<\/tr>\n \n CVE-2025-48807<\/td>\n Microsoft SQL Server Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50165<\/td>\n Home windows Graphics Element Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50176<\/td>\n DirectX Graphics Kernel Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50177<\/td>\n Microsoft Message Queuing (MSMQ) Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53731<\/td>\n Microsoft Workplace Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53733<\/td>\n Microsoft Phrase Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53740<\/td>\n Microsoft Workplace Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53766<\/td>\n GDI+ Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53784<\/td>\n Microsoft Phrase Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-48807<\/td>\n Microsoft SQL Server Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n Essential severity<\/strong><\/td>\n<\/tr>\n \n CVE-2025-49712<\/td>\n Microsoft SharePoint Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-49757<\/td>\n Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50160<\/td>\n Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50162<\/td>\n Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50163<\/td>\n Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50164<\/td>\n Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50169<\/td>\n Home windows SMB Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53131<\/td>\n Home windows Media Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53143<\/td>\n Microsoft Message Queuing (MSMQ) Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53144<\/td>\n Microsoft Message Queuing (MSMQ) Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53145<\/td>\n Microsoft Message Queuing (MSMQ) Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53152<\/td>\n Desktop Home windows Supervisor Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53720<\/td>\n Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53730<\/td>\n Microsoft Workplace Visio Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53732<\/td>\n Microsoft Workplace Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53734<\/td>\n Microsoft Workplace Visio Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53735<\/td>\n Microsoft Excel Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53737<\/td>\n Microsoft Excel Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53738<\/td>\n Microsoft Phrase Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53739<\/td>\n Microsoft Excel Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53741<\/td>\n Microsoft Excel Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53759<\/td>\n Microsoft Excel Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53761<\/td>\n Microsoft PowerPoint Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53772<\/td>\n Net Deploy Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53773<\/td>\n GitHub Copilot and Visible Studio Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53783<\/td>\n Microsoft Groups Distant Code Execution Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n \n\n
\n Important severity<\/strong><\/td>\n<\/tr>\n \n CVE-2025-53774<\/td>\n Microsoft 365 Copilot BizChat Data Disclosure Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53781<\/td>\n Azure Digital Machines Data Disclosure Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53787<\/td>\n Microsoft 365 Copilot BizChat Data Disclosure Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53793<\/td>\n Azure Stack Hub Data Disclosure Vulnerability<\/td>\n<\/tr>\n \n Essential severity<\/strong><\/td>\n<\/tr>\n \n CVE-2025-33051<\/td>\n Microsoft Trade Server Data Disclosure Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50156<\/td>\n Home windows Routing and Distant Entry Service (RRAS) Data Disclosure Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50157<\/td>\n Home windows Routing and Distant Entry Service (RRAS) Data Disclosure Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50158<\/td>\n Home windows NTFS Data Disclosure Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50166<\/td>\n Home windows Distributed Transaction Coordinator (MSDTC) Data Disclosure Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53136<\/td>\n NT OS Kernel Data Disclosure Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53138<\/td>\n Home windows Routing and Distant Entry Service (RRAS) Data Disclosure Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53148<\/td>\n Home windows Routing and Distant Entry Service (RRAS) Data Disclosure Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53153<\/td>\n Home windows Routing and Distant Entry Service (RRAS) Data Disclosure Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53156<\/td>\n Home windows Storage Port Driver Data Disclosure Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53719<\/td>\n Home windows Routing and Distant Entry Service (RRAS) Data Disclosure Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53728<\/td>\n Microsoft Dynamics 365 (On-Premises) Data Disclosure Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53736<\/td>\n Microsoft Phrase Data Disclosure Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53765<\/td>\n Azure Stack Hub Data Disclosure Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n \n\n
\n Important severity<\/strong><\/td>\n<\/tr>\n \n CVE-2025-49707<\/td>\n Azure Digital Machines Spoofing Vulnerability<\/td>\n<\/tr>\n \n Essential severity<\/strong><\/td>\n<\/tr>\n \n CVE-2025-25006<\/td>\n Microsoft Trade Server Spoofing Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-25007<\/td>\n Microsoft Trade Server Spoofing Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-49745<\/td>\n Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50154<\/td>\n Microsoft Home windows File Explorer Spoofing Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50171<\/td>\n Distant Desktop Spoofing Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53769<\/td>\n Home windows Safety App Spoofing Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n \n\n
