This report contains detail for the following vulnerabilities:
| CVE Issued by | Tag | CVE ID | CVE Title |
|---|---|---|---|
| Microsoft | .NET and Visual Studio | CVE-2025-30399 | .NET and Visual Studio Remote Code Execution Vulnerability |
| Microsoft | App Control for Business (WDAC) | CVE-2025-33069 | Windows App Control for Business Security Feature Bypass Vulnerability |
| secalert@redhat.com | Mariner | CVE-2023-40550 | Unknown |
| security@golang.org | Mariner | CVE-2025-22872 | Unknown |
| secalert@redhat.com | Mariner | CVE-2023-40549 | Unknown |
| secalert@redhat.com | Mariner | CVE-2023-40546 | Unknown |
| cve_disclosure@tech.gov.sg | Mariner | CVE-2025-1744 | Unknown |
| secalert@redhat.com | Mariner | CVE-2023-1393 | Unknown |
| openssl-security@openssl.org | Mariner | CVE-2024-6119 | Unknown |
| security@ubuntu.com | Mariner | CVE-2022-28737 | Unknown |
| secure@intel.com | Mariner | CVE-2019-14584 | Unknown |
| secalert@redhat.com | Mariner | CVE-2023-40548 | Unknown |
| Microsoft | Microsoft AutoUpdate (MAU) | CVE-2025-47968 | Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability |
| Chrome | Microsoft Edge (Chromium-based) | CVE-2025-5068 | Chromium: CVE-2025-5068 Use after free in Blink |
| Chrome | Microsoft Edge (Chromium-based) | CVE-2025-5419 | Chromium: CVE-2025-5419 Out of bounds read and write in V8 |
| Microsoft | Microsoft Local Security Authority Server (lsasrv) | CVE-2025-33056 | Windows Local Security Authority (LSA) Denial of Service Vulnerability |
| Microsoft | Microsoft Office | CVE-2025-47164 | Microsoft Office Remote Code Execution Vulnerability |
| Microsoft | Microsoft Office | CVE-2025-47167 | Microsoft Office Remote Code Execution Vulnerability |
| Microsoft | Microsoft Office | CVE-2025-47162 | Microsoft Office Remote Code Execution Vulnerability |
| Microsoft | Microsoft Office | CVE-2025-47173 | Microsoft Office Remote Code Execution Vulnerability |
| Microsoft | Microsoft Office | CVE-2025-47953 | Microsoft Office Remote Code Execution Vulnerability |
| Microsoft | Microsoft Office Excel | CVE-2025-47165 | Microsoft Excel Remote Code Execution Vulnerability |
| Microsoft | Microsoft Office Excel | CVE-2025-47174 | Microsoft Excel Remote Code Execution Vulnerability |
| Microsoft | Microsoft Office Outlook | CVE-2025-47171 | Microsoft Outlook Remote Code Execution Vulnerability |
| Microsoft | Microsoft Office Outlook | CVE-2025-47176 | Microsoft Outlook Remote Code Execution Vulnerability |
| Microsoft | Microsoft Office PowerPoint | CVE-2025-47175 | Microsoft PowerPoint Remote Code Execution Vulnerability |
| Microsoft | Microsoft Office SharePoint | CVE-2025-47172 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
| Microsoft | Microsoft Office SharePoint | CVE-2025-47166 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
| Microsoft | Microsoft Office SharePoint | CVE-2025-47163 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
| Microsoft | Microsoft Office Word | CVE-2025-47170 | Microsoft Word Remote Code Execution Vulnerability |
| Microsoft | Microsoft Office Word | CVE-2025-47957 | Microsoft Word Remote Code Execution Vulnerability |
| Microsoft | Microsoft Office Word | CVE-2025-47169 | Microsoft Word Remote Code Execution Vulnerability |
| Microsoft | Microsoft Office Word | CVE-2025-47168 | Microsoft Word Remote Code Execution Vulnerability |
| Microsoft | Nuance Digital Engagement Platform | CVE-2025-47977 | Nuance Digital Engagement Platform Spoofing Vulnerability |
| Microsoft | Power Automate | CVE-2025-47966 | Power Automate Elevation of Privilege Vulnerability |
| Microsoft | Remote Desktop Client | CVE-2025-32715 | Remote Desktop Protocol Client Information Disclosure Vulnerability |
| Microsoft | Visual Studio | CVE-2025-47959 | Visual Studio Remote Code Execution Vulnerability |
| Microsoft | WebDAV | CVE-2025-33053 | Web Distributed Authoring and Versioning (WEBDAV) Remote Code Execution Vulnerability |
| Microsoft | Windows Common Log File System Driver | CVE-2025-32713 | Windows Common Log File System Driver Elevation of Privilege Vulnerability |
| Microsoft | Windows Cryptographic Services | CVE-2025-29828 | Windows Schannel Remote Code Execution Vulnerability |
| Microsoft | Windows DHCP Server | CVE-2025-33050 | DHCP Server Service Denial of Service Vulnerability |
| Microsoft | Windows DHCP Server | CVE-2025-32725 | DHCP Server Service Denial of Service Vulnerability |
| Microsoft | Windows DWM Core Library | CVE-2025-33052 | Windows DWM Core Library Information Disclosure Vulnerability |
| Microsoft | Windows Hello | CVE-2025-47969 | Windows Virtualization-Based Security (VBS) Information Disclosure Vulnerability |
| Microsoft | Windows Installer | CVE-2025-33075 | Windows Installer Elevation of Privilege Vulnerability |
| Microsoft | Windows Installer | CVE-2025-32714 | Windows Installer Elevation of Privilege Vulnerability |
| Microsoft | Windows KDC Proxy Service (KPSSVC) | CVE-2025-33071 | Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability |
| Microsoft | Windows Kernel | CVE-2025-33067 | Windows Task Scheduler Elevation of Privilege Vulnerability |
| Microsoft | Windows Local Security Authority (LSA) | CVE-2025-33057 | Windows Local Security Authority (LSA) Denial of Service Vulnerability |
| Microsoft | Windows Local Security Authority Subsystem Service (LSASS) | CVE-2025-32724 | Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability |
| Microsoft | Windows Media | CVE-2025-32716 | Windows Media Elevation of Privilege Vulnerability |
| Microsoft | Windows Netlogon | CVE-2025-33070 | Windows Netlogon Elevation of Privilege Vulnerability |
| Microsoft | Windows Recovery Driver | CVE-2025-32721 | Windows Recovery Driver Elevation of Privilege Vulnerability |
| Microsoft | Windows Remote Access Connection Manager | CVE-2025-47955 | Windows Remote Access Connection Manager Elevation of Privilege Vulnerability |
| Microsoft | Windows Remote Desktop Services | CVE-2025-32710 | Windows Remote Desktop Services Remote Code Execution Vulnerability |
| Microsoft | Windows Routing and Remote Access Service (RRAS) | CVE-2025-33064 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| Microsoft | Windows Routing and Remote Access Service (RRAS) | CVE-2025-33066 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| Microsoft | Windows SDK | CVE-2025-47962 | Windows SDK Elevation of Privilege Vulnerability |
| CERT/CC | Windows Secure Boot | CVE-2025-3052 | Cert CC: CVE-2025-3052 InsydeH2O Secure Boot Bypass |
| Microsoft | Windows Security App | CVE-2025-47956 | Windows Security App Spoofing Vulnerability |
| Microsoft | Windows Shell | CVE-2025-47160 | Windows Shortcut Files Security Feature Bypass Vulnerability |
| Microsoft | Windows SMB | CVE-2025-33073 | Windows SMB Client Elevation of Privilege Vulnerability |
| Microsoft | Windows SMB | CVE-2025-32718 | Windows SMB Client Elevation of Privilege Vulnerability |
| Microsoft | Windows Standards-Based Storage Management Service | CVE-2025-33068 | Windows Standards-Based Storage Management Service Denial of Service Vulnerability |
| Microsoft | Windows Storage Management Provider | CVE-2025-32719 | Windows Storage Management Provider Information Disclosure Vulnerability |
| Microsoft | Windows Storage Management Provider | CVE-2025-24065 | Windows Storage Management Provider Information Disclosure Vulnerability |
| Microsoft | Windows Storage Management Provider | CVE-2025-24068 | Windows Storage Management Provider Information Disclosure Vulnerability |
| Microsoft | Windows Storage Management Provider | CVE-2025-33055 | Windows Storage Management Provider Information Disclosure Vulnerability |
| Microsoft | Windows Storage Management Provider | CVE-2025-24069 | Windows Storage Management Provider Information Disclosure Vulnerability |
| Microsoft | Windows Storage Management Provider | CVE-2025-33060 | Windows Storage Management Provider Information Disclosure Vulnerability |
| Microsoft | Windows Storage Management Provider | CVE-2025-33059 | Windows Storage Management Provider Information Disclosure Vulnerability |
| Microsoft | Windows Storage Management Provider | CVE-2025-33062 | Windows Storage Management Provider Information Disclosure Vulnerability |
| Microsoft | Windows Storage Management Provider | CVE-2025-33061 | Windows Storage Management Provider Information Disclosure Vulnerability |
| Microsoft | Windows Storage Management Provider | CVE-2025-33058 | Windows Storage Management Provider Information Disclosure Vulnerability |
| Microsoft | Windows Storage Management Provider | CVE-2025-32720 | Windows Storage Management Provider Information Disclosure Vulnerability |
| Microsoft | Windows Storage Management Provider | CVE-2025-33065 | Windows Storage Management Provider Information Disclosure Vulnerability |
| Microsoft | Windows Storage Management Provider | CVE-2025-33063 | Windows Storage Management Provider Information Disclosure Vulnerability |
| Microsoft | Windows Storage Port Driver | CVE-2025-32722 | Windows Storage Port Driver Information Disclosure Vulnerability |
| Microsoft | Windows Win32K - GRFX | CVE-2025-32712 | Win32k Elevation of Privilege Vulnerability |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-47957
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Word Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:8.4/TemporalScore:7.3
Executive Summary: Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. FAQ: Is the Preview Pane an attack vector for this vulnerability? No, the Preview Pane is not an attack vector. Are the updates for the Microsoft 365 for Office currently available? The security update for Microsoft 365 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information. According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-47957 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft 365 Apps for Enterprise for 32-bit Systems | Important | Remote Code Execution | None | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Unknown | Unknown | None | |
| Microsoft 365 Apps for Enterprise for 64-bit Systems | Important | Remote Code Execution | None | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Unknown | Unknown | None | |
| Microsoft Office LTSC 2021 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2021 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| CVE ID | Acknowledgements |
| CVE-2025-47957 | Haifei Li with EXPMON |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-29828
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Schannel Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:8.1/TemporalScore:7.1
Executive Summary: Missing release of memory after effective lifetime in Windows Cryptographic Services allows an unauthorized attacker to execute code over a network. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to send a large number of messages. How could an attacker exploit the vulnerability? An attacker can exploit this vulnerability by sending malicious fragmented ClientHello messages to a target server that accepts Transport Layer Security (TLS) connections. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Critical | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-29828 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 11 Version 22H2 for ARM64-based Systems | 5060999 (Security Update) | Critical | Remote Code Execution | 5058405 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5060999 (Security Update) | Critical | Remote Code Execution | 5058405 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5060999 (Security Update) | Critical | Remote Code Execution | 5058405 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5060999 (Security Update) | Critical | Remote Code Execution | 5058405 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Critical | Remote Code Execution | 5058411 5058497 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Critical | Remote Code Execution | 5058411 5058497 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2022 | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Critical | Remote Code Execution | 5058385 5058500 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Critical | Remote Code Execution | 5058385 5058500 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5060118 (Security Update) | Critical | Remote Code Execution | 5058384 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.1665 |
Yes | None |
| Windows Server 2025 | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Critical | Remote Code Execution | 5058411 5058497 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Critical | Remote Code Execution | 5058411 5058497 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-29828 | Anonymous |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-30399
MITRE NVD Issuing CNA: Microsoft |
CVE Title: .NET and Visual Studio Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Executive Summary: Untrusted search path in .NET and Visual Studio allows an unauthorized attacker to execute code over a network. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? This attack requires a victim to perform a specific action, such as copying files or executing a command, and for an attacker with appropriate access to have pre-planted malicious files with knowledge of where they should be placed on the victim's system. According to the CVSS metric, the attack vector is network (AV:N) and the user interaction is required (UI:R). What is the target context of the remote code execution? This attack requires a specially crafted file to be placed either in an online directory or in a local network location. When a victim runs this file, it loads the malicious DLL. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-30399 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| .NET 8.0 installed on Linux | 5061935 (Security Update) | Important | Remote Code Execution | Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
8.0.17 |
Maybe | None | |
| .NET 8.0 installed on Mac OS | 5061935 (Security Update) | Important | Remote Code Execution | Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
8.0.17 |
Maybe | None | |
| .NET 8.0 installed on Windows | 5061935 (Security Update) | Important | Remote Code Execution | Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
8.0.17 |
Maybe | None | |
| .NET 9.0 installed on Linux | 5061936 (Security Update) | Important | Remote Code Execution | Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
9.0.6 |
Maybe | None | |
| .NET 9.0 installed on Mac OS | 5061936 (Security Update) | Important | Remote Code Execution | Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
9.0.6 |
Maybe | None | |
| .NET 9.0 installed on Windows | 5061936 (Security Update) | Important | Remote Code Execution | Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
9.0.6 |
Maybe | None | |
| Microsoft Visual Studio 2022 version 17.10 | Release Notes (Security Update) | Important | Remote Code Execution | Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
17.10.16 |
Maybe | None | |
| Microsoft Visual Studio 2022 version 17.12 | Release Notes (Security Update) | Important | Remote Code Execution | Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
17.12.9 |
Maybe | None | |
| Microsoft Visual Studio 2022 version 17.14 | Release Notes (Security Update) | Important | Remote Code Execution | Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
17.14.5 |
Maybe | None | |
| Microsoft Visual Studio 2022 version 17.8 | Release Notes (Security Update) | Important | Remote Code Execution | Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
17.8.22 |
Maybe | None | |
| CVE ID | Acknowledgements |
| CVE-2025-30399 | jony_juice |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-32710
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Remote Desktop Services Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:8.1/TemporalScore:7.1
Executive Summary: Use after free in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. How could an attacker exploit this vulnerability? An attacker could successfully exploit this vulnerability by attempting to connect to a system with the Remote Desktop Gateway role, triggering the race condition to create a use-after-free scenario, and then leveraging this to execute arbitrary code. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. This CVE was addressed by updates that were released in May 2025, but the CVE was inadvertently omitted from the May 2025 Security Updates. This is an informational change only. Customers who have already installed the May 2025 updates do not need to take any further action. |
Critical | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-32710 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5061198 (Monthly Rollup) 5058429 (Security Only) |
Critical | Remote Code Execution | Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23317 6.0.6003.23279 |
Yes | None | |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5061198 (Monthly Rollup) 5058429 (Security Only) |
Critical | Remote Code Execution | Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23317 6.0.6003.23279 |
Yes | None | |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5061198 (Monthly Rollup) 5058429 (Security Only) |
Critical | Remote Code Execution | Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23317 6.0.6003.23279 |
Yes | None | |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5061198 (Monthly Rollup) 5058429 (Security Only) |
Critical | Remote Code Execution | Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23317 6.0.6003.23279 |
Yes | None | |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5058430 (Monthly Rollup) 5058454 (Security Only) |
Critical | Remote Code Execution | 5055561 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27729 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5058430 (Monthly Rollup) 5058454 (Security Only) |
Critical | Remote Code Execution | 5055561 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27729 |
Yes | None |
| Windows Server 2012 | 5058451 (Monthly Rollup) | Critical | Remote Code Execution | 5055581 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25475 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5058451 (Monthly Rollup) | Critical | Remote Code Execution | 5055581 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25475 |
Yes | None |
| Windows Server 2012 R2 | 5058403 (Monthly Rollup) | Critical | Remote Code Execution | 5055557 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22577 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5058403 (Monthly Rollup) | Critical | Remote Code Execution | 5055557 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22577 |
Yes | None |
| Windows Server 2016 | 5058383 (Security Update) | Critical | Remote Code Execution | 5055521 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8066 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5058383 (Security Update) | Critical | Remote Code Execution | 5055521 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8066 |
Yes | None |
| Windows Server 2019 | 5058392 (Security Update) | Critical | Remote Code Execution | 5055519 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7314 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5058392 (Security Update) | Critical | Remote Code Execution | 5055519 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7314 |
Yes | None |
| Windows Server 2022 | 5058385 (Security Update) 5058500 (SecurityHotpatchUpdate) |
Critical | Remote Code Execution | 5055526 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.3692 10.0.20348.3630 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5058385 (Security Update) 5058500 (SecurityHotpatchUpdate) |
Critical | Remote Code Execution | 5055526 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.3692 10.0.20348.3630 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5058384 (Security Update) | Critical | Remote Code Execution | 5055527 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.1611 |
Yes | None |
| Windows Server 2025 | 5058411 (Security Update) 5058497 (SecurityHotpatchUpdate) |
Critical | Remote Code Execution | 5055523 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4061 10.0.26100.3981 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5058411 (Security Update) 5058497 (SecurityHotpatchUpdate) |
Critical | Remote Code Execution | 5055523 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4061 10.0.26100.3981 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-32710 | ʌ!ɔ⊥ojv with Kunlun Lab SmallerDragon |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-32712
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Win32k Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-32712 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5060998 (Security Update) | Important | Elevation of Privilege | 5058387 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 for x64-based Systems | 5060998 (Security Update) | Important | Elevation of Privilege | 5058387 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5061010 (Security Update) | Important | Elevation of Privilege | 5058383 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5061010 (Security Update) | Important | Elevation of Privilege | 5058383 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5060531 (Security Update) | Important | Elevation of Privilege | 5058392 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5060531 (Security Update) | Important | Elevation of Privilege | 5058392 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 11 Version 22H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Elevation of Privilege | 5058405 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5060999 (Security Update) | Important | Elevation of Privilege | 5058405 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Elevation of Privilege | 5058405 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5060999 (Security Update) | Important | Elevation of Privilege | 5058405 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058411 5058497 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058411 5058497 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Elevation of Privilege | 5058449 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Elevation of Privilege | 5058449 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Elevation of Privilege | 5058449 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Elevation of Privilege | 5058449 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5061078 (Monthly Rollup) 5061036 (Security Only) |
Important | Elevation of Privilege | 5058430 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27769 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5061078 (Monthly Rollup) 5061036 (Security Only) |
Important | Elevation of Privilege | 5058430 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27769 |
Yes | None |
| Windows Server 2012 | 5061059 (Monthly Rollup) | Important | Elevation of Privilege | 5058451 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25522 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5061059 (Monthly Rollup) | Important | Elevation of Privilege | 5058451 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25522 |
Yes | None |
| Windows Server 2012 R2 | 5061018 (Monthly Rollup) | Important | Elevation of Privilege | 5058403 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5061018 (Monthly Rollup) | Important | Elevation of Privilege | 5058403 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2016 | 5061010 (Security Update) | Important | Elevation of Privilege | 5058383 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5061010 (Security Update) | Important | Elevation of Privilege | 5058383 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2019 | 5060531 (Security Update) | Important | Elevation of Privilege | 5058392 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5060531 (Security Update) | Important | Elevation of Privilege | 5058392 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2022 | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058385 5058500 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058385 5058500 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5060118 (Security Update) | Important | Elevation of Privilege | 5058384 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.1665 |
Yes | None |
| Windows Server 2025 | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058411 5058497 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058411 5058497 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-32712 | Anonymous |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-32713
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation More Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-32713 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5060998 (Security Update) | Important | Elevation of Privilege | 5058387 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 for x64-based Systems | 5060998 (Security Update) | Important | Elevation of Privilege | 5058387 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5061010 (Security Update) | Important | Elevation of Privilege | 5058383 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5061010 (Security Update) | Important | Elevation of Privilege | 5058383 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5060531 (Security Update) | Important | Elevation of Privilege | 5058392 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5060531 (Security Update) | Important | Elevation of Privilege | 5058392 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 11 Version 22H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Elevation of Privilege | 5058405 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5060999 (Security Update) | Important | Elevation of Privilege | 5058405 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Elevation of Privilege | 5058405 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5060999 (Security Update) | Important | Elevation of Privilege | 5058405 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058411 5058497 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058411 5058497 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Elevation of Privilege | 5058449 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Elevation of Privilege | 5058449 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Elevation of Privilege | 5058449 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Elevation of Privilege | 5058449 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5061078 (Monthly Rollup) 5061036 (Security Only) |
Important | Elevation of Privilege | 5058430 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27769 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5061078 (Monthly Rollup) 5061036 (Security Only) |
Important | Elevation of Privilege | 5058430 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27769 |
Yes | None |
| Windows Server 2012 | 5061059 (Monthly Rollup) | Important | Elevation of Privilege | 5058451 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25522 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5061059 (Monthly Rollup) | Important | Elevation of Privilege | 5058451 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25522 |
Yes | None |
| Windows Server 2012 R2 | 5061018 (Monthly Rollup) | Important | Elevation of Privilege | 5058403 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5061018 (Monthly Rollup) | Important | Elevation of Privilege | 5058403 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2016 | 5061010 (Security Update) | Important | Elevation of Privilege | 5058383 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5061010 (Security Update) | Important | Elevation of Privilege | 5058383 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2019 | 5060531 (Security Update) | Important | Elevation of Privilege | 5058392 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5060531 (Security Update) | Important | Elevation of Privilege | 5058392 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2022 | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058385 5058500 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058385 5058500 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5060118 (Security Update) | Important | Elevation of Privilege | 5058384 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.1665 |
Yes | None |
| Windows Server 2025 | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058411 5058497 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058411 5058497 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-32713 | Seunghoe Kim with S2W Inc. |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-32714
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Installer Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Improper access control in Windows Installer allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation More Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-32714 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5060998 (Security Update) | Important | Elevation of Privilege | 5058387 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 for x64-based Systems | 5060998 (Security Update) | Important | Elevation of Privilege | 5058387 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5061010 (Security Update) | Important | Elevation of Privilege | 5058383 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5061010 (Security Update) | Important | Elevation of Privilege | 5058383 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5060531 (Security Update) | Important | Elevation of Privilege | 5058392 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5060531 (Security Update) | Important | Elevation of Privilege | 5058392 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 11 Version 22H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Elevation of Privilege | 5058405 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5060999 (Security Update) | Important | Elevation of Privilege | 5058405 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Elevation of Privilege | 5058405 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5060999 (Security Update) | Important | Elevation of Privilege | 5058405 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058411 5058497 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058411 5058497 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Elevation of Privilege | 5058449 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Elevation of Privilege | 5058449 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Elevation of Privilege | 5058449 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Elevation of Privilege | 5058449 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5061078 (Monthly Rollup) 5061036 (Security Only) |
Important | Elevation of Privilege | 5058430 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27769 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5061078 (Monthly Rollup) 5061036 (Security Only) |
Important | Elevation of Privilege | 5058430 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27769 |
Yes | None |
| Windows Server 2012 | 5061059 (Monthly Rollup) | Important | Elevation of Privilege | 5058451 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25522 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5061059 (Monthly Rollup) | Important | Elevation of Privilege | 5058451 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25522 |
Yes | None |
| Windows Server 2012 R2 | 5061018 (Monthly Rollup) | Important | Elevation of Privilege | 5058403 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5061018 (Monthly Rollup) | Important | Elevation of Privilege | 5058403 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2016 | 5061010 (Security Update) | Important | Elevation of Privilege | 5058383 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5061010 (Security Update) | Important | Elevation of Privilege | 5058383 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2019 | 5060531 (Security Update) | Important | Elevation of Privilege | 5058392 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5060531 (Security Update) | Important | Elevation of Privilege | 5058392 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2022 | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058385 5058500 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058385 5058500 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5060118 (Security Update) | Important | Elevation of Privilege | 5058384 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.1665 |
Yes | None |
| Windows Server 2025 | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058411 5058497 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058411 5058497 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-32714 | Simon Zuckerbraun of Trend Zero Day Initiative |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-32715
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Remote Desktop Protocol Client Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:6.5/TemporalScore:5.7
Executive Summary: Out-of-bounds read in Remote Desktop Client allows an unauthorized attacker to disclose information over a network. FAQ: What type of information could be disclosed by this vulnerability? An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability? An unauthorized attacker must wait for a user to initiate a connection. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-32715 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Remote Desktop client for Windows Desktop | Release Notes (Security Update) | Important | Information Disclosure | Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
1.2.6278.0 |
Maybe | None | |
| Windows 10 for 32-bit Systems | 5060998 (Security Update) | Important | Information Disclosure | 5058387 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 for x64-based Systems | 5060998 (Security Update) | Important | Information Disclosure | 5058387 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 11 Version 22H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows App Client for Windows Desktop | Release Notes (Security Update) | Important | Information Disclosure | Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
2.0.505.0 |
Maybe | None | |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5061078 (Monthly Rollup) 5061036 (Security Only) |
Important | Information Disclosure | 5058430 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.1.7601.27769 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5061078 (Monthly Rollup) 5061036 (Security Only) |
Important | Information Disclosure | 5058430 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.1.7601.27769 |
Yes | None |
| Windows Server 2012 | 5061059 (Monthly Rollup) | Important | Information Disclosure | 5058451 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.2.9200.25522 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5061059 (Monthly Rollup) | Important | Information Disclosure | 5058451 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.2.9200.25522 |
Yes | None |
| Windows Server 2012 R2 | 5061018 (Monthly Rollup) | Important | Information Disclosure | 5058403 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5061018 (Monthly Rollup) | Important | Information Disclosure | 5058403 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2016 | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2019 | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2022 | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058385 5058500 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058385 5058500 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5060118 (Security Update) | Important | Information Disclosure | 5058384 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.1665 |
