CVE-2025-49699 Microsoft Office Remote Code Execution Vulnerability
**Are the updates for Microsoft Office LTSC for Mac 2021 and 2024 currently available?**Yes. As of July 15, 2025, the security update for Microsoft Office LTSC for Mac 2021 and 2024 are available. Customers running Microsoft Office LTSC for Mac 2021 and 2024 should ensure the update is installed to be protected from this vulnerability.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49699
**Are the updates for Microsoft Office LTSC for Mac 2021 and 2024 currently available?**Yes. As of July 15, 2025, the security update for Microsoft Office LTSC for Mac 2021 and 2024 are available. Customers running Microsoft Office LTSC for Mac 2021 and 2024 should ensure the update is installed to be protected from this vulnerability.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49699
CVE-2025-49698 Microsoft Word Remote Code Execution Vulnerability
**Are the updates for Microsoft Office LTSC for Mac 2021 and 2024 currently available?**Yes. As of July 15, 2025, the security update for Microsoft Office LTSC for Mac 2021 and 2024 are available. Customers running Microsoft Office LTSC for Mac 2021 and 2024 should ensure the update is installed to be protected from this vulnerability.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49698
**Are the updates for Microsoft Office LTSC for Mac 2021 and 2024 currently available?**Yes. As of July 15, 2025, the security update for Microsoft Office LTSC for Mac 2021 and 2024 are available. Customers running Microsoft Office LTSC for Mac 2021 and 2024 should ensure the update is installed to be protected from this vulnerability.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49698
CVE-2025-49697 Microsoft Office Remote Code Execution Vulnerability
**Are the updates for Microsoft Office LTSC for Mac 2021 and 2024 currently available?**Yes. As of July 15, 2025, the security update for Microsoft Office LTSC for Mac 2021 and 2024 are available. Customers running Microsoft Office LTSC for Mac 2021 and 2024 should ensure the update is installed to be protected from this vulnerability.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49697
**Are the updates for Microsoft Office LTSC for Mac 2021 and 2024 currently available?**Yes. As of July 15, 2025, the security update for Microsoft Office LTSC for Mac 2021 and 2024 are available. Customers running Microsoft Office LTSC for Mac 2021 and 2024 should ensure the update is installed to be protected from this vulnerability.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49697
CVE-2025-49696 Microsoft Office Remote Code Execution Vulnerability
**Are the updates for Microsoft Office LTSC for Mac 2021 and 2024 currently available?**Yes. As of July 15, 2025, the security update for Microsoft Office LTSC for Mac 2021 and 2024 are available. Customers running Microsoft Office LTSC for Mac 2021 and 2024 should ensure the update is installed to be protected from this vulnerability.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49696
**Are the updates for Microsoft Office LTSC for Mac 2021 and 2024 currently available?**Yes. As of July 15, 2025, the security update for Microsoft Office LTSC for Mac 2021 and 2024 are available. Customers running Microsoft Office LTSC for Mac 2021 and 2024 should ensure the update is installed to be protected from this vulnerability.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49696
CVE-2025-49695 Microsoft Office Remote Code Execution Vulnerability
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49695
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49695
CVE-2025-49735 Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability
Corrected Download and Article links in the Security Updates table. This is an informational change only.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49735
Corrected Download and Article links in the Security Updates table. This is an informational change only.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49735
Chromium: CVE-2025-7656 Integer overflow in V8
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-7656
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-7656
Chromium: CVE-2025-6558 Incorrect validation of untrusted input in ANGLE and GPU
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information. Google is aware that an exploit for CVE-2025-6558 exists in the wild.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-6558
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information. Google is aware that an exploit for CVE-2025-6558 exists in the wild.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-6558
Chromium: CVE-2025-7657 Use after free in WebRTC
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-7657
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-7657
CVE-2024-36350 AMD: CVE-2024-36350 Transient Scheduler Attack in Store Queue
Corrected CVE number. This is an informational change only.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-36350
Corrected CVE number. This is an informational change only.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-36350
CVE-2025-53762 Microsoft Purview Elevation of Privilege Vulnerability
Permissive list of allowed inputs in Microsoft Purview allows an authorized attacker to elevate privileges over a network.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53762
Permissive list of allowed inputs in Microsoft Purview allows an authorized attacker to elevate privileges over a network.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53762
CVE-2025-47158 Azure DevOps Server Elevation of Privilege Vulnerability
Authentication bypass by assumed-immutable data in Azure DevOps allows an unauthorized attacker to elevate privileges over a network.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47158
Authentication bypass by assumed-immutable data in Azure DevOps allows an unauthorized attacker to elevate privileges over a network.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47158
CVE-2025-47995 Azure Machine Learning Elevation of Privilege Vulnerability
Weak authentication in Azure Machine Learning allows an authorized attacker to elevate privileges over a network.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47995
Weak authentication in Azure Machine Learning allows an authorized attacker to elevate privileges over a network.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47995
CVE-2025-49746 Azure Machine Learning Elevation of Privilege Vulnerability
Improper authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49746
Improper authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49746
CVE-2025-49747 Azure Machine Learning Elevation of Privilege Vulnerability
Missing authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49747
Missing authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49747
CVE-2025-53770 Microsoft SharePoint Server Remote Code Execution Vulnerability
The security update is avaialble for Microsoft SharePoint Server Subscription Edition. Microsoft strongly encourages customers running this version of SharePoint to install this update as soon as possible.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53770
The security update is avaialble for Microsoft SharePoint Server Subscription Edition. Microsoft strongly encourages customers running this version of SharePoint to install this update as soon as possible.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53770
CVE-2025-53771 Microsoft SharePoint Server Spoofing Vulnerability
Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53771
Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53771
CVE-2025-49706 Microsoft SharePoint Server Spoofing Vulnerability
Updated one or more CVSS scores for the affected products. This is an informational change only.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49706
Updated one or more CVSS scores for the affected products. This is an informational change only.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49706
CVE-2022-44693 Microsoft SharePoint Server Remote Code Execution Vulnerability
Updated the build numbers. This is an informational update only.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44693
Updated the build numbers. This is an informational update only.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44693
CVE-2025-29819 Windows Admin Center in Azure Portal Information Disclosure Vulnerability
Updated acknowledgment. This is an informational change only.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29819
Updated acknowledgment. This is an informational change only.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29819
Chromium: CVE-2025-8010 Type Confusion in V8
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-8010
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-8010