Microsoft has launched its Patch Tuesday updates for Might 2025, addressing a complete of 78 vulnerabilities throughout its product ecosystem, with 5 recognized as actively exploited zero-day flaws.
The updates cowl a variety of software program, together with Home windows, Microsoft Workplace, Azure, Visible Studio, and extra, urging customers and directors to use patches instantly to mitigate potential dangers.
Out of 72 vulnerabilities, Microsoft fixes 29 Distant Code Execution, 18 Elevation of Privilege, 14 Info Disclosure, 7 Denial of Service, 2 Spoofing, and a pair of Safety Characteristic Bypass.
Vital Zero-Day Vulnerabilities Beneath Lively Exploitation
5 vulnerabilities patched this month had been confirmed to be actively exploited within the wild, posing fast threats to organizations and people. These zero-days embody:
CVE-2025-30397 (Microsoft Scripting Engine) – With a CVSS rating of seven.5, this flaw permits attackers to execute malicious code through specifically crafted internet content material. Exploitation has been detected, and Microsoft strongly recommends fast patching.
CVE-2025-30400 (Home windows DWM) – Scoring 7.8, this vulnerability within the Home windows Desktop Window Supervisor might enable attackers to realize elevated privileges, with confirmed exploitation within the wild.
CVE-2025-32701 (Home windows Widespread Log File System Driver) – Additionally rated 7.8, this flaw allows privilege escalation and has been actively exploited, posing dangers to system integrity.
CVE-2025-32706 (Home windows Widespread Log File System Driver) – One other privilege escalation vulnerability with a 7.8 CVSS rating, actively exploited and requiring pressing consideration.
CVE-2025-32709 (Home windows Ancillary Operate Driver for WinSock) – Rated 7.8, this flaw permits attackers to escalate privileges and has been confirmed as exploited.
Workplace and Home windows Vulnerabilities
Microsoft Workplace merchandise, notably Excel and SharePoint, had been closely impacted, with a number of vulnerabilities rated 7.8 or larger. For instance:
CVE-2025-29976 (Microsoft Workplace SharePoint) – A 7.8-rated flaw that would enable attackers to escalate privileges regionally.
CVE-2025-30393 (Microsoft Workplace Excel) – Considered one of a number of Excel vulnerabilities, rated 7.8, that would result in distant code execution through malicious information.
Home windows elements additionally noticed vital patches, with vulnerabilities within the Home windows Kernel, Distant Desktop Gateway Service, and Routing and Distant Entry Service (RRAS). Notably, CVE-2025-24063 (Home windows Kernel), rated 7.8, is taken into account “Exploitation Extra Probably,” highlighting the necessity for immediate updates.
Microsoft Patch Tuesday Might 2025 Vulnerability Record
CVE NumberCVE TitleImpactMax SeverityCVE-2025-29966Remote Desktop Shopper Distant Code Execution VulnerabilityRemote Code ExecutionCriticalCVE-2025-29967Remote Desktop Shopper Distant Code Execution VulnerabilityRemote Code ExecutionCriticalCVE-2025-30377Microsoft Workplace Distant Code Execution VulnerabilityRemote Code ExecutionCriticalCVE-2025-30386Microsoft Workplace Distant Code Execution VulnerabilityRemote Code ExecutionCriticalCVE-2025-29833Microsoft Digital Machine Bus (VMBus) Distant Code Execution VulnerabilityRemote Code ExecutionCriticalCVE-2025-26629Microsoft Workplace Distant Code Execution VulnerabilityRemote Code ExecutionImportantCVE-2025-26646.NET, Visible Studio, and Construct Instruments for Visible Studio Spoofing VulnerabilitySpoofingImportantCVE-2025-26684Microsoft Defender Elevation of Privilege VulnerabilityElevation of PrivilegeImportantCVE-2025-29959Windows Routing and Distant Entry Service (RRAS) Info Disclosure VulnerabilityInformation DisclosureImportantCVE-2025-29960Windows Routing and Distant Entry Service (RRAS) Info Disclosure VulnerabilityInformation DisclosureImportantCVE-2025-29964Windows Media Distant Code Execution VulnerabilityRemote Code ExecutionImportantCVE-2025-29968Active Listing Certificates Companies (AD CS) Denial of Service VulnerabilityDenial of ServiceImportantCVE-2025-29969MS-EVEN RPC Distant Code Execution VulnerabilityRemote Code ExecutionImportantCVE-2025-29970Microsoft Brokering File System Elevation of Privilege VulnerabilityElevation of PrivilegeImportantCVE-2025-29973Microsoft Azure File Sync Elevation of Privilege VulnerabilityElevation of PrivilegeImportantCVE-2025-29971Web Menace Protection (WTD.sys) Denial of Service VulnerabilityDenial of ServiceImportantCVE-2025-29975Microsoft PC Supervisor Elevation of Privilege VulnerabilityElevation of PrivilegeImportantCVE-2025-29976Microsoft SharePoint Server Elevation of Privilege VulnerabilityElevation of PrivilegeImportantCVE-2025-29977Microsoft Excel Distant Code Execution VulnerabilityRemote Code ExecutionImportantCVE-2025-29978Microsoft PowerPoint Distant Code Execution VulnerabilityRemote Code ExecutionImportantCVE-2025-29979Microsoft Excel Distant Code Execution VulnerabilityRemote Code ExecutionImportantCVE-2025-30375Microsoft Excel Distant Code Execution VulnerabilityRemote Code ExecutionImportantCVE-2025-30376Microsoft Excel Distant Code Execution VulnerabilityRemote Code ExecutionImportantCVE-2025-30378Microsoft SharePoint Server Distant Code Execution VulnerabilityRemote Code ExecutionImportantCVE-2025-30379Microsoft Excel Distant Code Execution VulnerabilityRemote Code ExecutionImportantCVE-2025-30381Microsoft Excel Distant Code Execution VulnerabilityRemote Code ExecutionImportantCVE-2025-30382Microsoft SharePoint Server Distant Code Execution VulnerabilityRemote Code ExecutionImportantCVE-2025-30383Microsoft Excel Distant Code Execution VulnerabilityRemote Code ExecutionImportantCVE-2025-30384Microsoft SharePoint Server Distant Code Execution VulnerabilityRemote Code ExecutionImportantCVE-2025-30387Document Intelligence Studio On-Prem Elevation of Privilege VulnerabilityElevation of PrivilegeImportantCVE-2025-27468Windows Kernel-Mode Driver Elevation of Privilege VulnerabilityElevation of PrivilegeImportantCVE-2025-30393Microsoft Excel Distant Code Execution VulnerabilityRemote Code ExecutionImportantCVE-2025-29826Microsoft Dataverse Elevation of Privilege VulnerabilityElevation of PrivilegeImportantCVE-2025-30394Windows Distant Desktop Gateway (RD Gateway) Denial of Service VulnerabilityDenial of ServiceImportantCVE-2025-30400Microsoft DWM Core Library Elevation of Privilege VulnerabilityElevation of PrivilegeImportantCVE-2025-32701Windows Widespread Log File System Driver Elevation of Privilege VulnerabilityElevation of PrivilegeImportantCVE-2025-32703Visual Studio Info Disclosure VulnerabilityInformation DisclosureImportantCVE-2025-32706Windows Widespread Log File System Driver Elevation of Privilege VulnerabilityElevation of PrivilegeImportantCVE-2025-21264Visual Studio Code Safety Characteristic Bypass VulnerabilitySecurity Characteristic BypassImportantCVE-2025-32709Windows Ancillary Operate Driver for WinSock Elevation of Privilege VulnerabilityElevation of PrivilegeImportantCVE-2025-26677Windows Distant Desktop Gateway (RD Gateway) Denial of Service VulnerabilityDenial of ServiceImportantCVE-2025-27488Microsoft Home windows {Hardware} Lab Equipment (HLK) Elevation of Privilege VulnerabilityElevation of PrivilegeImportantCVE-2025-26685Microsoft Defender for Identification Spoofing VulnerabilitySpoofingImportantCVE-2025-29829Windows Trusted Runtime Interface Driver Info Disclosure VulnerabilityInformation DisclosureImportantCVE-2025-29830Windows Routing and Distant Entry Service (RRAS) Info Disclosure VulnerabilityInformation DisclosureImportantCVE-2025-29831Windows Distant Desktop Companies Distant Code