Yes | None |
| Windows Server 2025 | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-32715 | Fraunhofer FKIE CA&D |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-32716
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Media Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Out-of-bounds read in Windows Media allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-32716 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5060998 (Security Update) | Important | Elevation of Privilege | 5058387 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 for x64-based Systems | 5060998 (Security Update) | Important | Elevation of Privilege | 5058387 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5061010 (Security Update) | Important | Elevation of Privilege | 5058383 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5061010 (Security Update) | Important | Elevation of Privilege | 5058383 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5060531 (Security Update) | Important | Elevation of Privilege | 5058392 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5060531 (Security Update) | Important | Elevation of Privilege | 5058392 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 11 Version 22H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Elevation of Privilege | 5058405 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5060999 (Security Update) | Important | Elevation of Privilege | 5058405 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Elevation of Privilege | 5058405 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5060999 (Security Update) | Important | Elevation of Privilege | 5058405 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Elevation of Privilege | 5058449 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Elevation of Privilege | 5058449 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Elevation of Privilege | 5058449 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Elevation of Privilege | 5058449 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5061078 (Monthly Rollup) 5061036 (Security Only) |
Important | Elevation of Privilege | 5058430 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27769 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5061078 (Monthly Rollup) 5061036 (Security Only) |
Important | Elevation of Privilege | 5058430 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27769 |
Yes | None |
| Windows Server 2012 | 5061059 (Monthly Rollup) | Important | Elevation of Privilege | 5058451 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25522 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5061059 (Monthly Rollup) | Important | Elevation of Privilege | 5058451 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25522 |
Yes | None |
| Windows Server 2012 R2 | 5061018 (Monthly Rollup) | Important | Elevation of Privilege | 5058403 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5061018 (Monthly Rollup) | Important | Elevation of Privilege | 5058403 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2016 | 5061010 (Security Update) | Important | Elevation of Privilege | 5058383 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5061010 (Security Update) | Important | Elevation of Privilege | 5058383 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2019 | 5060531 (Security Update) | Important | Elevation of Privilege | 5058392 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5060531 (Security Update) | Important | Elevation of Privilege | 5058392 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2022 | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058385 5058500 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058385 5058500 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5060118 (Security Update) | Important | Elevation of Privilege | 5058384 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.1665 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-32716 | Anonymous |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-32718
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows SMB Client Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Integer overflow or wraparound in Windows SMB allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-32718 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5060998 (Security Update) | Important | Elevation of Privilege | 5058387 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 for x64-based Systems | 5060998 (Security Update) | Important | Elevation of Privilege | 5058387 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5061010 (Security Update) | Important | Elevation of Privilege | 5058383 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5061010 (Security Update) | Important | Elevation of Privilege | 5058383 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5060531 (Security Update) | Important | Elevation of Privilege | 5058392 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5060531 (Security Update) | Important | Elevation of Privilege | 5058392 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 11 Version 22H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Elevation of Privilege | 5058405 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5060999 (Security Update) | Important | Elevation of Privilege | 5058405 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Elevation of Privilege | 5058405 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5060999 (Security Update) | Important | Elevation of Privilege | 5058405 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058411 5058497 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058411 5058497 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2012 | 5061059 (Monthly Rollup) | Important | Elevation of Privilege | 5058451 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25522 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5061059 (Monthly Rollup) | Important | Elevation of Privilege | 5058451 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25522 |
Yes | None |
| Windows Server 2012 R2 | 5061018 (Monthly Rollup) | Important | Elevation of Privilege | 5058403 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5061018 (Monthly Rollup) | Important | Elevation of Privilege | 5058403 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2016 | 5061010 (Security Update) | Important | Elevation of Privilege | 5058383 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5061010 (Security Update) | Important | Elevation of Privilege | 5058383 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2019 | 5060531 (Security Update) | Important | Elevation of Privilege | 5058392 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5060531 (Security Update) | Important | Elevation of Privilege | 5058392 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2022 | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058385 5058500 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058385 5058500 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5060118 (Security Update) | Important | Elevation of Privilege | 5058384 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.1665 |
Yes | None |
| Windows Server 2025 | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058411 5058497 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058411 5058497 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-32718 | Genghis Karimov with Microsoft High-Availability Storage Group |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-32719
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Storage Management Provider Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Executive Summary: Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-32719 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5060998 (Security Update) | Important | Information Disclosure | 5058387 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 for x64-based Systems | 5060998 (Security Update) | Important | Information Disclosure | 5058387 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 11 Version 22H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2016 | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2019 | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2022 | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058385 5058500 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058385 5058500 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5060118 (Security Update) | Important | Information Disclosure | 5058384 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.1665 |
Yes | None |
| Windows Server 2025 | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-32719 | insu with Theori |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-32720
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Storage Management Provider Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Executive Summary: Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-32720 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5060998 (Security Update) | Important | Information Disclosure | 5058387 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 for x64-based Systems | 5060998 (Security Update) | Important | Information Disclosure | 5058387 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 11 Version 22H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2012 R2 | 5061018 (Monthly Rollup) | Important | Information Disclosure | 5058403 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5061018 (Monthly Rollup) | Important | Information Disclosure | 5058403 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2016 | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2019 | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2022 | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058385 5058500 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058385 5058500 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5060118 (Security Update) | Important | Information Disclosure | 5058384 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.1665 |
Yes | None |
| Windows Server 2025 | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-32720 | insu with Theori |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-32721
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Recovery Driver Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.3/TemporalScore:6.4
Executive Summary: Improper link resolution before file access ('link following') in Windows Recovery Driver allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could gain administrator privileges. According to the CVSS metric, user interaction is required (UI:R) and privileges required is low (PR:L). What does that mean for this vulnerability? An authorized attacker must send the user a malicious link and convince the user to open it. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-32721 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5060998 (Security Update) | Important | Elevation of Privilege | 5058387 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 for x64-based Systems | 5060998 (Security Update) | Important | Elevation of Privilege | 5058387 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5061010 (Security Update) | Important | Elevation of Privilege | 5058383 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5061010 (Security Update) | Important | Elevation of Privilege | 5058383 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5060531 (Security Update) | Important | Elevation of Privilege | 5058392 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5060531 (Security Update) | Important | Elevation of Privilege | 5058392 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 11 Version 22H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Elevation of Privilege | 5058405 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5060999 (Security Update) | Important | Elevation of Privilege | 5058405 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Elevation of Privilege | 5058405 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5060999 (Security Update) | Important | Elevation of Privilege | 5058405 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058411 5058497 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058411 5058497 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2016 | 5061010 (Security Update) | Important | Elevation of Privilege | 5058383 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5061010 (Security Update) | Important | Elevation of Privilege | 5058383 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2019 | 5060531 (Security Update) | Important | Elevation of Privilege | 5058392 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5060531 (Security Update) | Important | Elevation of Privilege | 5058392 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2022 | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058385 5058500 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058385 5058500 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5060118 (Security Update) | Important | Elevation of Privilege | 5058384 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.1665 |
Yes | None |
| Windows Server 2025 | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058411 5058497 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058411 5058497 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-32721 | BochengXiang(@Crispr) with FDU |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-32722
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Storage Port Driver Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Executive Summary: Improper access control in Windows Storage Port Driver allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? Exploiting this vulnerability could allow the disclosure of certain memory address within kernel space. Knowing the exact location of kernel memory could be potentially leveraged by an attacker for other malicious activities. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-32722 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5060998 (Security Update) | Important | Information Disclosure | 5058387 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 for x64-based Systems | 5060998 (Security Update) | Important | Information Disclosure | 5058387 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 11 Version 22H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2012 | 5061059 (Monthly Rollup) | Important | Information Disclosure | 5058451 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.2.9200.25522 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5061059 (Monthly Rollup) | Important | Information Disclosure | 5058451 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.2.9200.25522 |
Yes | None |
| Windows Server 2012 R2 | 5061018 (Monthly Rollup) | Important | Information Disclosure | 5058403 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5061018 (Monthly Rollup) | Important | Information Disclosure | 5058403 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2016 | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2019 | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2022 | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058385 5058500 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058385 5058500 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5060118 (Security Update) | Important | Information Disclosure | 5058384 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.1665 |
Yes | None |
| Windows Server 2025 | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-32722 | Angelboy (@scwuaptx) with DEVCORE |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-32724
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Executive Summary: Uncontrolled resource consumption in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network. FAQ: None Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Denial of Service | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-32724 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5060998 (Security Update) | Important | Denial of Service | 5058387 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 for x64-based Systems | 5060998 (Security Update) | Important | Denial of Service | 5058387 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5061010 (Security Update) | Important | Denial of Service | 5058383 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5061010 (Security Update) | Important | Denial of Service | 5058383 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5060531 (Security Update) | Important | Denial of Service | 5058392 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5060531 (Security Update) | Important | Denial of Service | 5058392 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5060533 (Security Update) | Important | Denial of Service | 5058379 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Denial of Service | 5058379 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5060533 (Security Update) | Important | Denial of Service | 5058379 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5060533 (Security Update) | Important | Denial of Service | 5058379 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Denial of Service | 5058379 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5060533 (Security Update) | Important | Denial of Service | 5058379 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 11 Version 22H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Denial of Service | 5058405 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5060999 (Security Update) | Important | Denial of Service | 5058405 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Denial of Service | 5058405 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5060999 (Security Update) | Important | Denial of Service | 5058405 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Denial of Service | 5058411 5058497 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Denial of Service | 5058411 5058497 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Denial of Service | 5058449 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Denial of Service | 5058449 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Denial of Service | 5058449 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Denial of Service | 5058449 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5061078 (Monthly Rollup) 5061036 (Security Only) |
Important | Denial of Service | 5058430 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.1.7601.27769 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5061078 (Monthly Rollup) 5061036 (Security Only) |
Important | Denial of Service | 5058430 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.1.7601.27769 |
Yes | None |
| Windows Server 2012 | 5061059 (Monthly Rollup) | Important | Denial of Service | 5058451 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.2.9200.25522 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5061059 (Monthly Rollup) | Important | Denial of Service | 5058451 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.2.9200.25522 |
Yes | None |
| Windows Server 2012 R2 | 5061018 (Monthly Rollup) | Important | Denial of Service | 5058403 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5061018 (Monthly Rollup) | Important | Denial of Service | 5058403 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2016 | 5061010 (Security Update) | Important | Denial of Service | 5058383 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5061010 (Security Update) | Important | Denial of Service | 5058383 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2019 | 5060531 (Security Update) | Important | Denial of Service | 5058392 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5060531 (Security Update) | Important | Denial of Service | 5058392 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2022 | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Denial of Service | 5058385 5058500 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Denial of Service | 5058385 5058500 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5060118 (Security Update) | Important | Denial of Service | 5058384 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.25398.1665 |
Yes | None |
| Windows Server 2025 | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Denial of Service | 5058411 5058497 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Denial of Service | 5058411 5058497 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-32724 | Or Yair with SafeBreach Shahak Morag with SafeBreach |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-33058
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Storage Management Provider Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Executive Summary: Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-33058 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5060998 (Security Update) | Important | Information Disclosure | 5058387 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 for x64-based Systems | 5060998 (Security Update) | Important | Information Disclosure | 5058387 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 11 Version 22H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2016 | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2019 | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2022 | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058385 5058500 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058385 5058500 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5060118 (Security Update) | Important | Information Disclosure | 5058384 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.1665 |
Yes | None |
| Windows Server 2025 | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-33058 | insu with Theori |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-33059
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Storage Management Provider Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Executive Summary: Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-33059 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5060998 (Security Update) | Important | Information Disclosure | 5058387 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 for x64-based Systems | 5060998 (Security Update) | Important | Information Disclosure | 5058387 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 11 Version 22H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2016 | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2019 | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2022 | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058385 5058500 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058385 5058500 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5060118 (Security Update) | Important | Information Disclosure | 5058384 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.1665 |
Yes | None |
| Windows Server 2025 | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-33059 | insu with Theori |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-33060
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Storage Management Provider Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Executive Summary: Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-33060 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5060998 (Security Update) | Important | Information Disclosure | 5058387 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 for x64-based Systems | 5060998 (Security Update) | Important | Information Disclosure | 5058387 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 11 Version 22H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2012 R2 | 5061018 (Monthly Rollup) | Important | Information Disclosure | 5058403 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5061018 (Monthly Rollup) | Important | Information Disclosure | 5058403 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2016 | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2019 | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2022 | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058385 5058500 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058385 5058500 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5060118 (Security Update) | Important | Information Disclosure | 5058384 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.1665 |
Yes | None |
| Windows Server 2025 | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-33060 | insu with Theori |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-33061
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Storage Management Provider Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Executive Summary: Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-33061 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 11 Version 22H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2016 | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2019 | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2022 | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058385 5058500 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058385 5058500 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5060118 (Security Update) | Important | Information Disclosure | 5058384 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.1665 |
Yes | None |
| Windows Server 2025 | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-33061 | insu with Theori |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-33062
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Storage Management Provider Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Executive Summary: Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-33062 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 11 Version 22H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2016 | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2019 | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2022 | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058385 5058500 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058385 5058500 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5060118 (Security Update) | Important | Information Disclosure | 5058384 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.1665 |
Yes | None |
| Windows Server 2025 | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-33062 | insu with Theori |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-33063
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Storage Management Provider Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Executive Summary: Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-33063 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1809 for 32-bit Systems | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 11 Version 22H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2019 | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2022 | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058385 5058500 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058385 5058500 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5060118 (Security Update) | Important | Information Disclosure | 5058384 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.1665 |
Yes | None |
| Windows Server 2025 | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-33063 | insu with Theori |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-33064
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Executive Summary: Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. FAQ: How could an attacker exploit this vulnerability? An authenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could lead to remote code execution (RCE) on the RAS server machine. According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability? Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-33064 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5060998 (Security Update) | Important | Remote Code Execution | 5058387 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 for x64-based Systems | 5060998 (Security Update) | Important | Remote Code Execution | 5058387 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5061010 (Security Update) | Important | Remote Code Execution | 5058383 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5061010 (Security Update) | Important | Remote Code Execution | 5058383 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5060531 (Security Update) | Important | Remote Code Execution | 5058392 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5060531 (Security Update) | Important | Remote Code Execution | 5058392 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5060533 (Security Update) | Important | Remote Code Execution | 5058379 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Remote Code Execution | 5058379 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5060533 (Security Update) | Important | Remote Code Execution | 5058379 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5060533 (Security Update) | Important | Remote Code Execution | 5058379 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Remote Code Execution | 5058379 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5060533 (Security Update) | Important | Remote Code Execution | 5058379 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 11 Version 22H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Remote Code Execution | 5058405 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5060999 (Security Update) | Important | Remote Code Execution | 5058405 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Remote Code Execution | 5058405 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5060999 (Security Update) | Important | Remote Code Execution | 5058405 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Remote Code Execution | 5058411 5058497 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Remote Code Execution | 5058411 5058497 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Remote Code Execution | 5058449 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Remote Code Execution | 5058449 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Remote Code Execution | 5058449 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Remote Code Execution | 5058449 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5061078 (Monthly Rollup) 5061036 (Security Only) |
Important | Remote Code Execution | 5058430 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27769 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5061078 (Monthly Rollup) 5061036 (Security Only) |
Important | Remote Code Execution | 5058430 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27769 |
Yes | None |
| Windows Server 2012 | 5061059 (Monthly Rollup) | Important | Remote Code Execution | 5058451 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25522 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5061059 (Monthly Rollup) | Important | Remote Code Execution | 5058451 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25522 |
Yes | None |
| Windows Server 2012 R2 | 5061018 (Monthly Rollup) | Important | Remote Code Execution | 5058403 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5061018 (Monthly Rollup) | Important | Remote Code Execution | 5058403 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2016 | 5061010 (Security Update) | Important | Remote Code Execution | 5058383 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5061010 (Security Update) | Important | Remote Code Execution | 5058383 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2019 | 5060531 (Security Update) | Important | Remote Code Execution | 5058392 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5060531 (Security Update) | Important | Remote Code Execution | 5058392 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2022 | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Remote Code Execution | 5058385 5058500 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Remote Code Execution | 5058385 5058500 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5060118 (Security Update) | Important | Remote Code Execution | 5058384 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.1665 |
Yes | None |
| Windows Server 2025 | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Remote Code Execution | 5058411 5058497 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Remote Code Execution | 5058411 5058497 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-33064 | Anonymous with Codesafe Team of Legendsec at QI-ANXIN Group |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-33065
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Storage Management Provider Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Executive Summary: Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-33065 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5060998 (Security Update) | Important | Information Disclosure | 5058387 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 for x64-based Systems | 5060998 (Security Update) | Important | Information Disclosure | 5058387 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 11 Version 22H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2016 | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2019 | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2022 | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058385 5058500 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058385 5058500 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5060118 (Security Update) | Important | Information Disclosure | 5058384 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.1665 |
Yes | None |
| Windows Server 2025 | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-33065 | insu with Theori |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-33066
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Executive Summary: Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. FAQ: According to the CVSS metric, the attack vector is network (AV:N) and the user interaction is required (UI:R). What is the target context of the remote code execution? This attack requires a client to connect to a malicious server, and that could allow the attacker to gain code execution on the client. How could an attacker exploit this vulnerability? An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could lead to remote code execution (RCE) on the RAS server machine. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-33066 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5060998 (Security Update) | Important | Remote Code Execution | 5058387 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 for x64-based Systems | 5060998 (Security Update) | Important | Remote Code Execution | 5058387 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5061010 (Security Update) | Important | Remote Code Execution | 5058383 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5061010 (Security Update) | Important | Remote Code Execution | 5058383 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5060531 (Security Update) | Important | Remote Code Execution | 5058392 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5060531 (Security Update) | Important | Remote Code Execution | 5058392 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5060533 (Security Update) | Important | Remote Code Execution | 5058379 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Remote Code Execution | 5058379 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5060533 (Security Update) | Important | Remote Code Execution | 5058379 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5060533 (Security Update) | Important | Remote Code Execution | 5058379 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Remote Code Execution | 5058379 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5060533 (Security Update) | Important | Remote Code Execution | 5058379 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 11 Version 22H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Remote Code Execution | 5058405 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5060999 (Security Update) | Important | Remote Code Execution | 5058405 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Remote Code Execution | 5058405 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5060999 (Security Update) | Important | Remote Code Execution | 5058405 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Remote Code Execution | 5058411 5058497 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Remote Code Execution | 5058411 5058497 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Remote Code Execution | 5058449 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Remote Code Execution | 5058449 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Remote Code Execution | 5058449 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Remote Code Execution | 5058449 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5061078 (Monthly Rollup) 5061036 (Security Only) |