\n Essential severity<\/strong><\/td>\n<\/tr>\n \n CVE-2025-49751<\/td>\n Home windows Hyper-V Denial of Service Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50172<\/td>\n DirectX Graphics Kernel Denial of Service Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53716<\/td>\n Native Safety Authority Subsystem Service (LSASS) Denial of Service Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53722<\/td>\n Home windows Distant Desktop Providers\u00a0Denial of Service Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n \n\n
\n Essential severity<\/strong><\/td>\n<\/tr>\n \n CVE-2025-25005<\/td>\n Microsoft Trade Server Tampering Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n \n\n
\n Exploitation extra seemingly throughout the subsequent 30 days<\/strong><\/td>\n<\/tr>\n \n CVE-2025-49743<\/td>\n Home windows Graphics Element Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50167<\/td>\n Home windows Hyper-V Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50168<\/td>\n Win32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50177<\/td>\n Microsoft Message Queuing (MSMQ) Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53132<\/td>\n Win32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53147<\/td>\n Home windows Ancillary Perform Driver for WinSock Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53156<\/td>\n Home windows Storage Port Driver Data Disclosure Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53778<\/td>\n Home windows NTLM Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53786<\/td>\n Microsoft Trade Server Hybrid Deployment Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n \n\n
\n CVSS Base<\/strong><\/td>\n CVSS Temporal<\/strong><\/td>\n CVE<\/strong><\/td>\n Title<\/strong><\/td>\n<\/tr>\n \n 10.0<\/td>\n 8.7<\/td>\n CVE-2025-53767<\/td>\n Azure OpenAI Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n 9.8<\/td>\n 8.5<\/td>\n CVE-2025-50165<\/td>\n Home windows Graphics Element Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n 9.8<\/td>\n 8.5<\/td>\n CVE-2025-53766<\/td>\n GDI+ Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n 9.1<\/td>\n 7.9<\/td>\n CVE-2025-50171<\/td>\n Distant Desktop Spoofing Vulnerability<\/td>\n<\/tr>\n \n 9.1<\/td>\n 7.9<\/td>\n CVE-2025-53792<\/td>\n Azure Portal Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n 8.8<\/td>\n 7.7<\/td>\n CVE-2025-24999<\/td>\n Microsoft SQL Server Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n 8.8<\/td>\n 7.7<\/td>\n CVE-2025-47954<\/td>\n Microsoft SQL Server Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n 8.8<\/td>\n 7.7<\/td>\n CVE-2025-49712<\/td>\n Microsoft SharePoint Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n 8.8<\/td>\n 7.7<\/td>\n CVE-2025-49757<\/td>\n Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n 8.8<\/td>\n 7.7<\/td>\n CVE-2025-49758<\/td>\n Microsoft SQL Server Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n 8.8<\/td>\n 7.7<\/td>\n CVE-2025-49759<\/td>\n Microsoft SQL Server Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n 8.8<\/td>\n 7.7<\/td>\n CVE-2025-50163<\/td>\n Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n 8.8<\/td>\n 7.7<\/td>\n CVE-2025-53131<\/td>\n Home windows Media Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n 8.8<\/td>\n 7.7<\/td>\n CVE-2025-53143<\/td>\n Microsoft Message Queuing (MSMQ) Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n 8.8<\/td>\n 7.7<\/td>\n CVE-2025-53144<\/td>\n Microsoft Message Queuing (MSMQ) Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n 8.8<\/td>\n 7.7<\/td>\n CVE-2025-53145<\/td>\n Microsoft Message Queuing (MSMQ) Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n 8.8<\/td>\n 7.7<\/td>\n CVE-2025-53727<\/td>\n Microsoft SQL Server Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n 8.8<\/td>\n 7.7<\/td>\n CVE-2025-53772<\/td>\n Net Deploy Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n 8.8<\/td>\n 7.7<\/td>\n CVE-2025-53778<\/td>\n Home windows NTLM Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n 8.4<\/td>\n 7.3<\/td>\n CVE-2025-53731<\/td>\n Microsoft Workplace Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n 8.4<\/td>\n 7.3<\/td>\n CVE-2025-53733<\/td>\n Microsoft Phrase Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n 8.4<\/td>\n 7.3<\/td>\n CVE-2025-53740<\/td>\n Microsoft Workplace Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n 8.4<\/td>\n 7.3<\/td>\n CVE-2025-53784<\/td>\n Microsoft Phrase Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n 8.2<\/td>\n 7.1<\/td>\n CVE-2025-53787<\/td>\n Microsoft 365 Copilot BizChat Data Disclosure Vulnerability<\/td>\n<\/tr>\n \n 8.1<\/td>\n 7.1<\/td>\n CVE-2025-50177<\/td>\n Microsoft Message Queuing (MSMQ) Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n 8.0<\/td>\n 7.0<\/td>\n CVE-2025-50160<\/td>\n Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n 8.0<\/td>\n 7.0<\/td>\n CVE-2025-50162<\/td>\n Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n 8.0<\/td>\n 7.0<\/td>\n CVE-2025-50164<\/td>\n Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n 8.0<\/td>\n 7.0<\/td>\n CVE-2025-53132<\/td>\n Win32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n 8.0<\/td>\n 7.0<\/td>\n CVE-2025-53720<\/td>\n Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n 8.0<\/td>\n 7.0<\/td>\n CVE-2025-53786<\/td>\n Microsoft Trade Server Hybrid Deployment Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n \n\n
