Security Alert (A25-07-05): Multiple Vulnerabilities in Microsoft Products (July 2025)


 

Published on: 09 July 2025

  
  

Description:

Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components. The list of security updates can be found at:
https://msrc.microsoft.com/update-guide/releaseNote/2025-Jul

 

Affected Systems:

  • Microsoft Windows 10, 11
  • Microsoft Windows Server 2008, 2008 R2, 2012, 2012 R2, 2016, 2019, 2022, 2022, 23H2 Edition, 2025
  • Microsoft Office, 2016, 2019
  • Office Online Server
  • Microsoft Excel 2016
  • Microsoft Word 2016
  • Microsoft PowerPoint 2016
  • Microsoft Outlook 2016
  • Microsoft 365 Apps for Enterprise
  • Microsoft SharePoint Enterprise Server 2016
  • Microsoft SharePoint Server, 2019
  • Microsoft SQL Server 2016, 2017, 2019, 2022
  • Microsoft Visual Studio 2015, 2017, 2019, 2022
  • Azure
  • Microsoft Teams
  • Python extension for Visual Studio Code
  • Remote Desktop client for Windows Desktop

 

Impact:

Depending on the vulnerability exploited, a successful attack could lead to remote code execution, elevation of privilege, information disclosure, denial of service, security feature bypass, spoofing and tampering on an affected system.

 

Recommendation:

Patches for affected products are available from the Windows Update / Microsoft Update Catalog. Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.

 

More Information:

  • https://msrc.microsoft.com/update-guide/releaseNote/2025-Jul
  • https://www.hkcert.org/tc/security-bulletin/microsoft-monthly-security-update-july-2025
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21195
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26636
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27613
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27614
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-33054
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-36350
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-36357
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46334
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46835
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47159
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47178
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47971 (to CVE-2025-47973)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47975
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47976
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47978
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47980 (to CVE-2025-47982)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47984 (to CVE-2025-47988)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47991
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47993
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47994
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47996
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47998 (to CVE-2025-48003)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48384 (to CVE-2025-48386)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48799
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48800
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48802 (to CVE-2025-48806)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48808 (to CVE-2025-48812)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48814 (to CVE-2025-48824)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49657 (to CVE-2025-49661)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49663 (to CVE-2025-49691)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49693 (to CVE-2025-49706)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49711
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49714
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49716 (to CVE-2025-49719)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49721 (to CVE-2025-49727)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49729 (to CVE-2025-49733)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49735
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49737 (to CVE-2025-49740)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49742
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49744
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49753
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49756
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49760


Tag: Microsoft , Windows , Windows Server , Microsoft Office , Office Online Server , Excel , Word , PowerPoint , Outlook , Microsoft 365 Apps , SharePoint , SQL Server , Visual Studio , Microsoft Azure , Microsoft Teams , Visual Studio Code , Remote Desktop
Tags