microsoft — Vulnerabilities & Security Advisories 8284

Browse all 8284 CVE security advisories affecting microsoft. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Microsoft operates as a global technology corporation primarily providing enterprise software, cloud computing services, and consumer electronics. Its extensive software portfolio, including Windows operating systems and Office suites, has historically been associated with a high volume of Common Vulnerabilities and Exposures (CVEs), currently totaling 8,272. Common vulnerability classes affecting these products include remote code execution, cross-site scripting, and privilege escalation, often stemming from complex legacy codebases and extensive feature sets. Notable security incidents include the 2021 SolarWinds supply chain compromise, which impacted Microsoft’s Orion platform, and various critical zero-day exploits in Internet Explorer and Edge browsers. The company maintains a dedicated security response team and regularly issues patches through Windows Update to mitigate these risks, though the sheer scale of its ecosystem continues to present significant attack surfaces for threat actors seeking unauthorized access or data exfiltration.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-49670	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability — Windows Server 2008 R2 Service Pack 1CWE-122	6.5	Medium	2025-07-08
CVE-2025-49661	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability — Windows 10 Version 1507CWE-822	7.8	High	2025-07-08
CVE-2025-49658	Windows Transport Driver Interface (TDI) Translation Driver Information Disclosure Vulnerability — Windows 10 Version 1507CWE-125	5.5	Medium	2025-07-08
CVE-2025-49657	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability — Windows Server 2008 R2 Service Pack 1CWE-122	8.8	High	2025-07-08
CVE-2025-48824	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability — Windows Server 2008 R2 Service Pack 1CWE-122	8.8	High	2025-07-08
CVE-2025-47987	Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability — Windows 10 Version 1507CWE-122	7.8	High	2025-07-08
CVE-2025-47986	Universal Print Management Service Elevation of Privilege Vulnerability — Windows 10 Version 1507CWE-416	8.8	High	2025-07-08
CVE-2025-47984	Windows GDI Information Disclosure Vulnerability — Windows 10 Version 1507CWE-693	7.5	High	2025-07-08
CVE-2025-47985	Windows Event Tracing Elevation of Privilege Vulnerability — Windows 10 Version 1507CWE-822	7.8	High	2025-07-08
CVE-2025-47976	Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability — Windows 10 Version 1507CWE-416	7.8	High	2025-07-08
CVE-2025-47972	Windows Input Method Editor (IME) Elevation of Privilege Vulnerability — Windows 10 Version 1507CWE-362	8.0	High	2025-07-08
CVE-2025-47971	Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability — Windows 10 Version 1507CWE-126	7.8	High	2025-07-08
CVE-2025-21195	Azure Service Fabric Runtime Elevation of Privilege Vulnerability — Service FabricCWE-59	6.0	Medium	2025-07-08
CVE-2025-47159	Windows Virtualization-Based Security (VBS) Elevation of Privilege Vulnerability — Windows 10 Version 1507CWE-693	7.8	High	2025-07-08
CVE-2025-33054	Remote Desktop Spoofing Vulnerability — Windows 11 version 22H2CWE-357	8.1	High	2025-07-08
CVE-2025-26636	Windows Kernel Information Disclosure Vulnerability — Windows 11 Version 24H2CWE-1037	5.5	Medium	2025-07-08
CVE-2025-7326	EOL ASP.NET Core Elevation of Privilege Vulnerability — ASP.NET Core 6.0CWE-1390	7.0	High	2025-07-08
CVE-2025-49713	Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability — Microsoft Edge (Chromium-based)CWE-843	8.8	High	2025-07-02
CVE-2025-49741	Microsoft Edge (Chromium-based) Information Disclosure Vulnerability — Microsoft Edge (Chromium-based)CWE-268	7.4	High	2025-07-01
CVE-2025-49715	Dynamics 365 FastTrack Implementation Assets Information Disclosure Vulnerability — Dynamics 365 FastTrack ImplementationCWE-359	7.5	High	2025-06-20
CVE-2025-47959	Visual Studio Remote Code Execution Vulnerability — Microsoft Visual Studio 2022 version 17.10CWE-77	7.1	High	2025-06-13
CVE-2025-30399	.NET and Visual Studio Remote Code Execution Vulnerability — .NET 8.0CWE-426	7.5	High	2025-06-13
CVE-2025-32711	M365 Copilot Information Disclosure Vulnerability — Microsoft 365 CopilotCWE-74	9.3	Critical	2025-06-11
CVE-2025-32717	Microsoft Word Remote Code Execution Vulnerability — Microsoft 365 Apps for EnterpriseCWE-122	8.4	High	2025-06-10
CVE-2025-47977	Nuance Digital Engagement Platform Spoofing Vulnerability — Nuance Digital Engagement PlatformCWE-79	8.2	High	2025-06-10
CVE-2025-47968	Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability — Microsoft AutoUpdate for MacCWE-20	7.8	High	2025-06-10
CVE-2025-47176	Microsoft Outlook Remote Code Execution Vulnerability — Microsoft 365 Apps for EnterpriseCWE-35	7.8	High	2025-06-10
CVE-2025-47175	Microsoft PowerPoint Remote Code Execution Vulnerability — Microsoft 365 Apps for EnterpriseCWE-416	7.8	High	2025-06-10
CVE-2025-47174	Microsoft Excel Remote Code Execution Vulnerability — Microsoft 365 Apps for EnterpriseCWE-122	7.8	High	2025-06-10
CVE-2025-47172	Microsoft SharePoint Server Remote Code Execution Vulnerability — Microsoft SharePoint Enterprise Server 2016CWE-89	8.8	High	2025-06-10

This page lists every published CVE security advisory associated with microsoft. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

microsoft — Vulnerabilities & Security Advisories 8284