Microsoft Monthly Security Update – 14 May 2025

In Cyber Security by Matsco Engineering Team

 

Microsoft have released a security advisory on the 14th of May 2025 in line with their regular monthly patch schedule which includes a number of updates to address vulnerabilities in two (2) Extremely High Risk,  six (6) Medium Risk, and one (1) Low Risk product(s).

These updates address vulnerabilities which may impact services through Remote Code Execution, Denial of Service, Elevation of Privilege, Information Disclosure, Security Restriction Bypass, and Spoofing. 

For more information please see: Microsoft Security Update

This release consists of security updates for the following products, features and roles:

  • .NET, Visual Studio, and Build Tools for Visual Studio
  • Active Directory Certificate Services (AD CS)
  • Azure
  • Azure Automation
  • Azure DevOps
  • Azure File Sync
  • Azure Storage Resource Provider
  • Microsoft Brokering File System
  • Microsoft Dataverse
  • Microsoft Defender for Endpoint
  • Microsoft Defender for Identity
  • Microsoft Edge (Chromium-based)
  • Microsoft Office
  • Microsoft Office Excel
  • Microsoft Office Outlook
  • Microsoft Office PowerPoint
  • Microsoft Office SharePoint
  • Microsoft PC Manager
  • Microsoft Power Apps
  • Microsoft Scripting Engine
  • Remote Desktop Gateway Service
  • Role: Windows Hyper-V
  • Universal Print Management Service
  • UrlMon
  • Visual Studio
  • Visual Studio Code
  • Web Threat Defense (WTD.sys)
  • Windows Common Log File System Driver
  • Windows Deployment Services
  • Windows Drivers
  • Windows DWM
  • Windows File Server
  • Windows Fundamentals
  • Windows Hardware Lab Kit
  • Windows Installer
  • Windows Kernel
  • Windows LDAP - Lightweight Directory Access Protocol
  • Windows Media
  • Windows NTFS
  • Windows Remote Desktop
  • Windows Routing and Remote Access Service (RRAS)
  • Windows Secure Kernel Mode
  • Windows SMB
  • Windows Trusted Runtime Interface Driver
  • Windows Virtual Machine Bus
  • Windows Win32K - GRFX

 

CVE-2025-30397 is being exploited in the wild and an attacker who successfully exploits this vulnerability can initiate remote code execution.

CVE-2025-30400 is being exploited in the wild and this vulnerability allows local attackers to gain SYSTEM privileges on the device/system.

CVE-2025-32701 is being exploited in the wild and this vulnerability allows local attackers to gain SYSTEM privileges on the device/system.

CVE-2025-32706 is being exploited in the wild and this vulnerability allows local attackers to gain SYSTEM privileges on the device/system.

CVE-2025-32709 is being exploited in the wild and this vulnerability allows local attackers to gain administrator privileges on the device/system.

Please contact the Matsco Solutions team on the below if you would like any further information or would like to schedule a maintenance.

support@matscosolutions.com

Beijing  +86 400 120 2782
Hong Kong  +852 8101 8418
London   +44 (0)20 7821 4950
New York  +1 866 446 9226
Singapore  +65 6100 1090

Share this Post