\n Important severity<\/strong><\/td>\n<\/tr>\n \n CVE-2025-50165<\/td>\n Home windows Graphics Element Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50176<\/td>\n DirectX Graphics Kernel Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50177<\/td>\n Microsoft Message Queuing (MSMQ) Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53766<\/td>\n GDI+ Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53778<\/td>\n Home windows NTLM Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n Essential severity<\/strong><\/td>\n \n<\/tr>\n \n CVE-2025-49743<\/td>\n Home windows Graphics Element Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-49751<\/td>\n Home windows Hyper-V Denial of Service Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-49757<\/td>\n Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-49761<\/td>\n Home windows Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-49762<\/td>\n Home windows Ancillary Perform Driver for WinSock Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50153<\/td>\n Desktop Home windows Supervisor Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50154<\/td>\n Microsoft Home windows File Explorer Spoofing Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50155<\/td>\n Home windows Push Notifications Apps Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50156<\/td>\n Home windows Routing and Distant Entry Service (RRAS) Data Disclosure Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50157<\/td>\n Home windows Routing and Distant Entry Service (RRAS) Data Disclosure Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50158<\/td>\n Home windows NTFS Data Disclosure Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50159<\/td>\n Distant Entry Level-to-Level Protocol (PPP) EAP-TLS Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50160<\/td>\n Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50161<\/td>\n Win32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50162<\/td>\n Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50163<\/td>\n Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50164<\/td>\n Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50166<\/td>\n Home windows Distributed Transaction Coordinator (MSDTC) Data Disclosure Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50167<\/td>\n Home windows Hyper-V Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50168<\/td>\n Win32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50169<\/td>\n Home windows SMB Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50170<\/td>\n Home windows Cloud Information Mini Filter Driver Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50171<\/td>\n Distant Desktop Spoofing Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50172<\/td>\n DirectX Graphics Kernel Denial of Service Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-50173<\/td>\n Home windows Installer Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53131<\/td>\n Home windows Media Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53132<\/td>\n Win32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53133<\/td>\n Home windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53134<\/td>\n Home windows Ancillary Perform Driver for WinSock Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53135<\/td>\n DirectX Graphics Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53136<\/td>\n NT OS Kernel Data Disclosure Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53137<\/td>\n Home windows Ancillary Perform Driver for WinSock Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53138<\/td>\n Home windows Routing and Distant Entry Service (RRAS) Data Disclosure Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53140<\/td>\n Home windows Kernel Transaction Supervisor Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53141<\/td>\n Home windows Ancillary Perform Driver for WinSock Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53142<\/td>\n Microsoft Brokering File System Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53143<\/td>\n Microsoft Message Queuing (MSMQ) Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53144<\/td>\n Microsoft Message Queuing (MSMQ) Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53145<\/td>\n Microsoft Message Queuing (MSMQ) Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53147<\/td>\n Home windows Ancillary Perform Driver for WinSock Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53148<\/td>\n Home windows Routing and Distant Entry Service (RRAS) Data Disclosure Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53149<\/td>\n Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53151<\/td>\n Home windows Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53152<\/td>\n Desktop Home windows Supervisor Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53153<\/td>\n Home windows Routing and Distant Entry Service (RRAS) Data Disclosure Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53154<\/td>\n Home windows Ancillary Perform Driver for WinSock Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53155<\/td>\n Home windows Hyper-V Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53156<\/td>\n Home windows Storage Port Driver Data Disclosure Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53716<\/td>\n Native Safety Authority Subsystem Service (LSASS) Denial of Service Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53718<\/td>\n Home windows Ancillary Perform Driver for WinSock Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53719<\/td>\n Home windows Routing and Distant Entry Service (RRAS) Data Disclosure Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53720<\/td>\n Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53721<\/td>\n Home windows Related Gadgets Platform Service Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53722<\/td>\n Home windows Distant Desktop Providers\u00a0Denial of Service Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53723<\/td>\n Home windows Hyper-V Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53724<\/td>\n Home windows Push Notifications Apps Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53725<\/td>\n Home windows Push Notifications Apps Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53726<\/td>\n Home windows Push Notifications Apps Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53789<\/td>\n Home windows StateRepository API Server file Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n Average severity<\/strong><\/td>\n<\/tr>\n \n CVE-2025-53779<\/td>\n Home windows Kerberos Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n \n\n