Important | Remote Code Execution | 5058430 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27769 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5061078 (Monthly Rollup) 5061036 (Security Only) |
Important | Remote Code Execution | 5058430 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27769 |
Yes | None |
| Windows Server 2012 | 5061059 (Monthly Rollup) | Important | Remote Code Execution | 5058451 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25522 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5061059 (Monthly Rollup) | Important | Remote Code Execution | 5058451 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25522 |
Yes | None |
| Windows Server 2012 R2 | 5061018 (Monthly Rollup) | Important | Remote Code Execution | 5058403 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5061018 (Monthly Rollup) | Important | Remote Code Execution | 5058403 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2016 | 5061010 (Security Update) | Important | Remote Code Execution | 5058383 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5061010 (Security Update) | Important | Remote Code Execution | 5058383 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2019 | 5060531 (Security Update) | Important | Remote Code Execution | 5058392 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5060531 (Security Update) | Important | Remote Code Execution | 5058392 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2022 | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Remote Code Execution | 5058385 5058500 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Remote Code Execution | 5058385 5058500 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5060118 (Security Update) | Important | Remote Code Execution | 5058384 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.1665 |
Yes | None |
| Windows Server 2025 | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Remote Code Execution | 5058411 5058497 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Remote Code Execution | 5058411 5058497 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-33066 | Anonymous with Codesafe Team of Legendsec at QI-ANXIN Group |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-33067
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Task Scheduler Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:8.4/TemporalScore:7.3
Executive Summary: Improper privilege management in Windows Kernel allows an unauthorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. How could an attacker exploit this vulnerability? An attacker could exploit this vulnerability by capitalizing on the permissions handling flaw in the task scheduler that allows them, without privileges, to interact with certain scheduled tasks under specific conditions. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-33067 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5060998 (Security Update) | Important | Elevation of Privilege | 5058387 |
Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 for x64-based Systems | 5060998 (Security Update) | Important | Elevation of Privilege | 5058387 |
Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5061010 (Security Update) | Important | Elevation of Privilege | 5058383 |
Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5061010 (Security Update) | Important | Elevation of Privilege | 5058383 |
Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5060531 (Security Update) | Important | Elevation of Privilege | 5058392 |
Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5060531 (Security Update) | Important | Elevation of Privilege | 5058392 |
Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 11 Version 22H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Elevation of Privilege | 5058405 |
Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5060999 (Security Update) | Important | Elevation of Privilege | 5058405 |
Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Elevation of Privilege | 5058405 |
Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5060999 (Security Update) | Important | Elevation of Privilege | 5058405 |
Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058411 5058497 |
Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058411 5058497 |
Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2016 | 5061010 (Security Update) | Important | Elevation of Privilege | 5058383 |
Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5061010 (Security Update) | Important | Elevation of Privilege | 5058383 |
Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2019 | 5060531 (Security Update) | Important | Elevation of Privilege | 5058392 |
Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5060531 (Security Update) | Important | Elevation of Privilege | 5058392 |
Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2022 | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058385 5058500 |
Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058385 5058500 |
Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5060118 (Security Update) | Important | Elevation of Privilege | 5058384 |
Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.1665 |
Yes | None |
| Windows Server 2025 | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058411 5058497 |
Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058411 5058497 |
Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-33067 | Alexander Pudwill |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-33075
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Installer Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-33075 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5060998 (Security Update) | Important | Elevation of Privilege | 5058387 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 for x64-based Systems | 5060998 (Security Update) | Important | Elevation of Privilege | 5058387 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5061010 (Security Update) | Important | Elevation of Privilege | 5058383 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5061010 (Security Update) | Important | Elevation of Privilege | 5058383 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5060531 (Security Update) | Important | Elevation of Privilege | 5058392 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5060531 (Security Update) | Important | Elevation of Privilege | 5058392 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 11 Version 22H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Elevation of Privilege | 5058405 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5060999 (Security Update) | Important | Elevation of Privilege | 5058405 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Elevation of Privilege | 5058405 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5060999 (Security Update) | Important | Elevation of Privilege | 5058405 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058411 5058497 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058411 5058497 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Elevation of Privilege | 5058449 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Elevation of Privilege | 5058449 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Elevation of Privilege | 5058449 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Elevation of Privilege | 5058449 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5061078 (Monthly Rollup) 5061036 (Security Only) |
Important | Elevation of Privilege | 5058430 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27769 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5061078 (Monthly Rollup) 5061036 (Security Only) |
Important | Elevation of Privilege | 5058430 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27769 |
Yes | None |
| Windows Server 2012 | 5061059 (Monthly Rollup) | Important | Elevation of Privilege | 5058451 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25522 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5061059 (Monthly Rollup) | Important | Elevation of Privilege | 5058451 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25522 |
Yes | None |
| Windows Server 2012 R2 | 5061018 (Monthly Rollup) | Important | Elevation of Privilege | 5058403 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5061018 (Monthly Rollup) | Important | Elevation of Privilege | 5058403 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2016 | 5061010 (Security Update) | Important | Elevation of Privilege | 5058383 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5061010 (Security Update) | Important | Elevation of Privilege | 5058383 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2019 | 5060531 (Security Update) | Important | Elevation of Privilege | 5058392 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5060531 (Security Update) | Important | Elevation of Privilege | 5058392 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2022 | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058385 5058500 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058385 5058500 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5060118 (Security Update) | Important | Elevation of Privilege | 5058384 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.1665 |
Yes | None |
| Windows Server 2025 | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058411 5058497 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058411 5058497 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-33075 | Simon Zuckerbraun of Trend Zero Day Initiative |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-47160
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Shortcut Files Security Feature Bypass Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.4/TemporalScore:4.7
Executive Summary: Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network. FAQ: According to the CVSS metrics, successful exploitation of this vulnerability could lead to no loss of confidentiality (C:N), with minor loss of integrity (I:L) and availability (A:L). What does that mean for this vulnerability? While we cannot rule out the impact to Confidentiality, Integrity, and Availability, the ability to exploit this vulnerability by itself is limited. An attacker would need to combine this with other vulnerabilities to perform an attack. How could an attacker exploit the vulnerability? In an email or instant message attack scenario, the attacker could send the targeted user a specially crafted file that is designed to exploit the vulnerability. In any case an attacker would have no way to force a user to view attacker-controlled content. Instead, an attacker would have to convince a user to take action. For example, an attacker could entice a user to either click a link that directs the user to the attacker's site or send a malicious attachment. According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of integrity (I:L) and some loss of availability (A:L). What does that mean for this vulnerability? An attacker can craft a malicious file that would evade Mark of the Web (MOTW) defenses, resulting in a limited loss of integrity and availability of security features such as SmartScreen Application Reputation security check and/or the legacy Windows Attachment Services security prompt. How could an attacker exploit the vulnerability? To exploit this vulnerability, an attacker could host a file on an attacker-controlled server, then convince a targeted user to download and open the file. This could allow the attacker to interfere with the Mark of the Web functionality. Please see Additional information about Mark of the Web for further clarification Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Security Feature Bypass | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-47160 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5060998 (Security Update) | Important | Security Feature Bypass | 5058387 |
Base: 5.4 Temporal: 4.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 for x64-based Systems | 5060998 (Security Update) | Important | Security Feature Bypass | 5058387 |
Base: 5.4 Temporal: 4.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5061010 (Security Update) | Important | Security Feature Bypass | 5058383 |
Base: 5.4 Temporal: 4.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5061010 (Security Update) | Important | Security Feature Bypass | 5058383 |
Base: 5.4 Temporal: 4.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5060531 (Security Update) | Important | Security Feature Bypass | 5058392 |
Base: 5.4 Temporal: 4.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5060531 (Security Update) | Important | Security Feature Bypass | 5058392 |
Base: 5.4 Temporal: 4.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5060533 (Security Update) | Important | Security Feature Bypass | 5058379 |
Base: 5.4 Temporal: 4.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Security Feature Bypass | 5058379 |
Base: 5.4 Temporal: 4.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5060533 (Security Update) | Important | Security Feature Bypass | 5058379 |
Base: 5.4 Temporal: 4.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5060533 (Security Update) | Important | Security Feature Bypass | 5058379 |
Base: 5.4 Temporal: 4.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Security Feature Bypass | 5058379 |
Base: 5.4 Temporal: 4.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5060533 (Security Update) | Important | Security Feature Bypass | 5058379 |
Base: 5.4 Temporal: 4.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 11 Version 22H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Security Feature Bypass | 5058405 |
Base: 5.4 Temporal: 4.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5060999 (Security Update) | Important | Security Feature Bypass | 5058405 |
Base: 5.4 Temporal: 4.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Security Feature Bypass | 5058405 |
Base: 5.4 Temporal: 4.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5060999 (Security Update) | Important | Security Feature Bypass | 5058405 |
Base: 5.4 Temporal: 4.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Security Feature Bypass | 5058411 5058497 |
Base: 5.4 Temporal: 4.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Security Feature Bypass | 5058411 5058497 |
Base: 5.4 Temporal: 4.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2012 | 5061059 (Monthly Rollup) | Important | Security Feature Bypass | 5058451 |
Base: 5.4 Temporal: 4.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C |
6.2.9200.25522 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5061059 (Monthly Rollup) | Important | Security Feature Bypass | 5058451 |
Base: 5.4 Temporal: 4.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C |
6.2.9200.25522 |
Yes | None |
| Windows Server 2012 R2 | 5061018 (Monthly Rollup) | Important | Security Feature Bypass | 5058403 |
Base: 5.4 Temporal: 4.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5061018 (Monthly Rollup) | Important | Security Feature Bypass | 5058403 |
Base: 5.4 Temporal: 4.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2016 | 5061010 (Security Update) | Important | Security Feature Bypass | 5058383 |
Base: 5.4 Temporal: 4.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5061010 (Security Update) | Important | Security Feature Bypass | 5058383 |
Base: 5.4 Temporal: 4.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2019 | 5060531 (Security Update) | Important | Security Feature Bypass | 5058392 |
Base: 5.4 Temporal: 4.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5060531 (Security Update) | Important | Security Feature Bypass | 5058392 |
Base: 5.4 Temporal: 4.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2022 | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Security Feature Bypass | 5058385 5058500 |
Base: 5.4 Temporal: 4.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Security Feature Bypass | 5058385 5058500 |
Base: 5.4 Temporal: 4.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5060118 (Security Update) | Important | Security Feature Bypass | 5058384 |
Base: 5.4 Temporal: 4.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C |
10.0.25398.1665 |
Yes | None |
| Windows Server 2025 | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Security Feature Bypass | 5058411 5058497 |
Base: 5.4 Temporal: 4.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Security Feature Bypass | 5058411 5058497 |
Base: 5.4 Temporal: 4.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-47160 |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-47162
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Office Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:8.4/TemporalScore:7.3
Executive Summary: Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability. Are the updates for the Microsoft 365 for Office currently available? The security update for Microsoft 365 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information. Is the Preview Pane an attack vector for this vulnerability? Yes, the Preview Pane is an attack vector. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Critical | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation More Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-47162 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft 365 Apps for Enterprise for 32-bit Systems | Critical | Remote Code Execution | None | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Unknown | Unknown | None | |
| Microsoft 365 Apps for Enterprise for 64-bit Systems | Critical | Remote Code Execution | None | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Unknown | Unknown | None | |
| Microsoft Office 2016 (32-bit edition) | 5002730 (Security Update) | Critical | Remote Code Execution | 5002711 |
Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5504.1000 |
Maybe | None |
| Microsoft Office 2016 (64-bit edition) | 5002730 (Security Update) | Critical | Remote Code Execution | 5002711 |
Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5504.1000 |
Maybe | None |
| Microsoft Office 2019 for 32-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office 2019 for 64-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office for Android | Release Notes (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.18925.20000 |
Maybe | None | |
| Microsoft Office LTSC 2021 for 32-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2021 for 64-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 32-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 64-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC for Mac 2021 | Release Notes (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.98.25060824 |
Maybe | None | |
| Microsoft Office LTSC for Mac 2024 | Release Notes (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.98.25060824 |
Maybe | None | |
| CVE ID | Acknowledgements |
| CVE-2025-47162 | 0x140ce |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-47953
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Office Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:8.4/TemporalScore:7.3
Executive Summary: Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. FAQ: Are the updates for the Microsoft 365 for Office currently available? The security update for Microsoft 365 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information. Is the Preview Pane an attack vector for this vulnerability? Yes, the Preview Pane is an attack vector. According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Critical | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-47953 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft 365 Apps for Enterprise for 32-bit Systems | Critical | Remote Code Execution | None | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Unknown | Unknown | None | |
| Microsoft 365 Apps for Enterprise for 64-bit Systems | Critical | Remote Code Execution | None | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Unknown | Unknown | None | |
| Microsoft Office 2016 (32-bit edition) | 5002730 (Security Update) | Critical | Remote Code Execution | 5002711 |
Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5504.1000 |
Maybe | None |
| Microsoft Office 2016 (64-bit edition) | 5002730 (Security Update) | Critical | Remote Code Execution | 5002711 |
Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5504.1000 |
Maybe | None |
| Microsoft Office 2019 for 32-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office 2019 for 64-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office for Android | Release Notes (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.18925.20000 |
Maybe | None | |
| Microsoft Office LTSC 2021 for 32-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2021 for 64-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 32-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 64-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC for Mac 2021 | Release Notes (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.98.25060824 |
Maybe | None | |
| Microsoft Office LTSC for Mac 2024 | Release Notes (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.98.25060824 |
Maybe | None | |
| CVE ID | Acknowledgements |
| CVE-2025-47953 | 0x140ce |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-47955
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Improper privilege management in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. This CVE was addressed by updates that were released in May 2025, but the CVE was inadvertently omitted from the May 2025 Security Updates. This is an informational change only. Customers who have already installed the May 2025 updates do not need to take any further action. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-47955 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5058387 (Security Update) | Important | Elevation of Privilege | 5055547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.21014 |
Yes | None |
| Windows 10 for x64-based Systems | 5058387 (Security Update) | Important | Elevation of Privilege | 5055547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.21014 |
Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5058383 (Security Update) | Important | Elevation of Privilege | 5055521 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8066 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5058383 (Security Update) | Important | Elevation of Privilege | 5055521 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8066 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5058392 (Security Update) | Important | Elevation of Privilege | 5055519 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7314 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5058392 (Security Update) | Important | Elevation of Privilege | 5055519 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7314 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5058379 (Security Update) | Important | Elevation of Privilege | 5055518 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.5854 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5058379 (Security Update) | Important | Elevation of Privilege | 5055518 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.5854 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5058379 (Security Update) | Important | Elevation of Privilege | 5055518 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.5854 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5058379 (Security Update) | Important | Elevation of Privilege | 5055518 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.5854 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5058379 (Security Update) | Important | Elevation of Privilege | 5055518 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.5854 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5058379 (Security Update) | Important | Elevation of Privilege | 5055518 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.5854 |
Yes | None |
| Windows 11 Version 22H2 for ARM64-based Systems | 5058405 (Security Update) | Important | Elevation of Privilege | 5055528 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.5335 |
Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5058405 (Security Update) | Important | Elevation of Privilege | 5055528 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.5335 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5058405 (Security Update) | Important | Elevation of Privilege | 5055528 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.5335 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5058405 (Security Update) | Important | Elevation of Privilege | 5055528 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.5335 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5058411 (Security Update) 5058497 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5055523 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4061 10.0.26100.3981 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5058411 (Security Update) 5058497 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5055523 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4061 10.0.26100.3981 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5061198 (Monthly Rollup) 5058429 (Security Only) |
Important | Elevation of Privilege | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23317 6.0.6003.23279 |
Yes | None | |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5061198 (Monthly Rollup) 5058429 (Security Only) |
Important | Elevation of Privilege | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23317 6.0.6003.23279 |
Yes | None | |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5061198 (Monthly Rollup) 5058429 (Security Only) |
Important | Elevation of Privilege | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23317 6.0.6003.23279 |
Yes | None | |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5061198 (Monthly Rollup) 5058429 (Security Only) |
Important | Elevation of Privilege | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23317 6.0.6003.23279 |
Yes | None | |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5058430 (Monthly Rollup) 5058454 (Security Only) |
Important | Elevation of Privilege | 5055561 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27729 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5058430 (Monthly Rollup) 5058454 (Security Only) |
Important | Elevation of Privilege | 5055561 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27729 |
Yes | None |
| Windows Server 2012 | 5058451 (Monthly Rollup) | Important | Elevation of Privilege | 5055581 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25475 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5058451 (Monthly Rollup) | Important | Elevation of Privilege | 5055581 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25475 |
Yes | None |
| Windows Server 2012 R2 | 5058403 (Monthly Rollup) | Important | Elevation of Privilege | 5055557 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22577 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5058403 (Monthly Rollup) | Important | Elevation of Privilege | 5055557 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22577 |
Yes | None |
| Windows Server 2016 | 5058383 (Security Update) | Important | Elevation of Privilege | 5055521 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8066 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5058383 (Security Update) | Important | Elevation of Privilege | 5055521 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8066 |
Yes | None |
| Windows Server 2019 | 5058392 (Security Update) | Important | Elevation of Privilege | 5055519 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7314 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5058392 (Security Update) | Important | Elevation of Privilege | 5055519 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7314 |
Yes | None |
| Windows Server 2022 | 5058385 (Security Update) 5058500 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5055526 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.3692 10.0.20348.3630 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5058385 (Security Update) 5058500 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5055526 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.3692 10.0.20348.3630 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5058384 (Security Update) | Important | Elevation of Privilege | 5055527 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.1611 |
Yes | None |
| Windows Server 2025 | 5058411 (Security Update) 5058497 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5055523 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4061 10.0.26100.3981 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5058411 (Security Update) 5058497 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5055523 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4061 10.0.26100.3981 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-47955 | Sergey Bliznyuk with Positive Technologies |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-47956
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Security App Spoofing Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Executive Summary: External control of file name or path in Windows Security App allows an authorized attacker to perform spoofing locally. FAQ: Is more information available about Windows Security App? Yes, please see Stay Protected With the Windows Security App for more information. How do I know if I'm protected from this vulnerability From the Start menu, type Windows Security and hit Enter. The Windows Security App will be displayed. Click on the Settings control and then click the About link. The current version will be displayed. See that your version is greater than the fixed version in the Security Updates table. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Spoofing | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-47956 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows Security App | Information (Security Update) | Important | Spoofing | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
1000.27840.0.1000 |
No | None | |
| CVE ID | Acknowledgements |
| CVE-2025-47956 | Jimmy Bayne of IBM X-Force |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-33071
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:8.1/TemporalScore:7.1
Executive Summary: Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network. FAQ: How could an attacker exploit this vulnerability? An unauthenticated attacker could use a specially crafted application to leverage a cryptographic protocol vulnerability in Kerberos Key Distribution Center Proxy Service to perform remote code execution against the target. Are all Windows Servers affected by this vulnerability? This vulnerability only affects Windows Servers that are configured as a [MS-KKDCP]: Kerberos Key Distribution Center (KDC) Proxy Protocol server. Domain controllers are not affected. According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Critical | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation More Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-33071 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows Server 2012 | 5061059 (Monthly Rollup) | Critical | Remote Code Execution | 5058451 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25522 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5061059 (Monthly Rollup) | Critical | Remote Code Execution | 5058451 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25522 |
Yes | None |
| Windows Server 2012 R2 | 5061018 (Monthly Rollup) | Critical | Remote Code Execution | 5058403 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5061018 (Monthly Rollup) | Critical | Remote Code Execution | 5058403 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2016 | 5061010 (Security Update) | Critical | Remote Code Execution | 5058383 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5061010 (Security Update) | Critical | Remote Code Execution | 5058383 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2019 | 5060531 (Security Update) | Critical | Remote Code Execution | 5058392 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5060531 (Security Update) | Critical | Remote Code Execution | 5058392 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2022 | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Critical | Remote Code Execution | 5058385 5058500 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Critical | Remote Code Execution | 5058385 5058500 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5060118 (Security Update) | Critical | Remote Code Execution | 5058384 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.1665 |
Yes | None |
| Windows Server 2025 | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Critical | Remote Code Execution | 5058411 5058497 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Critical | Remote Code Execution | 5058411 5058497 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-33071 | k0shl with Kunlun Lab ʌ!ɔ⊥ojv with Kunlun Lab |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-47962
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows SDK Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Improper access control in Windows SDK allows an authorized attacker to elevate privileges locally. FAQ: Is there more information that is available on Windows SDK? Yes. Please see: Windows SDK - Windows app development which explains the Windows SDK and advises how to install and maintain the product. What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation More Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-47962 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows SDK | Release Notes (Security Update) | Important | Elevation of Privilege | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4188 |
Maybe | None | |
| CVE ID | Acknowledgements |
| CVE-2025-47962 | whoisthatguy whoisthatguy Naor Hodorov Kolja Grassmann with Neodyme AG Ken Kitahara with LAC Co., Ltd. Ken Kitahara with LAC Co., Ltd. Robbie Corley Julian Härig |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||
| CVE-2025-5068
MITRE NVD Issuing CNA: Chrome |
CVE Title: Chromium: CVE-2025-5068 Use after free in Blink
CVSS: None Executive Summary: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release?
Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. How can I see the version of the browser?
Mitigations: None Workarounds: None Revision: 1.0 03-Jun-25 Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2025-5068 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge (Chromium-based) | Release Notes (Security Update) | Unknown | Unknown | Base: N/A Temporal: N/A Vector: N/A |
137.0.3296.62 |
No | None | |
| CVE ID | Acknowledgements |
| CVE-2025-5068 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||
| CVE-2025-5419
MITRE NVD Issuing CNA: Chrome |
CVE Title: Chromium: CVE-2025-5419 Out of bounds read and write in V8
CVSS: None Executive Summary: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. Google is aware that an exploit for CVE-2025-5419 exists in the wild. FAQ: What is the version information for this release?
Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. How can I see the version of the browser?
Mitigations: None Workarounds: None Revision: 1.0 03-Jun-25 Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2025-5419 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge (Chromium-based) | Release Notes (Security Update) | Unknown | Unknown | Base: N/A Temporal: N/A Vector: N/A |
137.0.3296.62 |
No | None | |
| CVE ID | Acknowledgements |
| CVE-2025-5419 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-47969
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Virtualization-Based Security (VBS) Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:4.4/TemporalScore:3.9
Executive Summary: Exposure of sensitive information to an unauthorized actor in Windows Hello allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is secrets or privileged information belonging to the user of the affected application. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. This CVE was addressed by updates that were released in May 2025, but the CVE was inadvertently omitted from the May 2025 Security Updates. This is an informational change only. Customers who have already installed the May 2025 updates do not need to take any further action. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-47969 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 11 Version 22H2 for ARM64-based Systems | 5058405 (Security Update) | Important | Information Disclosure | 5055528 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22621.5335 |
Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5058405 (Security Update) | Important | Information Disclosure | 5055528 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22621.5335 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5058405 (Security Update) | Important | Information Disclosure | 5055528 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22621.5335 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5058405 (Security Update) | Important | Information Disclosure | 5055528 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22621.5335 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5058411 (Security Update) 5058497 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5055523 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4061 10.0.26100.3981 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5058411 (Security Update) 5058497 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5055523 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4061 10.0.26100.3981 |
Yes | None |
| Windows Server 2025 | 5058411 (Security Update) 5058497 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5055523 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4061 10.0.26100.3981 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5058411 (Security Update) 5058497 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5055523 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4061 10.0.26100.3981 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-47969 | Ceri Coburn with NetSPI |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-47966
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Power Automate Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:8.5
Executive Summary: Exposure of sensitive information to an unauthorized actor in Power Automate allows an unauthorized attacker to elevate privileges over a network. FAQ: Why are there no links to an update or instructions with steps that must be taken to protect from this vulnerability? This vulnerability has already been fully mitigated by Microsoft. There is no action for users of this service to take. The purpose of this CVE is to provide further transparency. Please see Toward greater transparency: Unveiling Cloud Service CVEs for more information. Mitigations: None Workarounds: None Revision: 1.0 05-Jun-25 Information published. |
Critical | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| N/A | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-47966 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Power Automate for Desktop | Critical | Elevation of Privilege | None | Base: 9.8 Temporal: 8.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Unknown | Unknown | None | |
| CVE ID | Acknowledgements |
| CVE-2025-47966 | Felix B. |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-24068
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Storage Management Provider Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Executive Summary: Buffer over-read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-24068 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5060998 (Security Update) | Important | Information Disclosure | 5058387 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 for x64-based Systems | 5060998 (Security Update) | Important | Information Disclosure | 5058387 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 11 Version 22H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2016 | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2019 | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2022 | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058385 5058500 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058385 5058500 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5060118 (Security Update) | Important | Information Disclosure | 5058384 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.1665 |
Yes | None |
| Windows Server 2025 | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-24068 | nerty_nerty(Ingyu Yang), Mukyoung Kwak, Seongheun Hong, Jaeseok Bae, Jiwon Jang, Seoyun Cho with Best of the Best 13th Team MSRC Gasan Dan Reynolds with MSRC Vulnerabilities & Mitigations insu with Theori insu with Theori |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-24069
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Storage Management Provider Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Executive Summary: Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-24069 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5060998 (Security Update) | Important | Information Disclosure | 5058387 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 for x64-based Systems | 5060998 (Security Update) | Important | Information Disclosure | 5058387 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 11 Version 22H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2016 | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2019 | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2022 | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058385 5058500 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058385 5058500 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5060118 (Security Update) | Important | Information Disclosure | 5058384 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.1665 |
Yes | None |
| Windows Server 2025 | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-24069 | insu with Theori nerty_nerty(Ingyu Yang), Mukyoung Kwak, Seongheun Hong, Jaeseok Bae, Jiwon Jang, Seoyun Cho with Best of the Best 13th Team MSRC Gasan Mukyoung Kwak, Seongheun Hong, Jaeseok Bae, Ingyu Yang, Jiwon Jang, Seoyun Cho with Best of the Best 13th Team MSRC Gasan |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-24065
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Storage Management Provider Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Executive Summary: Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is an out of bounds read in the caller's address space memory. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-24065 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5060998 (Security Update) | Important | Information Disclosure | 5058387 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 for x64-based Systems | 5060998 (Security Update) | Important | Information Disclosure | 5058387 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 11 Version 22H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2016 | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2019 | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2022 | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058385 5058500 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058385 5058500 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5060118 (Security Update) | Important | Information Disclosure | 5058384 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.1665 |
Yes | None |
| Windows Server 2025 | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-24065 | nerty_nerty(Ingyu Yang), Mukyoung Kwak, Seongheun Hong, Jaeseok Bae, Jiwon Jang, Seoyun Cho with Best of the Best 13th Team MSRC Gasan Dan Reynolds with MSRC Vulnerabilities & Mitigations insu with Theori insu with Theori |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-32725
MITRE NVD Issuing CNA: Microsoft |
CVE Title: DHCP Server Service Denial of Service Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Executive Summary: Protection mechanism failure in Windows DHCP Server allows an unauthorized attacker to deny service over a network. FAQ: According to the CVSS metric, successful exploitation of this vulnerability could lead to a total loss of availability (A:H). What does that mean for this vulnerability? If an attacker was able to successfully exploit the vulnerability the attack might result in a total loss of availability. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Denial of Service | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-32725 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows Server 2016 | 5061010 (Security Update) | Important | Denial of Service | 5058383 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5061010 (Security Update) | Important | Denial of Service | 5058383 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2019 | 5060531 (Security Update) | Important | Denial of Service | 5058392 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5060531 (Security Update) | Important | Denial of Service | 5058392 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2022 | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Denial of Service | 5058385 5058500 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Denial of Service | 5058385 5058500 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5060118 (Security Update) | Important | Denial of Service | 5058384 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.25398.1665 |
Yes | None |
| Windows Server 2025 | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Denial of Service | 5058411 5058497 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Denial of Service | 5058411 5058497 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-32725 | bee13oy with Cyber Kunlun Lab |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-33050
MITRE NVD Issuing CNA: Microsoft |
CVE Title: DHCP Server Service Denial of Service Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Executive Summary: Protection mechanism failure in Windows DHCP Server allows an unauthorized attacker to deny service over a network. FAQ: None Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Denial of Service | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-33050 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows Server 2016 | 5061010 (Security Update) | Important | Denial of Service | 5058383 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5061010 (Security Update) | Important | Denial of Service | 5058383 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2019 | 5060531 (Security Update) | Important | Denial of Service | 5058392 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5060531 (Security Update) | Important | Denial of Service | 5058392 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2022 | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Denial of Service | 5058385 5058500 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Denial of Service | 5058385 5058500 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5060118 (Security Update) | Important | Denial of Service | 5058384 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.25398.1665 |
Yes | None |
| Windows Server 2025 | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Denial of Service | 5058411 5058497 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Denial of Service | 5058411 5058497 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-33050 | Anonymous |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-33052
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows DWM Core Library Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Executive Summary: Use of uninitialized resource in Windows DWM Core Library allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized stack memory. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-33052 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1809 for 32-bit Systems | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 11 Version 22H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2019 | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2022 | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058385 5058500 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058385 5058500 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5060118 (Security Update) | Important | Information Disclosure | 5058384 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.1665 |
Yes | None |
| Windows Server 2025 | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-33052 | Microsoft Offensive Research & Security Engineering (MORSE) with Microsoft |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-33053
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Web Distributed Authoring and Versioning (WEBDAV) Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:8.8/TemporalScore:8.2
Executive Summary: External control of file name or path in WebDAV allows an unauthorized attacker to execute code over a network. FAQ: The Security Updates table indicates that this vulnerability affects all supported versions of Microsoft Windows. Why are IE Cumulative updates listed for Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, and Windows Server 2012 R2? While Microsoft has announced retirement of the Internet Explorer 11 application on certain platforms and the Microsoft Edge Legacy application is deprecated, the underlying MSHTML, EdgeHTML, and scripting platforms are still supported. The MSHTML platform is used by Internet Explorer mode in Microsoft Edge as well as other applications through WebBrowser control. The EdgeHTML platform is used by WebView and some UWP applications. The scripting platforms are used by MSHTML and EdgeHTML but can also be used by other legacy applications. Updates to address vulnerabilities in the MSHTML platform and scripting engine are included in the IE Cumulative Updates; EdgeHTML and Chakra changes are not applicable to those platforms. To stay fully protected, we recommend that customers who install Security Only updates install the IE Cumulative updates for this vulnerability. According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? The user would have to click on a specially crafted URL to be compromised by the attacker. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Detected | No | Yes |
The following tables list the affected software details for the vulnerability.
| CVE-2025-33053 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5060998 (Security Update) | Important | Remote Code Execution | 5058387 |
Base: 8.8 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 for x64-based Systems | 5060998 (Security Update) | Important | Remote Code Execution | 5058387 |
Base: 8.8 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5061010 (Security Update) | Important | Remote Code Execution | 5058383 |
Base: 8.8 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5061010 (Security Update) | Important | Remote Code Execution | 5058383 |
Base: 8.8 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5060531 (Security Update) | Important | Remote Code Execution | 5058392 |
Base: 8.8 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5060531 (Security Update) | Important | Remote Code Execution | 5058392 |
Base: 8.8 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5060533 (Security Update) | Important | Remote Code Execution | 5058379 |
Base: 8.8 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Remote Code Execution | 5058379 |
Base: 8.8 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5060533 (Security Update) | Important | Remote Code Execution | 5058379 |
Base: 8.8 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5060533 (Security Update) | Important | Remote Code Execution | 5058379 |
Base: 8.8 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Remote Code Execution | 5058379 |
Base: 8.8 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5060533 (Security Update) | Important | Remote Code Execution | 5058379 |
Base: 8.8 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 11 Version 22H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Remote Code Execution | 5058405 |
Base: 8.8 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5060999 (Security Update) | Important | Remote Code Execution | 5058405 |
Base: 8.8 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Remote Code Execution | 5058405 |
Base: 8.8 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5060999 (Security Update) | Important | Remote Code Execution | 5058405 |
Base: 8.8 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Remote Code Execution | 5058411 5058497 |
Base: 8.8 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Remote Code Execution | 5058411 5058497 |
Base: 8.8 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5061026 (Monthly Rollup) 5060996 (IE Cumulative) |
Important | Remote Code Execution | 5058449 |
Base: 8.8 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
6.0.6003.23351 1 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5061026 (Monthly Rollup) 5060996 (IE Cumulative) |
Important | Remote Code Execution | 5058449 |
Base: 8.8 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
6.0.6003.23351 1 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5061026 (Monthly Rollup) 5060996 (IE Cumulative) |
Important | Remote Code Execution | 5058449 |
Base: 8.8 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
6.0.6003.23351 1 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5061026 (Monthly Rollup) 5060996 (IE Cumulative) |
Important | Remote Code Execution | 5058449 |
Base: 8.8 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
6.0.6003.23351 1 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5060996 (IE Cumulative) 5061078 (Monthly Rollup) |
Important | Remote Code Execution | 5058430 |
Base: 8.8 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
1 6.1.7601.27769 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5060996 (IE Cumulative) 5061078 (Monthly Rollup) |
Important | Remote Code Execution | 5058430 |
Base: 8.8 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
1 6.1.7601.27769 |
Yes | None |
| Windows Server 2012 | 5060996 (IE Cumulative) 5061059 (Monthly Rollup) |
Important | Remote Code Execution | 5058451 |
Base: 8.8 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
1 6.2.9200.25522 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5060996 (IE Cumulative) 5061059 (Monthly Rollup) |
Important | Remote Code Execution | 5058451 |
Base: 8.8 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
1 6.2.9200.25522 |
Yes | None |
| Windows Server 2012 R2 | 5060996 (IE Cumulative) 5061018 (Monthly Rollup) |
Important | Remote Code Execution | 5058403 |
Base: 8.8 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
1 6.3.9600.22620 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5060996 (IE Cumulative) 5061018 (Monthly Rollup) |
Important | Remote Code Execution | 5058403 |
Base: 8.8 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
1 6.3.9600.22620 |
Yes | None |
| Windows Server 2016 | 5061010 (Security Update) | Important | Remote Code Execution | 5058383 |
Base: 8.8 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5061010 (Security Update) | Important | Remote Code Execution | 5058383 |
Base: 8.8 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2019 | 5060531 (Security Update) | Important | Remote Code Execution | 5058392 |
Base: 8.8 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5060531 (Security Update) | Important | Remote Code Execution | 5058392 |
Base: 8.8 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2022 | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Remote Code Execution | 5058385 5058500 |
Base: 8.8 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Remote Code Execution | 5058385 5058500 |
Base: 8.8 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5060118 (Security Update) | Important | Remote Code Execution | 5058384 |
Base: 8.8 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.25398.1665 |
Yes | None |
| Windows Server 2025 | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Remote Code Execution | 5058411 5058497 |
Base: 8.8 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Remote Code Execution | 5058411 5058497 |
Base: 8.8 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-33053 | Alexandra Gofman and David Driker (Check Point Research) |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-33055
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Storage Management Provider Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Executive Summary: Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-33055 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5060998 (Security Update) | Important | Information Disclosure | 5058387 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 for x64-based Systems | 5060998 (Security Update) | Important | Information Disclosure | 5058387 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5060533 (Security Update) | Important | Information Disclosure | 5058379 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 11 Version 22H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5060999 (Security Update) | Important | Information Disclosure | 5058405 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2016 | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5061010 (Security Update) | Important | Information Disclosure | 5058383 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2019 | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5060531 (Security Update) | Important | Information Disclosure | 5058392 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2022 | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058385 5058500 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058385 5058500 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5060118 (Security Update) | Important | Information Disclosure | 5058384 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.1665 |
Yes | None |
| Windows Server 2025 | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Information Disclosure | 5058411 5058497 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-33055 | Mukyoung Kwak, Seongheun Hong, Jaeseok Bae, Ingyu Yang, Jiwon Jang, Seoyun Cho with Best of the Best 13th Team MSRC Gasan |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-33056
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Local Security Authority (LSA) Denial of Service Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Executive Summary: Improper access control in Microsoft Local Security Authority Server (lsasrv) allows an unauthorized attacker to deny service over a network. FAQ: None Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Denial of Service | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-33056 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5060998 (Security Update) | Important | Denial of Service | 5058387 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 for x64-based Systems | 5060998 (Security Update) | Important | Denial of Service | 5058387 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5061010 (Security Update) | Important | Denial of Service | 5058383 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5061010 (Security Update) | Important | Denial of Service | 5058383 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5060531 (Security Update) | Important | Denial of Service | 5058392 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5060531 (Security Update) | Important | Denial of Service | 5058392 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5060533 (Security Update) | Important | Denial of Service | 5058379 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Denial of Service | 5058379 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5060533 (Security Update) | Important | Denial of Service | 5058379 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5060533 (Security Update) | Important | Denial of Service | 5058379 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Denial of Service | 5058379 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5060533 (Security Update) | Important | Denial of Service | 5058379 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 11 Version 22H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Denial of Service | 5058405 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5060999 (Security Update) | Important | Denial of Service | 5058405 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Denial of Service | 5058405 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5060999 (Security Update) | Important | Denial of Service | 5058405 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Denial of Service | 5058411 5058497 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Denial of Service | 5058411 5058497 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Denial of Service | 5058449 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Denial of Service | 5058449 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Denial of Service | 5058449 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Denial of Service | 5058449 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5061078 (Monthly Rollup) 5061036 (Security Only) |
Important | Denial of Service | 5058430 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.1.7601.27769 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5061078 (Monthly Rollup) 5061036 (Security Only) |
Important | Denial of Service | 5058430 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.1.7601.27769 |
Yes | None |
| Windows Server 2012 | 5061059 (Monthly Rollup) | Important | Denial of Service | 5058451 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.2.9200.25522 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5061059 (Monthly Rollup) | Important | Denial of Service | 5058451 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.2.9200.25522 |
Yes | None |
| Windows Server 2012 R2 | 5061018 (Monthly Rollup) | Important | Denial of Service | 5058403 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5061018 (Monthly Rollup) | Important | Denial of Service | 5058403 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2016 | 5061010 (Security Update) | Important | Denial of Service | 5058383 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5061010 (Security Update) | Important | Denial of Service | 5058383 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2019 | 5060531 (Security Update) | Important | Denial of Service | 5058392 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5060531 (Security Update) | Important | Denial of Service | 5058392 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2022 | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Denial of Service | 5058385 5058500 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Denial of Service | 5058385 5058500 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5060118 (Security Update) | Important | Denial of Service | 5058384 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.25398.1665 |
Yes | None |
| Windows Server 2025 | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Denial of Service | 5058411 5058497 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Denial of Service | 5058411 5058497 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-33056 | Erik Egsgard with Field Effect |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-33057