Execution VulnerabilityRemote Code ExecutionImportantCVE-2025-29832Windows Routing and Distant Entry Service (RRAS) Info Disclosure VulnerabilityInformation DisclosureImportantCVE-2025-29835Windows Distant Entry Connection Supervisor Info Disclosure VulnerabilityInformation DisclosureImportantCVE-2025-29836Windows Routing and Distant Entry Service (RRAS) Info Disclosure VulnerabilityInformation DisclosureImportantCVE-2025-29837Windows Installer Info Disclosure VulnerabilityInformation DisclosureImportantCVE-2025-29838Windows ExecutionContext Driver Elevation of Privilege VulnerabilityElevation of PrivilegeImportantCVE-2025-29839Windows A number of UNC Supplier Driver Info Disclosure VulnerabilityInformation DisclosureImportantCVE-2025-29840Windows Media Distant Code Execution VulnerabilityRemote Code ExecutionImportantCVE-2025-29841Universal Print Administration Service Elevation of Privilege VulnerabilityElevation of PrivilegeImportantCVE-2025-29842UrlMon Safety Characteristic Bypass VulnerabilitySecurity Characteristic BypassImportantCVE-2025-29954Windows Light-weight Listing Entry Protocol (LDAP) Denial of Service VulnerabilityDenial of ServiceImportantCVE-2025-29955Windows Hyper-V Denial of Service VulnerabilityDenial of ServiceImportantCVE-2025-29956Windows SMB Info Disclosure VulnerabilityInformation DisclosureImportantCVE-2025-29957Windows Deployment Companies Denial of Service VulnerabilityDenial of ServiceImportantCVE-2025-29958Windows Routing and Distant Entry Service (RRAS) Info Disclosure VulnerabilityInformation DisclosureImportantCVE-2025-29961Windows Routing and Distant Entry Service (RRAS) Info Disclosure VulnerabilityInformation DisclosureImportantCVE-2025-29962Windows Media Distant Code Execution VulnerabilityRemote Code ExecutionImportantCVE-2025-29963Windows Media Distant Code Execution VulnerabilityRemote Code ExecutionImportantCVE-2025-29974Windows Kernel Info Disclosure VulnerabilityInformation DisclosureImportantCVE-2025-30385Windows Widespread Log File System Driver Elevation of Privilege VulnerabilityElevation of PrivilegeImportantCVE-2025-30388Windows Graphics Part Distant Code Execution VulnerabilityRemote Code ExecutionImportantCVE-2025-30397Scripting Engine Reminiscence Corruption VulnerabilityRemote Code ExecutionImportantCVE-2025-32702Visual Studio Distant Code Execution VulnerabilityRemote Code ExecutionImportantCVE-2025-32704Microsoft Excel Distant Code Execution VulnerabilityRemote Code ExecutionImportantCVE-2025-32705Microsoft Outlook Distant Code Execution VulnerabilityRemote Code ExecutionImportantCVE-2025-32707NTFS Elevation of Privilege VulnerabilityElevation of PrivilegeImportantCVE-2025-24063Kernel Streaming Service Driver Elevation of Privilege VulnerabilityElevation of PrivilegeImportant
Microsoft strongly recommends that customers and IT directors apply these updates instantly by means of Home windows Replace or enterprise administration instruments. Given the presence of an actively exploited zero-day, delaying might depart techniques weak to ongoing assaults.
As cyber threats develop in sophistication, the Might 2025 Patch Tuesday replace reinforces the need of proactive safety measures. Patch your techniques promptly to safeguard in opposition to these vulnerabilities and preserve a powerful protection in opposition to potential exploits.
Different Notable Safety Updates
Fortinet launched safety updates for numerous merchandise, together with an actively exploited zero-day vulnerability.
SAP releases safety updates for a number of merchandise, together with a important 0-day RCE flaw.
Apple launched safety updates for iOS, iPadOS, and macOS.
Ivanti launched patches for ITSM, Cloud Safety & Neurons
Zoom Office Apps Vulnerabilities Patched, together with Privilege Escalation Flaws
VMware Aria XSS Vulnerability & VMware Instruments Vulnerability patched