\n Important severity<\/strong><\/td>\n<\/tr>\n \n CVE-2025-53731<\/td>\n Microsoft Workplace Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53733<\/td>\n Microsoft Phrase Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53740<\/td>\n Microsoft Workplace Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53774<\/td>\n Microsoft 365 Copilot BizChat Data Disclosure Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53784<\/td>\n Microsoft Phrase Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53787<\/td>\n Microsoft 365 Copilot BizChat Data Disclosure Vulnerability<\/td>\n<\/tr>\n \n Essential severity<\/strong><\/td>\n<\/tr>\n \n CVE-2025-53730<\/td>\n Microsoft Workplace Visio Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53734<\/td>\n Microsoft Workplace Visio Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53735<\/td>\n Microsoft Excel Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53736<\/td>\n Microsoft Phrase Data Disclosure Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53737<\/td>\n Microsoft Excel Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53738<\/td>\n Microsoft Phrase Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53739<\/td>\n Microsoft Excel Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53741<\/td>\n Microsoft Excel Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53759<\/td>\n Microsoft Excel Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53761<\/td>\n Microsoft PowerPoint Distant Code Execution Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n \n\n
\n Important severity<\/strong><\/td>\n<\/tr>\n \n CVE-2025-53731<\/td>\n Microsoft Workplace Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53733<\/td>\n Microsoft Phrase Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53740<\/td>\n Microsoft Workplace Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53766<\/td>\n GDI+ Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53784<\/td>\n Microsoft Phrase Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n Essential severity<\/strong><\/td>\n<\/tr>\n \n CVE-2025-53730<\/td>\n Microsoft Workplace Visio Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53732<\/td>\n Microsoft Workplace Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53734<\/td>\n Microsoft Workplace Visio Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53735<\/td>\n Microsoft Excel Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53736<\/td>\n Microsoft Phrase Data Disclosure Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53737<\/td>\n Microsoft Excel Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53738<\/td>\n Microsoft Phrase Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53739<\/td>\n Microsoft Excel Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53741<\/td>\n Microsoft Excel Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53759<\/td>\n Microsoft Excel Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53761<\/td>\n Microsoft PowerPoint Distant Code Execution Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n \n\n
\n Important severity<\/strong><\/td>\n<\/tr>\n \n CVE-2025-49707<\/td>\n Azure Digital Machines Spoofing Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53767<\/td>\n Azure OpenAI Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53781<\/td>\n Azure Digital Machines Data Disclosure Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53792<\/td>\n Azure Portal Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53793<\/td>\n Azure Stack Hub Data Disclosure Vulnerability<\/td>\n<\/tr>\n \n Essential severity<\/strong><\/td>\n<\/tr>\n \n CVE-2025-53729<\/td>\n Microsoft Azure File Sync Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53765<\/td>\n Azure Stack Hub Data Disclosure Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n \n\n
\n Important severity<\/strong><\/td>\n<\/tr>\n \n CVE-2025-24999<\/td>\n Microsoft SQL Server Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-48807<\/td>\n Microsoft SQL Server Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n Essential severity<\/strong><\/td>\n<\/tr>\n \n CVE-2025-47954<\/td>\n Microsoft SQL Server Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-49758<\/td>\n Microsoft SQL Server Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-49759<\/td>\n Microsoft SQL Server Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53727<\/td>\n Microsoft SQL Server Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n \n\n
\n Essential severity<\/strong><\/td>\n<\/tr>\n \n CVE-2025-25005<\/td>\n Microsoft Trade Server Tampering Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-25006<\/td>\n Microsoft Trade Server Spoofing Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-25007<\/td>\n Microsoft Trade Server Spoofing Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-33051<\/td>\n Microsoft Trade Server Data Disclosure Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53786<\/td>\n Microsoft Trade Server Hybrid Deployment Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n \n\n
\n Essential severity<\/strong><\/td>\n<\/tr>\n \n CVE-2025-53735<\/td>\n Microsoft Excel Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53737<\/td>\n Microsoft Excel Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53739<\/td>\n Microsoft Excel Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n CVE-2025-53741<\/td>\n Microsoft Excel Distant Code Execution Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n \n\n
\n Important severity<\/strong><\/td>\n<\/tr>\n \n CVE-2025-53733<\/td>\n Microsoft Phrase Distant Code Execution Vulnerability<\/td>\n<\/tr>\n \n Essential severity<\/strong><\/td>\n<\/tr>\n