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Local Security Authority (LSA) Denial of Service Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:6.5/TemporalScore:5.7
Executive Summary: Null pointer dereference in Windows Local Security Authority (LSA) allows an authorized attacker to deny service over a network. FAQ: None Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Denial of Service | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-33057 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5060998 (Security Update) | Important | Denial of Service | 5058387 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 for x64-based Systems | 5060998 (Security Update) | Important | Denial of Service | 5058387 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5061010 (Security Update) | Important | Denial of Service | 5058383 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5061010 (Security Update) | Important | Denial of Service | 5058383 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5060531 (Security Update) | Important | Denial of Service | 5058392 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5060531 (Security Update) | Important | Denial of Service | 5058392 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5060533 (Security Update) | Important | Denial of Service | 5058379 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Denial of Service | 5058379 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5060533 (Security Update) | Important | Denial of Service | 5058379 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5060533 (Security Update) | Important | Denial of Service | 5058379 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Denial of Service | 5058379 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5060533 (Security Update) | Important | Denial of Service | 5058379 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 11 Version 22H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Denial of Service | 5058405 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5060999 (Security Update) | Important | Denial of Service | 5058405 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Denial of Service | 5058405 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5060999 (Security Update) | Important | Denial of Service | 5058405 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Denial of Service | 5058411 5058497 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Denial of Service | 5058411 5058497 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Denial of Service | 5058449 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Denial of Service | 5058449 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Denial of Service | 5058449 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Denial of Service | 5058449 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5061078 (Monthly Rollup) 5061036 (Security Only) |
Important | Denial of Service | 5058430 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.1.7601.27769 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5061078 (Monthly Rollup) 5061036 (Security Only) |
Important | Denial of Service | 5058430 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.1.7601.27769 |
Yes | None |
| Windows Server 2012 | 5061059 (Monthly Rollup) | Important | Denial of Service | 5058451 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.2.9200.25522 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5061059 (Monthly Rollup) | Important | Denial of Service | 5058451 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.2.9200.25522 |
Yes | None |
| Windows Server 2012 R2 | 5061018 (Monthly Rollup) | Important | Denial of Service | 5058403 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5061018 (Monthly Rollup) | Important | Denial of Service | 5058403 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2016 | 5061010 (Security Update) | Important | Denial of Service | 5058383 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5061010 (Security Update) | Important | Denial of Service | 5058383 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2019 | 5060531 (Security Update) | Important | Denial of Service | 5058392 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5060531 (Security Update) | Important | Denial of Service | 5058392 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2022 | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Denial of Service | 5058385 5058500 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Denial of Service | 5058385 5058500 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5060118 (Security Update) | Important | Denial of Service | 5058384 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.25398.1665 |
Yes | None |
| Windows Server 2025 | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Denial of Service | 5058411 5058497 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Denial of Service | 5058411 5058497 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-33057 | Anonymous |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-33068
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Standards-Based Storage Management Service Denial of Service Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Executive Summary: Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network. FAQ: None Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Denial of Service | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-33068 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows Server 2012 R2 | 5061018 (Monthly Rollup) | Important | Denial of Service | 5058403 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5061018 (Monthly Rollup) | Important | Denial of Service | 5058403 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2016 | 5061010 (Security Update) | Important | Denial of Service | 5058383 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5061010 (Security Update) | Important | Denial of Service | 5058383 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2019 | 5060531 (Security Update) | Important | Denial of Service | 5058392 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5060531 (Security Update) | Important | Denial of Service | 5058392 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2022 | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Denial of Service | 5058385 5058500 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Denial of Service | 5058385 5058500 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2025 | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Denial of Service | 5058411 5058497 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Denial of Service | 5058411 5058497 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-33068 | k0shl with Kunlun Lab Zhiniang Peng with HUST |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-33069
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows App Control for Business Security Feature Bypass Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.1/TemporalScore:4.5
Executive Summary: Improper verification of cryptographic signature in App Control for Business (WDAC) allows an unauthorized attacker to bypass a security feature locally. FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? An attacker can spoof the signature to get it to bypass App Control policy. According to the CVSS metrics, successful exploitation of this vulnerability could lead to no loss of confidentiality (C:L), some loss of integrity (I:L) but have no effect on availability (A:N). What is the impact of this vulnerability? An attacker who successfully exploited the vulnerability could view some sensitive information (Confidentiality), make changes to disclosed information (Integrity), but cannot limit access to the resource (Availability). Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Security Feature Bypass | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-33069 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 11 Version 24H2 for ARM64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Security Feature Bypass | 5058411 5058497 |
Base: 5.1 Temporal: 4.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Security Feature Bypass | 5058411 5058497 |
Base: 5.1 Temporal: 4.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2025 | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Security Feature Bypass | 5058411 5058497 |
Base: 5.1 Temporal: 4.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Security Feature Bypass | 5058411 5058497 |
Base: 5.1 Temporal: 4.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-33069 | Mingda Li with Dow |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-33070
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Netlogon Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:8.1/TemporalScore:7.1
Executive Summary: Use of uninitialized resource in Windows Netlogon allows an unauthorized attacker to elevate privileges over a network. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment. What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could gain domain administrator privileges. How an attacker exploit this vulnerability? The attacker could exploit the vulnerability by sending specially crafted authentication requests to the domain controller, which would allow an unauthenticated remote code execution without user interaction. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Critical | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation More Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-33070 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5060998 (Security Update) | Critical | Elevation of Privilege | 5058387 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 for x64-based Systems | 5060998 (Security Update) | Critical | Elevation of Privilege | 5058387 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5061010 (Security Update) | Critical | Elevation of Privilege | 5058383 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5061010 (Security Update) | Critical | Elevation of Privilege | 5058383 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5060531 (Security Update) | Critical | Elevation of Privilege | 5058392 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5060531 (Security Update) | Critical | Elevation of Privilege | 5058392 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5060533 (Security Update) | Critical | Elevation of Privilege | 5058379 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5060533 (Security Update) | Critical | Elevation of Privilege | 5058379 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5060533 (Security Update) | Critical | Elevation of Privilege | 5058379 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5060533 (Security Update) | Critical | Elevation of Privilege | 5058379 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5060533 (Security Update) | Critical | Elevation of Privilege | 5058379 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5060533 (Security Update) | Critical | Elevation of Privilege | 5058379 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 11 Version 22H2 for ARM64-based Systems | 5060999 (Security Update) | Critical | Elevation of Privilege | 5058405 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5060999 (Security Update) | Critical | Elevation of Privilege | 5058405 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5060999 (Security Update) | Critical | Elevation of Privilege | 5058405 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5060999 (Security Update) | Critical | Elevation of Privilege | 5058405 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Critical | Elevation of Privilege | 5058411 5058497 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Critical | Elevation of Privilege | 5058411 5058497 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5061078 (Monthly Rollup) 5061036 (Security Only) |
Critical | Elevation of Privilege | 5058430 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27769 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5061078 (Monthly Rollup) 5061036 (Security Only) |
Critical | Elevation of Privilege | 5058430 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27769 |
Yes | None |
| Windows Server 2012 | 5061059 (Monthly Rollup) | Critical | Elevation of Privilege | 5058451 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25522 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5061059 (Monthly Rollup) | Critical | Elevation of Privilege | 5058451 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25522 |
Yes | None |
| Windows Server 2012 R2 | 5061018 (Monthly Rollup) | Critical | Elevation of Privilege | 5058403 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5061018 (Monthly Rollup) | Critical | Elevation of Privilege | 5058403 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2016 | 5061010 (Security Update) | Critical | Elevation of Privilege | 5058383 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5061010 (Security Update) | Critical | Elevation of Privilege | 5058383 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2019 | 5060531 (Security Update) | Critical | Elevation of Privilege | 5058392 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5060531 (Security Update) | Critical | Elevation of Privilege | 5058392 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2022 | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Critical | Elevation of Privilege | 5058385 5058500 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Critical | Elevation of Privilege | 5058385 5058500 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5060118 (Security Update) | Critical | Elevation of Privilege | 5058384 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.1665 |
Yes | None |
| Windows Server 2025 | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Critical | Elevation of Privilege | 5058411 5058497 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Critical | Elevation of Privilege | 5058411 5058497 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-33070 | Anonymous |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-33073
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows SMB Client Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.9
Executive Summary: Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. How could an attacker exploit this vulnerability? When multiple attack vectors can be used, we assign a score based on the scenario with the higher risk. In one such scenario for this vulnerability, the attacker could convince a victim to connect to an attacker controlled malicious application (for example, SMB) server. Upon connecting, the malicious server could compromise the protocol. How could an attacker exploit the vulnerability? To exploit this vulnerability, an attacker could execute a specially crafted malicious script to coerce the victim machine to connect back to the attack system using SMB and authenticate. This could result in elevation of privilege. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | Yes | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-33073 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5060998 (Security Update) | Important | Elevation of Privilege | 5058387 |
Base: 8.8 Temporal: 7.9 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 for x64-based Systems | 5060998 (Security Update) | Important | Elevation of Privilege | 5058387 |
Base: 8.8 Temporal: 7.9 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5061010 (Security Update) | Important | Elevation of Privilege | 5058383 |
Base: 8.8 Temporal: 7.9 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5061010 (Security Update) | Important | Elevation of Privilege | 5058383 |
Base: 8.8 Temporal: 7.9 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5060531 (Security Update) | Important | Elevation of Privilege | 5058392 |
Base: 8.8 Temporal: 7.9 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5060531 (Security Update) | Important | Elevation of Privilege | 5058392 |
Base: 8.8 Temporal: 7.9 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 8.8 Temporal: 7.9 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 8.8 Temporal: 7.9 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 8.8 Temporal: 7.9 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 8.8 Temporal: 7.9 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 8.8 Temporal: 7.9 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5060533 (Security Update) | Important | Elevation of Privilege | 5058379 |
Base: 8.8 Temporal: 7.9 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 11 Version 22H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Elevation of Privilege | 5058405 |
Base: 8.8 Temporal: 7.9 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5060999 (Security Update) | Important | Elevation of Privilege | 5058405 |
Base: 8.8 Temporal: 7.9 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Elevation of Privilege | 5058405 |
Base: 8.8 Temporal: 7.9 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5060999 (Security Update) | Important | Elevation of Privilege | 5058405 |
Base: 8.8 Temporal: 7.9 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058411 5058497 |
Base: 8.8 Temporal: 7.9 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058411 5058497 |
Base: 8.8 Temporal: 7.9 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Elevation of Privilege | 5058449 |
Base: 8.8 Temporal: 7.9 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Elevation of Privilege | 5058449 |
Base: 8.8 Temporal: 7.9 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Elevation of Privilege | 5058449 |
Base: 8.8 Temporal: 7.9 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5061026 (Monthly Rollup) 5061072 (Security Only) |
Important | Elevation of Privilege | 5058449 |
Base: 8.8 Temporal: 7.9 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
6.0.6003.23351 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5061078 (Monthly Rollup) 5061036 (Security Only) |
Important | Elevation of Privilege | 5058430 |
Base: 8.8 Temporal: 7.9 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
6.1.7601.27769 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5061078 (Monthly Rollup) 5061036 (Security Only) |
Important | Elevation of Privilege | 5058430 |
Base: 8.8 Temporal: 7.9 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
6.1.7601.27769 |
Yes | None |
| Windows Server 2012 | 5061059 (Monthly Rollup) | Important | Elevation of Privilege | 5058451 |
Base: 8.8 Temporal: 7.9 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
6.2.9200.25522 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5061059 (Monthly Rollup) | Important | Elevation of Privilege | 5058451 |
Base: 8.8 Temporal: 7.9 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
6.2.9200.25522 |
Yes | None |
| Windows Server 2012 R2 | 5061018 (Monthly Rollup) | Important | Elevation of Privilege | 5058403 |
Base: 8.8 Temporal: 7.9 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5061018 (Monthly Rollup) | Important | Elevation of Privilege | 5058403 |
Base: 8.8 Temporal: 7.9 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2016 | 5061010 (Security Update) | Important | Elevation of Privilege | 5058383 |
Base: 8.8 Temporal: 7.9 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5061010 (Security Update) | Important | Elevation of Privilege | 5058383 |
Base: 8.8 Temporal: 7.9 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2019 | 5060531 (Security Update) | Important | Elevation of Privilege | 5058392 |
Base: 8.8 Temporal: 7.9 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5060531 (Security Update) | Important | Elevation of Privilege | 5058392 |
Base: 8.8 Temporal: 7.9 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2022 | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058385 5058500 |
Base: 8.8 Temporal: 7.9 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058385 5058500 |
Base: 8.8 Temporal: 7.9 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5060118 (Security Update) | Important | Elevation of Privilege | 5058384 |
Base: 8.8 Temporal: 7.9 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.25398.1665 |
Yes | None |
| Windows Server 2025 | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058411 5058497 |
Base: 8.8 Temporal: 7.9 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Elevation of Privilege | 5058411 5058497 |
Base: 8.8 Temporal: 7.9 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-33073 | James Forshaw of Google Project Zero RedTeam Pentesting GmbH Stefan Walter with SySS GmbH Synacktiv research with Synacktiv Keisuke Hirata with CrowdStrike |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-47163
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft SharePoint Server Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Executive Summary: Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. FAQ: How could an attacker exploit the vulnerability? In a network-based attack, an authenticated attacker, who has a minimum of Site Member permissions (PR:L), could execute code remotely on the SharePoint Server. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-47163 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft SharePoint Enterprise Server 2016 | 5002732 (Security Update) | Important | Remote Code Execution | 5002722 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5504.1001 |
Maybe | None |
| Microsoft SharePoint Server 2019 | 5002729 (Security Update) | Important | Remote Code Execution | 5002708 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.10417.20018 |
Maybe | None |
| Microsoft SharePoint Server Subscription Edition | 5002736 (Security Update) | Important | Remote Code Execution | 5002709 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.18526.20396 |
Maybe | None |
| CVE ID | Acknowledgements |
| CVE-2025-47163 | zcgonvh |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-47164
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Office Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:8.4/TemporalScore:7.3
Executive Summary: Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. FAQ: Is the Preview Pane an attack vector for this vulnerability? Yes, the Preview Pane is an attack vector. According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability. Are the updates for the Microsoft 365 for Office currently available? The security update for Microsoft 365 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Critical | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation More Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-47164 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft 365 Apps for Enterprise for 32-bit Systems | Critical | Remote Code Execution | None | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Unknown | Unknown | None | |
| Microsoft 365 Apps for Enterprise for 64-bit Systems | Critical | Remote Code Execution | None | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Unknown | Unknown | None | |
| Microsoft Office 2016 (32-bit edition) | 5002730 (Security Update) | Critical | Remote Code Execution | 5002711 |
Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5504.1000 |
Maybe | None |
| Microsoft Office 2016 (64-bit edition) | 5002730 (Security Update) | Critical | Remote Code Execution | 5002711 |
Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5504.1000 |
Maybe | None |
| Microsoft Office 2019 for 32-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office 2019 for 64-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office for Android | Release Notes (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.18925.20000 |
Maybe | None | |
| Microsoft Office LTSC 2021 for 32-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2021 for 64-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 32-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 64-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC for Mac 2021 | Release Notes (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.98.25060824 |
Maybe | None | |
| Microsoft Office LTSC for Mac 2024 | Release Notes (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.98.25060824 |
Maybe | None | |
| CVE ID | Acknowledgements |
| CVE-2025-47164 | 0x140ce |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-47165
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Excel Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. For example, when the score indicates that the Attack Vector is Local and User Interaction is Required, this could describe an exploit in which an attacker, through social engineering, convinces a victim to download and open a specially crafted file from a website which leads to a local attack on their computer. Are the updates for the Microsoft 365 for Office currently available? The security update for Microsoft 365 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information. Is the Preview Pane an attack vector for this vulnerability? No, the Preview Pane is not an attack vector. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-47165 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft 365 Apps for Enterprise for 32-bit Systems | Important | Remote Code Execution | None | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Unknown | Unknown | None | |
| Microsoft 365 Apps for Enterprise for 64-bit Systems | Important | Remote Code Execution | None | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Unknown | Unknown | None | |
| Microsoft Excel 2016 (32-bit edition) | 5002735 (Security Update) | Important | Remote Code Execution | 5002717 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5504.1000 |
Maybe | None |
| Microsoft Excel 2016 (64-bit edition) | 5002735 (Security Update) | Important | Remote Code Execution | 5002717 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5504.1000 |
Maybe | None |
| Microsoft Office 2019 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office 2019 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2021 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2021 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC for Mac 2021 | Release Notes (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.98.25060824 |
Maybe | None | |
| Microsoft Office LTSC for Mac 2024 | Release Notes (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.98.25060824 |
Maybe | None | |
| Office Online Server | 5002728 (Security Update) | Important | Remote Code Execution | 5002707 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.10417.20018 |
Maybe | None |
| CVE ID | Acknowledgements |
| CVE-2025-47165 | 0x140ce |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-47166
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft SharePoint Server Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Executive Summary: Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. FAQ: How could an attacker exploit the vulnerability? In a network-based attack, an authenticated attacker, who has a minimum of Site Member permissions (PR:L), could execute code remotely on the SharePoint Server. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-47166 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft SharePoint Enterprise Server 2016 | 5002732 (Security Update) | Important | Remote Code Execution | 5002722 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5504.1001 |
Maybe | None |
| Microsoft SharePoint Server 2019 | 5002729 (Security Update) | Important | Remote Code Execution | 5002708 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.10417.20018 |
Maybe | None |
| Microsoft SharePoint Server Subscription Edition | 5002736 (Security Update) | Important | Remote Code Execution | 5002709 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.18526.20396 |
Maybe | None |
| CVE ID | Acknowledgements |
| CVE-2025-47166 | zcgonvh's cat Vanilla |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-47167
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Office Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:8.4/TemporalScore:7.3
Executive Summary: Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally. FAQ: Is the Preview Pane an attack vector for this vulnerability? Yes, the Preview Pane is an attack vector. Are the updates for the Microsoft 365 for Office currently available? The security update for Microsoft 365 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information. According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Critical | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation More Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-47167 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft 365 Apps for Enterprise for 32-bit Systems | Critical | Remote Code Execution | None | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Unknown | Unknown | None | |
| Microsoft 365 Apps for Enterprise for 64-bit Systems | Critical | Remote Code Execution | None | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Unknown | Unknown | None | |
| Microsoft Office 2016 (32-bit edition) | 5002616 (Security Update) | Critical | Remote Code Execution | 4493154 |
Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5504.1000 |
Maybe | None |
| Microsoft Office 2016 (64-bit edition) | 5002616 (Security Update) | Critical | Remote Code Execution | 4493154 |
Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5504.1000 |
Maybe | None |
| Microsoft Office 2019 for 32-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office 2019 for 64-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office for Android | Release Notes (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.18925.20000 |
Maybe | None | |
| Microsoft Office LTSC 2021 for 32-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2021 for 64-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 32-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 64-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC for Mac 2021 | Release Notes (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.98.25060824 |
Maybe | None | |
| Microsoft Office LTSC for Mac 2024 | Release Notes (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.98.25060824 |
Maybe | None | |
| CVE ID | Acknowledgements |
| CVE-2025-47167 | 0x140ce |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-47168
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Word Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability. Is the Preview Pane an attack vector for this vulnerability? No, the Preview Pane is not an attack vector. There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software? Yes. Customers should apply all updates offered for the software installed on their systems. If multiple updates apply, they can be installed in any order. Are the updates for the Microsoft 365 for Office currently available? The security update for Microsoft 365 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information. According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? An attacker must send the user a malicious file and convince them to open it. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-47168 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft 365 Apps for Enterprise for 32-bit Systems | Important | Remote Code Execution | None | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Unknown | Unknown | None | |
| Microsoft 365 Apps for Enterprise for 64-bit Systems | Important | Remote Code Execution | None | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Unknown | Unknown | None | |
| Microsoft Office 2019 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office 2019 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2021 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2021 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC for Mac 2021 | Release Notes (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.98.25060824 |
Maybe | None | |
| Microsoft Office LTSC for Mac 2024 | Release Notes (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.98.25060824 |
Maybe | None | |
| Microsoft SharePoint Enterprise Server 2016 | 5002732 (Security Update) 5002731 (Security Update) |
Important | Remote Code Execution | 5002722 5002712 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5504.1001 |
Maybe | None |
| Microsoft SharePoint Server 2019 | 5002729 (Security Update) 5002727 (Security Update) |
Important | Remote Code Execution | 5002708 5002706 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.10417.20018 |
Maybe | None |
| Microsoft Word 2016 (32-bit edition) | 5002710 (Security Update) | Important | Remote Code Execution | 5002702 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5504.1000 |
Maybe | None |
| Microsoft Word 2016 (64-bit edition) | 5002710 (Security Update) | Important | Remote Code Execution | 5002702 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5504.1000 |
Maybe | None |
| CVE ID | Acknowledgements |
| CVE-2025-47168 | cdbb6164ddfda2b210fd348442322115 |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-47169
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Word Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally. FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability. According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? An attacker must send the user a malicious file and convince them to open it. There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software? Yes. Customers should apply all updates offered for the software installed on their systems. If multiple updates apply, they can be installed in any order. Are the updates for the Microsoft 365 for Office currently available? The security update for Microsoft 365 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information. Is the Preview Pane an attack vector for this vulnerability? No, the Preview Pane is not an attack vector. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-47169 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft 365 Apps for Enterprise for 32-bit Systems | Important | Remote Code Execution | None | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Unknown | Unknown | None | |
| Microsoft 365 Apps for Enterprise for 64-bit Systems | Important | Remote Code Execution | None | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Unknown | Unknown | None | |
| Microsoft Office 2019 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office 2019 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2021 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2021 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC for Mac 2021 | Release Notes (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.98.25060824 |
Maybe | None | |
| Microsoft Office LTSC for Mac 2024 | Release Notes (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.98.25060824 |
Maybe | None | |
| Microsoft SharePoint Enterprise Server 2016 | 5002732 (Security Update) 5002731 (Security Update) |
Important | Remote Code Execution | 5002722 5002712 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5504.1001 |
Maybe | None |
| Microsoft SharePoint Server 2019 | 5002729 (Security Update) 5002727 (Security Update) |
Important | Remote Code Execution | 5002708 5002706 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.10417.20018 |
Maybe | None |
| Microsoft Word 2016 (32-bit edition) | 5002710 (Security Update) | Important | Remote Code Execution | 5002702 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5504.1000 |
Maybe | None |
| Microsoft Word 2016 (64-bit edition) | 5002710 (Security Update) | Important | Remote Code Execution | 5002702 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5504.1000 |
Maybe | None |
| CVE ID | Acknowledgements |
| CVE-2025-47169 | cdbb6164ddfda2b210fd348442322115 |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-47170
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Word Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. FAQ: Are the updates for the Microsoft 365 for Office currently available? The security update for Microsoft 365 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information. According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability. According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? An attacker must send the user a malicious file and convince them to open it. Is the Preview Pane an attack vector for this vulnerability? No, the Preview Pane is not an attack vector. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-47170 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft 365 Apps for Enterprise for 32-bit Systems | Important | Remote Code Execution | None | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Unknown | Unknown | None | |
| Microsoft 365 Apps for Enterprise for 64-bit Systems | Important | Remote Code Execution | None | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Unknown | Unknown | None | |
| Microsoft Office LTSC 2024 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC for Mac 2024 | Release Notes (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.98.25060824 |
Maybe | None | |
| CVE ID | Acknowledgements |
| CVE-2025-47170 | Haifei Li with EXPMON |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-47171
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Outlook Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:6.7/TemporalScore:5.8
Executive Summary: Improper input validation in Microsoft Office Outlook allows an authorized attacker to execute code locally. FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability. According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? A user needs to be tricked into opening malicious files. According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? To successfully exploit this vulnerability, an attacker would need to gain elevated privileges enabling them to perform file operations in directories they would not normally be able to access or perform. Are the updates for the Microsoft 365 for Office currently available? The security update for Microsoft 365 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information. Is the Preview Pane an attack vector for this vulnerability? Yes, the Preview Pane is an attack vector. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-47171 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft 365 Apps for Enterprise for 32-bit Systems | Important | Remote Code Execution | None | Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Unknown | Unknown | None | |
| Microsoft 365 Apps for Enterprise for 64-bit Systems | Important | Remote Code Execution | None | Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Unknown | Unknown | None | |
| Microsoft Office 2019 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office 2019 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2021 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2021 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Outlook 2016 (32-bit edition) | 5002683 (Security Update) | Important | Remote Code Execution | 5002656 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5504.1000 |
Maybe | None |
| Microsoft Outlook 2016 (64-bit edition) | 5002683 (Security Update) | Important | Remote Code Execution | 5002656 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5504.1000 |
Maybe | None |
| CVE ID | Acknowledgements |
| CVE-2025-47171 | Arnold Osipov with Morphisec Shmuel Uzan with Morphisec Michael Gorelik with Morphisec |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-47172
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft SharePoint Server Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Executive Summary: Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. FAQ: How could an attacker exploit the vulnerability? In a network-based attack, an authenticated attacker, who has a minimum of Site Member permissions (PR:L), could execute code remotely on the SharePoint Server. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Critical | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-47172 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft SharePoint Enterprise Server 2016 | 5002732 (Security Update) | Critical | Remote Code Execution | 5002722 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5504.1001 |
Maybe | None |
| Microsoft SharePoint Server 2019 | 5002729 (Security Update) | Critical | Remote Code Execution | 5002708 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.10417.20018 |
Maybe | None |
| Microsoft SharePoint Server Subscription Edition | 5002736 (Security Update) | Critical | Remote Code Execution | 5002709 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.18526.20396 |
Maybe | None |
| CVE ID | Acknowledgements |
| CVE-2025-47172 | Zhiniang Peng with HUST |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-47173
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Office Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Improper input validation in Microsoft Office allows an unauthorized attacker to execute code locally. FAQ: Are the updates for the Microsoft 365 for Office currently available? The security update for Microsoft 365 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information. According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. For example, when the score indicates that the Attack Vector is Local and User Interaction is Required, this could describe an exploit in which an attacker, through social engineering, convinces a victim to download and open a specially crafted file from a website which leads to a local attack on their computer. Is the Preview Pane an attack vector for this vulnerability? No, the Preview Pane is not an attack vector. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-47173 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft 365 Apps for Enterprise for 32-bit Systems | Important | Remote Code Execution | None | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Unknown | Unknown | None | |
| Microsoft 365 Apps for Enterprise for 64-bit Systems | Important | Remote Code Execution | None | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Unknown | Unknown | None | |
| Microsoft Office 2016 (32-bit edition) | 5002730 (Security Update) | Important | Remote Code Execution | 5002711 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5504.1000 |
Maybe | None |
| Microsoft Office 2016 (64-bit edition) | 5002730 (Security Update) | Important | Remote Code Execution | 5002711 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5504.1000 |
Maybe | None |
| Microsoft Office 2019 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office 2019 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2021 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2021 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC for Mac 2021 | Release Notes (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.98.25060824 |
Maybe | None | |
| Microsoft Office LTSC for Mac 2024 | Release Notes (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.98.25060824 |
Maybe | None | |
| CVE ID | Acknowledgements |
| CVE-2025-47173 | Arnold Osipov with Morphisec |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-47174
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Excel Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. For example, when the score indicates that the Attack Vector is Local and User Interaction is Required, this could describe an exploit in which an attacker, through social engineering, convinces a victim to download and open a specially crafted file from a website which leads to a local attack on their computer. Are the updates for the Microsoft 365 for Office currently available? The security update for Microsoft 365 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information. Is the Preview Pane an attack vector for this vulnerability? No, the Preview Pane is not an attack vector. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-47174 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft 365 Apps for Enterprise for 32-bit Systems | Important | Remote Code Execution | None | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Unknown | Unknown | None | |
| Microsoft 365 Apps for Enterprise for 64-bit Systems | Important | Remote Code Execution | None | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Unknown | Unknown | None | |
| Microsoft Office LTSC 2021 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2021 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| CVE ID | Acknowledgements |
| CVE-2025-47174 | wh1tc with Kunlun Lab & Zhiniang Peng with HUST |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-47175
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft PowerPoint Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally. FAQ: Are the updates for the Microsoft 365 for Office currently available? The security update for Microsoft 365 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information. According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? An attacker must send the user a malicious file and convince them to open it. According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability. Is the Preview Pane an attack vector for this vulnerability? No, the Preview Pane is not an attack vector. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-47175 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft 365 Apps for Enterprise for 32-bit Systems | Important | Remote Code Execution | None | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Unknown | Unknown | None | |
| Microsoft 365 Apps for Enterprise for 64-bit Systems | Important | Remote Code Execution | None | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Unknown | Unknown | None | |
| Microsoft Office 2019 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office 2019 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2021 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2021 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC for Mac 2021 | Release Notes (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.98.25060824 |
Maybe | None | |
| Microsoft Office LTSC for Mac 2024 | Release Notes (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.98.25060824 |
Maybe | None | |
| Microsoft PowerPoint 2016 (32-bit edition) | 5002689 (Security Update) | Important | Remote Code Execution | 5002586 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5504.1000 |
Maybe | None |
| Microsoft PowerPoint 2016 (64-bit edition) | 5002689 (Security Update) | Important | Remote Code Execution | 5002586 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5504.1000 |
Maybe | None |
| CVE ID | Acknowledgements |
| CVE-2025-47175 | 0x140ce |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-47176
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Outlook Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: '.../...//' in Microsoft Office Outlook allows an authorized attacker to execute code locally. FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability. According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability? Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges. Are the updates for the Microsoft 365 for Office currently available? The security update for Microsoft 365 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information. Is the Preview Pane an attack vector for this vulnerability? No, the Preview Pane is not an attack vector. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-47176 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft 365 Apps for Enterprise for 32-bit Systems | Important | Remote Code Execution | None | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Unknown | Unknown | None | |
| Microsoft 365 Apps for Enterprise for 64-bit Systems | Important | Remote Code Execution | None | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Unknown | Unknown | None | |
| Microsoft Office LTSC 2024 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| CVE ID | Acknowledgements |
| CVE-2025-47176 | Arnold Osipov with Morphisec Michael Gorelik with Morphisec Shmuel Uzan with Morphisec |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-3052
MITRE NVD Issuing CNA: CERT/CC |
CVE Title: Cert CC: CVE-2025-3052 InsydeH2O Secure Boot Bypass
CVSS: CVSS:3.1 Highest BaseScore:6.7/TemporalScore:5.8
Executive Summary: Untrusted pointer dereference in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? An attacker who successfully exploited this vulnerability could bypass Secure Boot. Why is this CERT/CC CVE included in the Security Update Guide? A vulnerability exists in a UEFI application signed with a Microsoft third-party UEFI certificate, which allows an attacker to bypass UEFI Secure Boot. CERT/CC assigned a CVE ID for this vulnerability which all vendors are using for their affected products. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Security Feature Bypass | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-3052 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5060998 (Security Update) | Important | Security Feature Bypass | 5058387 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 for x64-based Systems | 5060998 (Security Update) | Important | Security Feature Bypass | 5058387 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.21034 |
Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5061010 (Security Update) | Important | Security Feature Bypass | 5058383 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5061010 (Security Update) | Important | Security Feature Bypass | 5058383 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5060531 (Security Update) | Important | Security Feature Bypass | 5058392 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5060531 (Security Update) | Important | Security Feature Bypass | 5058392 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5060533 (Security Update) | Important | Security Feature Bypass | 5058379 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Security Feature Bypass | 5058379 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5060533 (Security Update) | Important | Security Feature Bypass | 5058379 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.5965 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5060533 (Security Update) | Important | Security Feature Bypass | 5058379 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5060533 (Security Update) | Important | Security Feature Bypass | 5058379 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5060533 (Security Update) | Important | Security Feature Bypass | 5058379 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.5965 |
Yes | None |
| Windows 11 Version 22H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Security Feature Bypass | 5058405 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5060999 (Security Update) | Important | Security Feature Bypass | 5058405 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.5472 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5060999 (Security Update) | Important | Security Feature Bypass | 5058405 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5060999 (Security Update) | Important | Security Feature Bypass | 5058405 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.5472 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Security Feature Bypass | 5058411 5058497 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Security Feature Bypass | 5058411 5058497 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2012 | 5061059 (Monthly Rollup) | Important | Security Feature Bypass | 5058451 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25522 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5061059 (Monthly Rollup) | Important | Security Feature Bypass | 5058451 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25522 |
Yes | None |
| Windows Server 2012 R2 | 5061018 (Monthly Rollup) | Important | Security Feature Bypass | 5058403 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5061018 (Monthly Rollup) | Important | Security Feature Bypass | 5058403 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22620 |
Yes | None |
| Windows Server 2016 | 5061010 (Security Update) | Important | Security Feature Bypass | 5058383 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5061010 (Security Update) | Important | Security Feature Bypass | 5058383 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8148 |
Yes | None |
| Windows Server 2019 | 5060531 (Security Update) | Important | Security Feature Bypass | 5058392 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5060531 (Security Update) | Important | Security Feature Bypass | 5058392 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.7434 |
Yes | None |
| Windows Server 2022 | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Security Feature Bypass | 5058385 5058500 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5060526 (Security Update) 5060525 (SecurityHotpatchUpdate) |
Important | Security Feature Bypass | 5058385 5058500 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.3807 10.0.20348.3745 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5060118 (Security Update) | Important | Security Feature Bypass | 5058384 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.1665 |
Yes | None |
| Windows Server 2025 | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Security Feature Bypass | 5058411 5058497 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5060842 (Security Update) 5060841 (SecurityHotpatchUpdate) |
Important | Security Feature Bypass | 5058411 5058497 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.4349 10.0.26100.4270 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2025-3052 | Binarly REsearch [alex@binarly.io] Binarly |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-47959
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Visual Studio Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.1/TemporalScore:6.2
Executive Summary: Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an authorized attacker to execute code over a network. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires that the target system be set up in a specific manner and the attacker to have knowledge of that setup. According to the CVSS metric, user interaction is required (UI:R) and privileges required is Low (PR:L). What does that mean for this vulnerability? An authorized attacker with standard user privileges could place a malicious file in an online directory or in a local network location and then wait for the user to run the file. According to the CVSS metric, the attack vector is network (AV:N) and the user interaction is required (UI:R). What is the target context of the remote code execution? This attack requires a specially crafted file to be placed either in an online directory or in a local network location. When a victim runs this file, it loads the malicious DLL. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-47959 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Visual Studio 2022 version 17.10 | Release Notes (Security Update) | Important | Remote Code Execution | Base: 7.1 Temporal: 6.2 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
17.10.16 |
Maybe | None | |
| Microsoft Visual Studio 2022 version 17.12 | Release Notes (Security Update) | Important | Remote Code Execution | Base: 7.1 Temporal: 6.2 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
17.12.9 |
Maybe | None | |
| Microsoft Visual Studio 2022 version 17.14 | Release Notes (Security Update) | Important | Remote Code Execution | Base: 7.1 Temporal: 6.2 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
17.14.5 |
Maybe | None | |
| Microsoft Visual Studio 2022 version 17.8 | Release Notes (Security Update) | Important | Remote Code Execution | Base: 7.1 Temporal: 6.2 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
17.8.22 |
Maybe | None | |
| CVE ID | Acknowledgements |
| CVE-2025-47959 | Nitesh Surana (@_niteshsurana) & Nelson William Gamazo Sanchez of Trend Micro Research with Trend Zero Day Initiative |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-47968
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Improper input validation in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain ROOT privileges. Is the Preview Pane an attack vector for this vulnerability? No, the Preview Pane is not an attack vector. How could an attacker exploit this vulnerability? A user can download an installer and before the user runs the installer, the attacker could replace it with a malicious installer. When the victim runs the malicious installer the attacker could elevate their privileges. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-47968 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft AutoUpdate for Mac | MAU (Security Update) | Important | Elevation of Privilege | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
4.79 |
Maybe | None | |
| CVE ID | Acknowledgements |
| CVE-2025-47968 | Anonymous |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2025-47977
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Nuance Digital Engagement Platform Spoofing Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.6/TemporalScore:6.6
Executive Summary: Improper neutralization of input during web page generation ('cross-site scripting') in Nuance Digital Engagement Platform allows an authorized attacker to perform spoofing over a network. FAQ: According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L)? What does that mean for this vulnerability? Information in the victim's browser associated with the vulnerable URL can be read by the malicious JavaScript code and sent to the attacker. What actions do I need to take to be protected from this vulnerability? Affected customers need to enable the Block XSS field in the configurations setting for their program to prevent JavaScript injection. All affected customers have been notified by the Nuance team to make this update. According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability? The vulnerability is in the web server, but the malicious scripts execute in the victim’s browser on their machine. According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? Exploitation of the vulnerability requires that a user open a specially crafted file.
An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file. According to the CVSS metric, privileges required is high (PR:H). What privileges are required to exploit this vulnerability? To exploit this vulnerability, the attacker needs to have special privileges within the attacking environment beyond those of a low privilege user, but not full admin privileges. Mitigations: None Workarounds: None Revision: 1.0 10-Jun-25 Information published. |
Important | Spoofing | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-47977 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Nuance Digital Engagement Platform | Release Notes (Security Update) | Important | Spoofing | Base: 7.6 Temporal: 6.6 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:U/RL:O/RC:C |
5.64.x |
Maybe | None | |
| CVE ID | Acknowledgements |
| CVE-2025-47977 |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-40549
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0 11-Sep-24 Information published. 1.1 07-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 1.2 08-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 1.3 09-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 1.4 10-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 1.5 11-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 1.6 12-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 1.7 13-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 1.8 14-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 1.9 15-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 2.0 16-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 2.1 17-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 2.2 18-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 2.3 19-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 2.4 20-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 2.5 21-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 2.6 22-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 2.7 23-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 2.8 24-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 2.9 25-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 3.0 26-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 3.1 27-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 3.2 28-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 3.3 29-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 3.4 30-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 3.5 31-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 3.6 01-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 3.7 02-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 3.8 03-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 3.9 04-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 4.0 05-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 4.1 06-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 4.2 07-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 4.3 08-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 4.4 09-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 4.5 10-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 4.6 11-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 4.7 12-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 4.8 13-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 4.9 15-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 5.0 16-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 5.1 17-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 5.2 18-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 5.3 19-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 5.4 20-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 5.5 21-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 5.6 22-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 5.7 23-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 5.8 24-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 5.9 25-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 6.0 27-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 6.1 28-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 6.2 29-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 6.3 30-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 6.4 01-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 6.5 02-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 6.6 03-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 6.7 04-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 6.8 05-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 6.9 07-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 7.0 08-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 7.1 09-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 7.2 10-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 7.3 11-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 7.4 12-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 7.5 13-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 7.6 14-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 7.7 15-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 7.8 16-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 7.9 17-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 8.0 18-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 8.1 19-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 8.2 20-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 8.3 21-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 8.4 22-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 8.5 23-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 8.6 24-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 8.7 25-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 8.8 26-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 8.9 27-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 9.0 28-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 9.1 01-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 9.2 02-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 9.3 03-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 9.4 04-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 9.5 05-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 9.6 06-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 9.7 08-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 9.8 09-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 9.9 10-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 10.0 11-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 10.1 12-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 10.2 14-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 10.3 15-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 10.4 16-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 10.5 17-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 10.6 18-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 10.7 19-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 10.8 20-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 10.9 21-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 11.0 22-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 11.1 23-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 11.2 24-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 11.3 25-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 11.4 26-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 11.5 27-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 11.6 28-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 11.7 29-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 11.8 30-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 11.9 31-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 12.0 01-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 12.1 03-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 12.2 04-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 12.3 05-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 12.4 06-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 12.5 07-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 12.6 08-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 12.7 09-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 12.8 11-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 12.9 12-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 13.0 13-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 13.1 14-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 13.2 15-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 13.3 16-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 13.4 17-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 13.5 18-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 13.6 19-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 13.7 20-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 13.8 21-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 13.9 22-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 14.0 23-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 14.1 24-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 14.2 25-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 14.3 26-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 14.4 28-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 14.5 29-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 14.6 30-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 14.7 01-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 14.8 02-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 14.9 03-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 15.0 04-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 15.1 05-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 15.2 06-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 15.3 07-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 15.4 08-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 15.5 09-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 15.6 10-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 15.7 11-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 15.8 12-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 15.9 13-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 16.0 14-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 16.1 15-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 16.2 16-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 16.3 17-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 16.4 18-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 16.5 19-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 16.6 20-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 16.7 21-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 16.8 22-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 16.9 23-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 17.0 24-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 17.1 25-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 17.2 26-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 17.3 27-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 18.0 28-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 19.0 30-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 20.0 31-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 21.0 01-Jun-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 22.0 02-Jun-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-40549 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | shim (CBL-Mariner) shim-unsigned-aarch64 (CBL-Mariner) |
Unknown | Unknown | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
15.8-5 |
None | ||
| Azure Linux 3.0 x64 | shim (CBL-Mariner) shim-unsigned-aarch64 (CBL-Mariner) |
Unknown | Unknown | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
15.8-5 |
None | ||
| CBL Mariner 2.0 ARM | shim (CBL-Mariner) shim-unsigned-x64 (CBL-Mariner) |
Unknown | Unknown | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
15.8-1 |
None | ||
| CBL Mariner 2.0 x64 | shim (CBL-Mariner) shim-unsigned-x64 (CBL-Mariner) |
Unknown | Unknown | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
15.8-1 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-40549 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-40546
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0 11-Sep-24 Information published. 1.1 07-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 1.2 08-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 1.3 09-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 1.4 10-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 1.5 11-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 1.6 12-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 1.7 13-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 1.8 14-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 1.9 15-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 2.0 16-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 2.1 17-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 2.2 18-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 2.3 19-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 2.4 20-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 2.5 21-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 2.6 22-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 2.7 23-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 2.8 24-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 2.9 25-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 3.0 26-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 3.1 27-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 3.2 28-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 3.3 29-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 3.4 30-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 3.5 31-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 3.6 01-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 3.7 02-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 3.8 03-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 3.9 04-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 4.0 05-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 4.1 06-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 4.2 07-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 4.3 08-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 4.4 09-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 4.5 10-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 4.6 11-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 4.7 12-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 4.8 13-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 4.9 15-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 5.0 16-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 5.1 17-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 5.2 18-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 5.3 19-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 5.4 20-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 5.5 21-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 5.6 22-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 5.7 23-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 5.8 24-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 5.9 25-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 6.0 27-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 6.1 28-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 6.2 29-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 6.3 30-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 6.4 01-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 6.5 02-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 6.6 03-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 6.7 04-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 6.8 05-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 6.9 07-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 7.0 08-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 7.1 09-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 7.2 10-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 7.3 11-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 7.4 12-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 7.5 13-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 7.6 14-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 7.7 15-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 7.8 16-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 7.9 17-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 8.0 18-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 8.1 19-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 8.2 20-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 8.3 21-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 8.4 22-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 8.5 23-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 8.6 24-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 8.7 25-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 8.8 26-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 8.9 27-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 9.0 28-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 9.1 01-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 9.2 02-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 9.3 03-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 9.4 04-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 9.5 05-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 9.6 06-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 9.7 08-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 9.8 09-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 9.9 10-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 10.0 11-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 10.1 12-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 10.2 14-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 10.3 15-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 10.4 16-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 10.5 17-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 10.6 18-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 10.7 19-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 10.8 20-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 10.9 21-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 11.0 22-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 11.1 23-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 11.2 24-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 11.3 25-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 11.4 26-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 11.5 27-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 11.6 28-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 11.7 29-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 11.8 30-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 11.9 31-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 12.0 01-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 12.1 03-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 12.2 04-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 12.3 05-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 12.4 06-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 12.5 07-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 12.6 08-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 12.7 09-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 12.8 11-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 12.9 12-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 13.0 13-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 13.1 14-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 13.2 15-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 13.3 16-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 13.4 17-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 13.5 18-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 13.6 19-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 13.7 20-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 13.8 21-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 13.9 22-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 14.0 23-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 14.1 24-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 14.2 25-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 14.3 26-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 14.4 28-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 14.5 29-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 14.6 30-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 14.7 01-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 14.8 02-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 14.9 03-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 15.0 04-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 15.1 05-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 15.2 06-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 15.3 07-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 15.4 08-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 15.5 09-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 15.6 10-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 15.7 11-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 15.8 12-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 15.9 13-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 16.0 14-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 16.1 15-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 16.2 16-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 16.3 17-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 16.4 18-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 16.5 19-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 16.6 20-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 16.7 21-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 16.8 22-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 16.9 23-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 17.0 24-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 17.1 25-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 17.2 26-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 17.3 27-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 18.0 28-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 19.0 30-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 20.0 31-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 21.0 01-Jun-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 22.0 02-Jun-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-40546 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | shim (CBL-Mariner) shim-unsigned-aarch64 (CBL-Mariner) |
Unknown | Unknown | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
15.8-5 |
None | ||
| Azure Linux 3.0 x64 | shim (CBL-Mariner) shim-unsigned-aarch64 (CBL-Mariner) |
Unknown | Unknown | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
15.8-5 |
None | ||
| CBL Mariner 2.0 ARM | shim (CBL-Mariner) shim-unsigned-x64 (CBL-Mariner) |
Unknown | Unknown | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
15.8-1 |
None | ||
| CBL Mariner 2.0 x64 | shim (CBL-Mariner) shim-unsigned-x64 (CBL-Mariner) |
Unknown | Unknown | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
15.8-1 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-40546 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-40550
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0 11-Sep-24 Information published. 1.1 07-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 1.2 08-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 1.3 09-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 1.4 10-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 1.5 11-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 1.6 12-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 1.7 13-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 1.8 14-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 1.9 15-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 2.0 16-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 2.1 17-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 2.2 18-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 2.3 19-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 2.4 20-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 2.5 21-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 2.6 22-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 2.7 23-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 2.8 24-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 2.9 25-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 3.0 26-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 3.1 27-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 3.2 28-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 3.3 29-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 3.4 30-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 3.5 31-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 3.6 01-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 3.7 02-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 3.8 03-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 3.9 04-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 4.0 05-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 4.1 06-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 4.2 07-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 4.3 08-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 4.4 09-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 4.5 10-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 4.6 11-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 4.7 12-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 4.8 13-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 4.9 15-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 5.0 16-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 5.1 17-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 5.2 18-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 5.3 19-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 5.4 20-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 5.5 21-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 5.6 22-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 5.7 23-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 5.8 24-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 5.9 25-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 6.0 27-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 6.1 28-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 6.2 29-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 6.3 30-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 6.4 01-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 6.5 02-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 6.6 03-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 6.7 04-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 6.8 05-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 6.9 07-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 7.0 08-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 7.1 09-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 7.2 10-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 7.3 11-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 7.4 12-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 7.5 13-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 7.6 14-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 7.7 15-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 7.8 16-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 7.9 17-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 8.0 18-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 8.1 19-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 8.2 20-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 8.3 21-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 8.4 22-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 8.5 23-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 8.6 24-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 8.7 25-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 8.8 26-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 8.9 27-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 9.0 28-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 9.1 01-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 9.2 02-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 9.3 03-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 9.4 04-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 9.5 05-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 9.6 06-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 9.7 08-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 9.8 09-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 9.9 10-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 10.0 11-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 10.1 12-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 10.2 14-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 10.3 15-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 10.4 16-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 10.5 17-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 10.6 18-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 10.7 19-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 10.8 20-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 10.9 21-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 11.0 22-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 11.1 23-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 11.2 24-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 11.3 25-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 11.4 26-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 11.5 27-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 11.6 28-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 11.7 29-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 11.8 30-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 11.9 31-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 12.0 01-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 12.1 03-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 12.2 04-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 12.3 05-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 12.4 06-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 12.5 07-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 12.6 08-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 12.7 09-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 12.8 11-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 12.9 12-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 13.0 13-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 13.1 14-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 13.2 15-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 13.3 16-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 13.4 17-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 13.5 18-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 13.6 19-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 13.7 20-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 13.8 21-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 13.9 22-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 14.0 23-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 14.1 24-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 14.2 25-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 14.3 26-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 14.4 28-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 14.5 29-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 14.6 30-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 14.7 01-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 14.8 02-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 14.9 03-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 15.0 04-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 15.1 05-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 15.2 06-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 15.3 07-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 15.4 08-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 15.5 09-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 15.6 10-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 15.7 11-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 15.8 12-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 15.9 13-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 16.0 14-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 16.1 15-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 16.2 16-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 16.3 17-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 16.4 18-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 16.5 19-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 16.6 20-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 16.7 21-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 16.8 22-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 16.9 23-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 17.0 24-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 17.1 25-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 17.2 26-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 17.3 27-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 18.0 28-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 19.0 30-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 20.0 31-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 21.0 01-Jun-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 22.0 02-Jun-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-40550 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | shim (CBL-Mariner) shim-unsigned-aarch64 (CBL-Mariner) |
Unknown | Unknown | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
15.8-5 |
None | ||
| Azure Linux 3.0 x64 | shim (CBL-Mariner) shim-unsigned-aarch64 (CBL-Mariner) |
Unknown | Unknown | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
15.8-5 |
None | ||
| CBL Mariner 2.0 ARM | shim (CBL-Mariner) shim-unsigned-x64 (CBL-Mariner) |
Unknown | Unknown | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
15.8-1 |
None | ||
| CBL Mariner 2.0 x64 | shim (CBL-Mariner) shim-unsigned-x64 (CBL-Mariner) |
Unknown | Unknown | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
15.8-1 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-40550 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2025-22872
MITRE NVD Issuing CNA: security@golang.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.5/TemporalScore:6.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0 29-Apr-25 Information published. 2.0 05-May-25 Information published. 3.0 27-May-25 Information published. 4.0 06-Jun-25 Added packer to CBL-Mariner 2.0 Added cni-plugins to CBL-Mariner 2.0 Added kubevirt to CBL-Mariner 2.0 Added sriov-network-device-plugin to CBL-Mariner 2.0 Added cni-plugins to Azure Linux 3.0 Added helm to Azure Linux 3.0 Added ig to Azure Linux 3.0 Added influxdb to Azure Linux 3.0 Added kubernetes to Azure Linux 3.0 Added kubevirt to Azure Linux 3.0 Added multus to Azure Linux 3.0 Added telegraf to Azure Linux 3.0 Added cf-cli to Azure Linux 3.0 Added containerized-data-importer to Azure Linux 3.0 Added docker-compose to Azure Linux 3.0 Added gh to Azure Linux 3.0 Added kube-vip-cloud-provider to Azure Linux 3.0 Added packer to Azure Linux 3.0 Added prometheus-adapter to Azure Linux 3.0 Added sriov-network-device-plugin to Azure Linux 3.0 Added keda to Azure Linux 3.0 |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2025-22872 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | cf-cli (CBL-Mariner) cni-plugins (CBL-Mariner) containerized-data-importer (CBL-Mariner) docker-compose (CBL-Mariner) |
Unknown | Unknown | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L |
8.7.11-3 1.4.0-3 1.57.0-14 2.27.0-5 |
None | ||
| Azure Linux 3.0 x64 | cf-cli (CBL-Mariner) cni-plugins (CBL-Mariner) containerized-data-importer (CBL-Mariner) docker-compose (CBL-Mariner) |
Unknown | Unknown | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L |
8.7.11-3 1.4.0-3 1.57.0-14 2.27.0-5 |
None | ||
| CBL Mariner 2.0 ARM | cni-plugins (CBL-Mariner) kubevirt (CBL-Mariner) packer (CBL-Mariner) sriov-network-device-plugin (CBL-Mariner) |
Unknown | Unknown | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L |
1.3.0-8 0.59.0-28 1.9.5-13 3.6.2-9 |
None | ||
| CBL Mariner 2.0 x64 | cni-plugins (CBL-Mariner) kubevirt (CBL-Mariner) packer (CBL-Mariner) sriov-network-device-plugin (CBL-Mariner) |
Unknown | Unknown | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L |
1.3.0-8 0.59.0-28 1.9.5-13 3.6.2-9 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2025-22872 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2025-1744
MITRE NVD Issuing CNA: cve_disclosure@tech.gov.sg |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0 10-Mar-25 Information published. 2.0 12-Mar-25 Information published. 3.0 18-Mar-25 Information published. 4.0 19-Mar-25 Information published. 5.0 20-Mar-25 Information published. 6.0 21-Mar-25 Information published. 7.0 22-Mar-25 Information published. 8.0 23-Mar-25 Information published. 9.0 24-Mar-25 Information published. 1.0 25-Mar-25 Information published. 1.1 26-Mar-25 Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 1.2 27-Mar-25 Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 1.3 28-Mar-25 Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 1.4 29-Mar-25 Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 1.5 30-Mar-25 Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 1.6 31-Mar-25 Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 1.7 01-Apr-25 Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 1.8 03-Apr-25 Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 1.9 04-Apr-25 Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 2.0 05-Apr-25 Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 2.1 06-Apr-25 Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 2.2 07-Apr-25 Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 2.3 08-Apr-25 Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 2.4 09-Apr-25 Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 2.5 11-Apr-25 Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 2.6 12-Apr-25 Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 2.7 13-Apr-25 Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 2.8 14-Apr-25 Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 2.9 15-Apr-25 Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 3.0 16-Apr-25 Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 3.1 17-Apr-25 Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 3.2 18-Apr-25 Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 3.3 19-Apr-25 Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 3.4 20-Apr-25 Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 3.5 21-Apr-25 Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 3.6 22-Apr-25 Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 3.7 23-Apr-25 Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 3.8 24-Apr-25 Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 3.9 25-Apr-25 Added binutils to Azure Linux 3.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 4.0 26-Apr-25 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 Added binutils to Azure Linux 3.0 4.1 28-Apr-25 Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 4.2 29-Apr-25 Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 4.3 30-Apr-25 Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 4.4 01-May-25 Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 4.5 02-May-25 Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 4.6 03-May-25 Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 4.7 04-May-25 Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 4.8 05-May-25 Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 4.9 06-May-25 Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 5.0 07-May-25 Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 5.1 08-May-25 Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 5.2 09-May-25 Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 5.3 10-May-25 Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 5.4 11-May-25 Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 5.5 12-May-25 Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 5.6 13-May-25 Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 5.7 14-May-25 Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 5.8 15-May-25 Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 5.9 16-May-25 Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 6.0 17-May-25 Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 6.1 18-May-25 Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 6.2 19-May-25 Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 6.3 20-May-25 Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 6.4 21-May-25 Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 6.5 22-May-25 Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 6.6 23-May-25 Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 6.7 24-May-25 Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 6.8 25-May-25 Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 6.9 26-May-25 Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 7.0 27-May-25 Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 10.0 28-May-25 Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 11.0 30-May-25 Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 12.0 31-May-25 Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 13.0 01-Jun-25 Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 14.0 02-Jun-25 Added binutils to Azure Linux 3.0 Added crash to CBL-Mariner 2.0 Added binutils to CBL-Mariner 2.0 Added ceph to CBL-Mariner 2.0 Added cloud-hypervisor to CBL-Mariner 2.0 |
Unknown | Unknown |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2025-1744 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | binutils (CBL-Mariner) | Unknown | Unknown | Base: N/A Temporal: N/A Vector: N/A |
2.41-5 |
Unknown | None | |
| Azure Linux 3.0 x64 | binutils (CBL-Mariner) | Unknown | Unknown | Base: N/A Temporal: N/A Vector: N/A |
2.41-5 |
Unknown | None | |
| CBL Mariner 2.0 ARM | binutils (CBL-Mariner) ceph (CBL-Mariner) cloud-hypervisor (CBL-Mariner) crash (CBL-Mariner) |
Unknown | Unknown | Base: N/A Temporal: N/A Vector: N/A |
2.37-14 16.2.10-7 32.0-5 8.0.1-4 |
None | ||
| CBL Mariner 2.0 x64 | binutils (CBL-Mariner) ceph (CBL-Mariner) cloud-hypervisor (CBL-Mariner) crash (CBL-Mariner) |
Unknown | Unknown | Base: N/A Temporal: N/A Vector: N/A |
2.37-14 16.2.10-7 32.0-5 8.0.1-4 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2025-1744 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2019-14584
MITRE NVD Issuing CNA: secure@intel.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0 07-Dec-24 Information published. 1.1 08-Dec-24 Added shim-unsigned-aarch64 to Azure Linux 3.0 1.2 09-Dec-24 Added shim-unsigned-aarch64 to Azure Linux 3.0 1.3 10-Dec-24 Added shim-unsigned-aarch64 to Azure Linux 3.0 1.4 11-Dec-24 Added shim-unsigned-aarch64 to Azure Linux 3.0 1.5 12-Dec-24 Added shim-unsigned-aarch64 to Azure Linux 3.0 1.6 13-Dec-24 Added shim-unsigned-aarch64 to Azure Linux 3.0 1.7 14-Dec-24 Added shim-unsigned-aarch64 to Azure Linux 3.0 1.8 15-Dec-24 Added shim-unsigned-aarch64 to Azure Linux 3.0 1.9 16-Dec-24 Added shim-unsigned-aarch64 to Azure Linux 3.0 2.0 17-Dec-24 Added shim-unsigned-aarch64 to Azure Linux 3.0 2.1 18-Dec-24 Added shim-unsigned-aarch64 to Azure Linux 3.0 2.2 19-Dec-24 Added shim-unsigned-aarch64 to Azure Linux 3.0 2.3 20-Dec-24 Added shim-unsigned-aarch64 to Azure Linux 3.0 2.4 21-Dec-24 Added shim-unsigned-aarch64 to Azure Linux 3.0 2.5 22-Dec-24 Added shim-unsigned-aarch64 to Azure Linux 3.0 2.6 23-Dec-24 Added shim-unsigned-aarch64 to Azure Linux 3.0 2.7 24-Dec-24 Added shim-unsigned-aarch64 to Azure Linux 3.0 2.8 25-Dec-24 Added shim-unsigned-aarch64 to Azure Linux 3.0 2.9 26-Dec-24 Added shim-unsigned-aarch64 to Azure Linux 3.0 3.0 27-Dec-24 Added shim-unsigned-aarch64 to Azure Linux 3.0 3.1 28-Dec-24 Added shim-unsigned-aarch64 to Azure Linux 3.0 3.2 29-Dec-24 Added shim-unsigned-aarch64 to Azure Linux 3.0 3.3 30-Dec-24 Added shim-unsigned-aarch64 to Azure Linux 3.0 3.4 31-Dec-24 Added shim-unsigned-aarch64 to Azure Linux 3.0 3.5 01-Jan-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 3.6 02-Jan-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 3.7 03-Jan-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 3.8 04-Jan-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 3.9 05-Jan-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 4.0 06-Jan-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 4.1 07-Jan-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 4.2 08-Jan-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 4.3 09-Jan-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 4.4 10-Jan-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 4.5 11-Jan-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 4.6 12-Jan-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 4.7 13-Jan-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 4.8 15-Jan-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 4.9 16-Jan-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 5.0 17-Jan-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 5.1 18-Jan-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 5.2 19-Jan-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 5.3 20-Jan-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 5.4 21-Jan-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 5.5 22-Jan-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 5.6 23-Jan-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 5.7 24-Jan-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 5.8 25-Jan-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 5.9 27-Jan-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 6.0 28-Jan-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 6.1 29-Jan-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 6.2 30-Jan-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 6.3 01-Feb-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 6.4 02-Feb-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 6.5 03-Feb-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 6.6 04-Feb-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 6.7 05-Feb-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 6.8 07-Feb-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 6.9 08-Feb-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 7.0 09-Feb-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 7.1 10-Feb-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 7.2 11-Feb-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 7.3 12-Feb-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 7.4 13-Feb-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 7.5 14-Feb-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 7.6 15-Feb-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 7.7 16-Feb-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 7.8 17-Feb-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 7.9 18-Feb-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 8.0 19-Feb-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 8.1 20-Feb-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 8.2 21-Feb-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 8.3 22-Feb-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 8.4 23-Feb-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 8.5 24-Feb-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 8.6 25-Feb-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 8.7 26-Feb-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 8.8 27-Feb-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 8.9 28-Feb-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 9.0 01-Mar-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 9.1 02-Mar-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 9.2 03-Mar-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 9.3 04-Mar-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 9.4 05-Mar-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 9.5 06-Mar-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 9.6 08-Mar-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 9.7 09-Mar-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 9.8 10-Mar-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 9.9 11-Mar-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 10.0 12-Mar-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 10.1 14-Mar-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 10.2 15-Mar-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 10.3 16-Mar-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 10.4 17-Mar-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 10.5 18-Mar-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 10.6 19-Mar-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 10.7 20-Mar-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 10.8 21-Mar-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 10.9 22-Mar-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 11.0 23-Mar-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 11.1 24-Mar-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 11.2 25-Mar-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 11.3 26-Mar-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 11.4 27-Mar-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 11.5 28-Mar-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 11.6 29-Mar-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 11.7 30-Mar-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 11.8 31-Mar-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 11.9 01-Apr-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 12.0 03-Apr-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 12.1 04-Apr-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 12.2 05-Apr-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 12.3 06-Apr-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 12.4 07-Apr-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 12.5 08-Apr-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 12.6 09-Apr-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 12.7 11-Apr-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 12.8 12-Apr-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 12.9 13-Apr-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 13.0 14-Apr-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 13.1 15-Apr-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 13.2 16-Apr-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 13.3 17-Apr-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 13.4 18-Apr-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 13.5 19-Apr-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 13.6 20-Apr-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 13.7 21-Apr-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 13.8 22-Apr-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 13.9 23-Apr-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 14.0 24-Apr-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 14.1 25-Apr-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 14.2 26-Apr-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 14.3 28-Apr-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 14.4 29-Apr-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 14.5 30-Apr-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 14.6 01-May-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 14.7 02-May-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 14.8 03-May-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 14.9 04-May-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 15.0 05-May-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 15.1 06-May-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 15.2 07-May-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 15.3 08-May-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 15.4 09-May-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 15.5 10-May-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 15.6 11-May-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 15.7 12-May-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 15.8 13-May-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 15.9 14-May-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 16.0 15-May-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 16.1 16-May-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 16.2 17-May-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 16.3 18-May-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 16.4 19-May-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 16.5 20-May-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 16.6 21-May-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 16.7 22-May-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 16.8 23-May-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 16.9 24-May-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 17.0 25-May-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 17.1 26-May-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 17.2 27-May-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 18.0 28-May-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 19.0 30-May-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 20.0 31-May-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 21.0 01-Jun-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 22.0 02-Jun-25 Added shim-unsigned-aarch64 to Azure Linux 3.0 |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2019-14584 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | shim-unsigned-aarch64 (CBL-Mariner) | Unknown | Unknown | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
15.8-5 |
Unknown | None | |
| Azure Linux 3.0 x64 | shim-unsigned-aarch64 (CBL-Mariner) | Unknown | Unknown | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
15.8-5 |
Unknown | None | |
| CVE ID | Acknowledgements |
| CVE-2019-14584 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-40548
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.4/TemporalScore:7.4
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0 11-Sep-24 Information published. 1.1 07-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 1.2 08-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 1.3 09-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 1.4 10-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 1.5 11-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 1.6 12-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 1.7 13-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 1.8 14-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 1.9 15-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 2.0 16-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 2.1 17-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 2.2 18-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 2.3 19-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 2.4 20-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 2.5 21-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 2.6 22-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 2.7 23-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 2.8 24-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 2.9 25-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 3.0 26-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 3.1 27-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 3.2 28-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 3.3 29-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 3.4 30-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 3.5 31-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 3.6 01-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 3.7 02-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 3.8 03-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 3.9 04-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 4.0 05-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 4.1 06-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 4.2 07-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 4.3 08-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 4.4 09-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 4.5 10-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 4.6 11-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 4.7 12-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 4.8 13-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 4.9 15-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 5.0 16-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 5.1 17-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 5.2 18-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 5.3 19-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 5.4 20-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 5.5 21-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 5.6 22-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 5.7 23-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 5.8 24-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 5.9 25-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 6.0 27-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 6.1 28-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 6.2 29-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 6.3 30-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 6.4 01-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 6.5 02-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 6.6 03-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 6.7 04-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 6.8 05-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 6.9 07-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 7.0 08-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 7.1 09-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 7.2 10-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 7.3 11-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 7.4 12-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 7.5 13-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 7.6 14-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 7.7 15-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 7.8 16-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 7.9 17-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 8.0 18-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 8.1 19-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 8.2 20-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 8.3 21-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 8.4 22-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 8.5 23-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 8.6 24-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 8.7 25-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 8.8 26-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 8.9 27-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 9.0 28-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 9.1 01-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 9.2 02-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 9.3 03-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 9.4 04-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 9.5 05-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 9.6 06-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 9.7 08-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 9.8 09-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 9.9 10-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 10.0 11-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 10.1 12-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 10.2 14-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 10.3 15-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 10.4 16-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 10.5 17-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 10.6 18-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 10.7 19-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 10.8 20-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 10.9 21-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 11.0 22-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 11.1 23-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 11.2 24-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 11.3 25-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 11.4 26-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 11.5 27-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 11.6 28-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 11.7 29-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 11.8 30-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 11.9 31-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 12.0 01-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 12.1 03-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 12.2 04-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 12.3 05-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 12.4 06-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 12.5 07-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 12.6 08-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 12.7 09-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 12.8 11-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 12.9 12-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 13.0 13-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 13.1 14-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 13.2 15-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 13.3 16-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 13.4 17-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 13.5 18-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 13.6 19-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 13.7 20-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 13.8 21-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 13.9 22-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 14.0 23-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 14.1 24-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 14.2 25-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 14.3 26-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 14.4 28-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 14.5 29-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 14.6 30-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 14.7 01-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 14.8 02-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 14.9 03-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 15.0 04-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 15.1 05-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 15.2 06-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 15.3 07-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 15.4 08-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 15.5 09-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 15.6 10-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 15.7 11-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 15.8 12-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 15.9 13-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 16.0 14-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 16.1 15-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 16.2 16-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 16.3 17-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 16.4 18-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 16.5 19-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 16.6 20-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 16.7 21-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 16.8 22-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 16.9 23-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 17.0 24-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 17.1 25-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 17.2 26-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 17.3 27-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 18.0 28-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 19.0 30-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 20.0 31-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 21.0 01-Jun-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 22.0 02-Jun-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 Added shim-unsigned-x64 to CBL-Mariner 2.0 |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-40548 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | shim (CBL-Mariner) shim-unsigned-aarch64 (CBL-Mariner) |
Unknown | Unknown | Base: 7.4 Temporal: 7.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
15.8-5 |
None | ||
| Azure Linux 3.0 x64 | shim (CBL-Mariner) shim-unsigned-aarch64 (CBL-Mariner) |
Unknown | Unknown | Base: 7.4 Temporal: 7.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
15.8-5 |
None | ||
| CBL Mariner 2.0 ARM | shim (CBL-Mariner) shim-unsigned-x64 (CBL-Mariner) |
Unknown | Unknown | Base: 7.4 Temporal: 7.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
15.8-1 |
None | ||
| CBL Mariner 2.0 x64 | shim (CBL-Mariner) shim-unsigned-x64 (CBL-Mariner) |
Unknown | Unknown | Base: 7.4 Temporal: 7.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
15.8-1 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-40548 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-28737
MITRE NVD Issuing CNA: security@ubuntu.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0 11-Sep-24 Information published. 1.1 07-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 1.2 08-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 1.3 09-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 1.4 10-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 1.5 11-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 1.6 12-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 1.7 13-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 1.8 14-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 1.9 15-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 2.0 16-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 2.1 17-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 2.2 18-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 2.3 19-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 2.4 20-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 2.5 21-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 2.6 22-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 2.7 23-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 2.8 24-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 2.9 25-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 3.0 26-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 3.1 27-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 3.2 28-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 3.3 29-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 3.4 30-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 3.5 31-Dec-24 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 3.6 01-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 3.7 02-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 3.8 03-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 3.9 04-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 4.0 05-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 4.1 06-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 4.2 07-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 4.3 08-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 4.4 09-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 4.5 10-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 4.6 11-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 4.7 12-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 4.8 13-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 4.9 15-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 5.0 16-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 5.1 17-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 5.2 18-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 5.3 19-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 5.4 20-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 5.5 21-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 5.6 22-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 5.7 23-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 5.8 24-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 5.9 25-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 6.0 27-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 6.1 28-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 6.2 29-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 6.3 30-Jan-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 6.4 01-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 6.5 02-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 6.6 03-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 6.7 04-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 6.8 05-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 6.9 07-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 7.0 08-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 7.1 09-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 7.2 10-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 7.3 11-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 7.4 12-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 7.5 13-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 7.6 14-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 7.7 15-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 7.8 16-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 7.9 17-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 8.0 18-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 8.1 19-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 8.2 20-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 8.3 21-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 8.4 22-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 8.5 23-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 8.6 24-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 8.7 25-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 8.8 26-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 8.9 27-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 9.0 28-Feb-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 9.1 01-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 9.2 02-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 9.3 03-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 9.4 04-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 9.5 05-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 9.6 06-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 9.7 08-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 9.8 09-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 9.9 10-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 10.0 11-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 10.1 12-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 10.2 14-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 10.3 15-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 10.4 16-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 10.5 17-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 10.6 18-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 10.7 19-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 10.8 20-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 10.9 21-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 11.0 22-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 11.1 23-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 11.2 24-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 11.3 25-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 11.4 26-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 11.5 27-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 11.6 28-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 11.7 29-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 11.8 30-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 11.9 31-Mar-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 12.0 01-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 12.1 03-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 12.2 04-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 12.3 05-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 12.4 06-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 12.5 07-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 12.6 08-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 12.7 09-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 12.8 11-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 12.9 12-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 13.0 13-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 13.1 14-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 13.2 15-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 13.3 16-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 13.4 17-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 13.5 18-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 13.6 19-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 13.7 20-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 13.8 21-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 13.9 22-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 14.0 23-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 14.1 24-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 14.2 25-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 14.3 26-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 14.4 28-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 14.5 29-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 14.6 30-Apr-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 14.7 01-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 14.8 02-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 14.9 03-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 15.0 04-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 15.1 05-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 15.2 06-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 15.3 07-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 15.4 08-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 15.5 09-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 15.6 10-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 15.7 11-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 15.8 12-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 15.9 13-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 16.0 14-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 16.1 15-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 16.2 16-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 16.3 17-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 16.4 18-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 16.5 19-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 16.6 20-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 16.7 21-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 16.8 22-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 16.9 23-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 17.0 24-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 17.1 25-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 17.2 26-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 17.3 27-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 18.0 28-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 19.0 30-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 20.0 31-May-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 21.0 01-Jun-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 22.0 02-Jun-25 Added shim to Azure Linux 3.0 Added shim-unsigned-aarch64 to Azure Linux 3.0 Added shim to CBL-Mariner 2.0 |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-28737 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | shim (CBL-Mariner) shim-unsigned-aarch64 (CBL-Mariner) |
Unknown | Unknown | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
15.8-5 |
None | ||
| Azure Linux 3.0 x64 | shim (CBL-Mariner) shim-unsigned-aarch64 (CBL-Mariner) |
Unknown | Unknown | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
15.8-5 |
None | ||
| CBL Mariner 2.0 ARM | shim (CBL-Mariner) | Unknown | Unknown | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
15.8-1 |
Unknown | None | |
| CBL Mariner 2.0 x64 | shim (CBL-Mariner) | Unknown | Unknown | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
15.8-1 |
Unknown | None | |
| CVE ID | Acknowledgements |
| CVE-2022-28737 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-1393
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0 03-Apr-23 Information published. 1.1 30-Jun-24 Information published. 1.2 11-Sep-24 Information published. 1.3 12-Sep-24 Information published. 1.4 13-Sep-24 Information published. 1.5 14-Sep-24 Information published. 1.6 15-Sep-24 Information published. 1.7 16-Sep-24 Information published. 1.8 17-Sep-24 Information published. 1.9 18-Sep-24 Information published. 2.0 19-Sep-24 Information published. 2.1 20-Sep-24 Information published. 2.2 21-Sep-24 Information published. 2.3 22-Sep-24 Information published. 2.4 23-Sep-24 Information published. 2.5 24-Sep-24 Information published. 2.6 25-Sep-24 Information published. 2.7 26-Sep-24 Information published. 2.8 27-Sep-24 Information published. 2.9 28-Sep-24 Information published. 3.0 29-Sep-24 Information published. 3.1 30-Sep-24 Information published. 3.2 01-Oct-24 Information published. 3.3 02-Oct-24 Information published. 3.4 03-Oct-24 Information published. 3.5 04-Oct-24 Information published. 3.6 05-Oct-24 Information published. 3.7 06-Oct-24 Information published. 3.8 07-Oct-24 Information published. 3.9 09-Oct-24 Information published. 4.0 10-Oct-24 Information published. 4.1 11-Oct-24 Information published. 4.2 12-Oct-24 Information published. 4.3 13-Oct-24 Information published. 4.4 14-Oct-24 Information published. 4.5 15-Oct-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 4.6 16-Oct-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 4.7 17-Oct-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 4.8 18-Oct-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 4.9 19-Oct-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 5.0 20-Oct-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 5.1 21-Oct-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 5.2 22-Oct-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 5.3 23-Oct-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 5.4 24-Oct-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 5.5 25-Oct-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 5.6 26-Oct-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 5.7 27-Oct-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 5.8 28-Oct-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 5.9 29-Oct-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 6.0 30-Oct-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 6.1 31-Oct-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 6.2 01-Nov-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 6.3 02-Nov-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 6.4 04-Nov-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 6.5 05-Nov-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 6.6 06-Nov-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 6.7 07-Nov-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 6.8 08-Nov-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 6.9 09-Nov-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 7.0 10-Nov-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 7.1 11-Nov-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 7.2 12-Nov-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 7.3 13-Nov-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 7.4 14-Nov-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 7.5 15-Nov-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 7.6 16-Nov-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 7.7 17-Nov-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 7.8 18-Nov-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 7.9 19-Nov-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 8.0 20-Nov-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 8.1 21-Nov-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 8.2 23-Nov-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 8.3 24-Nov-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 8.4 25-Nov-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 8.5 26-Nov-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 8.6 27-Nov-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 8.7 28-Nov-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 8.8 29-Nov-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 8.9 30-Nov-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 9.0 01-Dec-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 9.1 02-Dec-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 9.2 03-Dec-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 9.3 04-Dec-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 9.4 05-Dec-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 9.5 07-Dec-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 9.6 08-Dec-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 9.7 09-Dec-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 9.8 10-Dec-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 9.9 11-Dec-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 10.0 12-Dec-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 10.1 13-Dec-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 10.2 14-Dec-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 10.3 15-Dec-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 10.4 16-Dec-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 10.5 17-Dec-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 10.6 18-Dec-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 10.7 19-Dec-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 10.8 20-Dec-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 10.9 21-Dec-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 11.0 22-Dec-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 11.1 23-Dec-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 11.2 24-Dec-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 11.3 25-Dec-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 11.4 26-Dec-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 11.5 27-Dec-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 11.6 28-Dec-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 11.7 29-Dec-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 11.8 30-Dec-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 11.9 31-Dec-24 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 12.0 01-Jan-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 12.1 02-Jan-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 12.2 03-Jan-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 12.3 04-Jan-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 12.4 05-Jan-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 12.5 06-Jan-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 12.6 07-Jan-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 12.7 08-Jan-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 12.8 09-Jan-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 12.9 10-Jan-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 13.0 11-Jan-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 13.1 12-Jan-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 13.2 13-Jan-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 13.3 15-Jan-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 13.4 16-Jan-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 13.5 17-Jan-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 13.6 18-Jan-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 13.7 19-Jan-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 13.8 20-Jan-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 13.9 21-Jan-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 14.0 22-Jan-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 14.1 23-Jan-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 14.2 24-Jan-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 14.3 25-Jan-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 14.4 27-Jan-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 14.5 28-Jan-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 14.6 29-Jan-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 14.7 30-Jan-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 14.8 01-Feb-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 14.9 02-Feb-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 15.0 03-Feb-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 15.1 04-Feb-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 15.2 05-Feb-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 15.3 07-Feb-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 15.4 08-Feb-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 15.5 09-Feb-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 15.6 10-Feb-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 15.7 11-Feb-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 15.8 12-Feb-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 15.9 13-Feb-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 16.0 14-Feb-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 16.1 15-Feb-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 16.2 16-Feb-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 16.3 17-Feb-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 16.4 18-Feb-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 16.5 19-Feb-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 16.6 20-Feb-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 16.7 21-Feb-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 16.8 22-Feb-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 16.9 23-Feb-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 17.0 24-Feb-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 17.1 25-Feb-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 17.2 26-Feb-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 17.3 27-Feb-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 17.4 28-Feb-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 17.5 01-Mar-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 17.6 02-Mar-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 17.7 03-Mar-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 17.8 04-Mar-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 17.9 05-Mar-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 18.0 06-Mar-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 18.1 08-Mar-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 18.2 09-Mar-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 18.3 10-Mar-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 18.4 11-Mar-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 18.5 12-Mar-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 18.6 14-Mar-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 18.7 15-Mar-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 18.8 16-Mar-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 18.9 17-Mar-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 19.0 18-Mar-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 19.1 19-Mar-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 19.2 20-Mar-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 19.3 21-Mar-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 19.4 22-Mar-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 19.5 23-Mar-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 19.6 24-Mar-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 19.7 25-Mar-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 19.8 26-Mar-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 19.9 27-Mar-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 20.0 28-Mar-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 20.1 29-Mar-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 20.2 30-Mar-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 20.3 31-Mar-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 20.4 01-Apr-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 20.5 03-Apr-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 20.6 04-Apr-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 20.7 05-Apr-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 20.8 06-Apr-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 20.9 07-Apr-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 21.0 08-Apr-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 21.1 09-Apr-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 21.2 11-Apr-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 21.3 12-Apr-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 21.4 13-Apr-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 21.5 14-Apr-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 21.6 15-Apr-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 21.7 16-Apr-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 21.8 17-Apr-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 21.9 18-Apr-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 22.0 19-Apr-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 22.1 20-Apr-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 22.2 21-Apr-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 22.3 22-Apr-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 22.4 23-Apr-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 22.5 24-Apr-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 22.6 25-Apr-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 22.7 26-Apr-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 22.8 28-Apr-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 22.9 29-Apr-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 23.0 30-Apr-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 23.1 01-May-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 23.2 02-May-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 23.3 03-May-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 23.4 04-May-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 23.5 05-May-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 23.6 06-May-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 23.7 07-May-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 23.8 08-May-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 23.9 09-May-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 24.0 10-May-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 24.1 11-May-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 24.2 12-May-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 24.3 13-May-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 24.4 14-May-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 24.5 15-May-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 24.6 16-May-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 24.7 17-May-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 24.8 18-May-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 24.9 19-May-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 25.0 20-May-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 25.1 21-May-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 25.2 22-May-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 25.3 23-May-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 25.4 24-May-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 25.5 25-May-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 25.6 26-May-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 25.7 27-May-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 26.0 28-May-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 27.0 30-May-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 28.0 31-May-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 29.0 01-Jun-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 30.0 02-Jun-25 Added xorg-x11-server to Azure Linux 3.0 Added xorg-x11-server to CBL-Mariner 2.0 |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-1393 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | xorg-x11-server (CBL-Mariner) | Unknown | Unknown | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.20.10-6 |
Unknown | None | |
| Azure Linux 3.0 x64 | xorg-x11-server (CBL-Mariner) | Unknown | Unknown | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.20.10-6 |
Unknown | None | |
| CBL Mariner 2.0 ARM | xorg-x11-server (CBL-Mariner) | Unknown | Unknown | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.20.10-4 |
Unknown | None | |
| CBL Mariner 2.0 x64 | xorg-x11-server (CBL-Mariner) | Unknown | Unknown | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.20.10-4 |
Unknown | None | |
| CVE ID | Acknowledgements |
| CVE-2023-1393 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-6119
MITRE NVD Issuing CNA: openssl-security@openssl.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0 25-Sep-24 Information published. 1.1 12-Oct-24 Information published. 1.2 15-Oct-24 Added edk2 to Azure Linux 3.0 Added openssl to Azure Linux 3.0 Added cloud-hypervisor-cvm to Azure Linux 3.0 Added cloud-hypervisor-cvm to CBL-Mariner 2.0 1.3 28-Nov-24 Added hvloader to CBL-Mariner 2.0 Added cloud-hypervisor-cvm to CBL-Mariner 2.0 Added edk2 to Azure Linux 3.0 Added openssl to Azure Linux 3.0 Added cloud-hypervisor-cvm to Azure Linux 3.0 1.4 03-Dec-24 Added cloud-hypervisor-cvm to CBL-Mariner 2.0 Added hvloader to CBL-Mariner 2.0 Added edk2 to Azure Linux 3.0 Added openssl to Azure Linux 3.0 Added cloud-hypervisor-cvm to Azure Linux 3.0 2.0 03-Jun-25 Added cloud-hypervisor-cvm to CBL-Mariner 2.0 Added hvloader to CBL-Mariner 2.0 Added edk2 to Azure Linux 3.0 Added openssl to Azure Linux 3.0 |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-6119 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | edk2 (CBL-Mariner) openssl (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
20240524git3e722403cd16-3 3.3.2-1 |
None | ||
| Azure Linux 3.0 x64 | edk2 (CBL-Mariner) openssl (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
20240524git3e722403cd16-3 3.3.2-1 |
None | ||
| CBL Mariner 2.0 ARM | cloud-hypervisor-cvm (CBL-Mariner) hvloader (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
38.0.72.2-2 1.0.1-6 |
None | ||
| CBL Mariner 2.0 x64 | cloud-hypervisor-cvm (CBL-Mariner) hvloader (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
38.0.72.2-2 1.0.1-6 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2024-6119 | None |