Service Notices
Microsoft Releases July 2025 Security Updates
Jul 11, 2025 GMT+08:00
I. Overview
Huawei Cloud noticed that Microsoft has released its July 2025 Security Updates. A total of 128 security vulnerabilities have been disclosed, among which 12 are marked as important vulnerabilities. Attackers can leverage these vulnerabilities to execute remote code, escalate privileges, and breach information. The affected applications include components such as Microsoft Windows, Microsoft Office, Azure, and Hyper-V.
For details, visit the Microsoft official website:
https://msrc.microsoft.com/update-guide/releaseNote/2025-Jul
The following vulnerabilities require close attention as their details have been disclosed or they have already been exploited by attackers:
Microsoft SQL Server Information Disclosure Vulnerability (CVE-2025-49719): This is a 0-day vulnerability. Unauthenticated attackers can exploit this vulnerability to obtain uninitialized resources in SQL Server. The vulnerability has been disclosed, and the risk is high.
17 vulnerabilities (such as CVE-2025-47981, CVE-2025-49724, and CVE-2025-49701) are marked as Exploitation More Likely. For details, see the official announcement. Please perform security self-check and security hardening in a timely manner to reduce attack risks.
II. Severity
Severity: important
(Severity: low, moderate, important, and critical)
III. Affected Products
Microsoft Windows, Microsoft Office, Azure, Hyper-V, and other products.
IV. Vulnerability Details
|
CVE ID |
Vulnerability Name |
Severity |
Vulnerability Description |
|
CVE-2025-47980 |
Windows Imaging Component Information Disclosure Vulnerability |
Important |
Exposure of sensitive information to an unauthorized actor in Windows Imaging Component allows an unauthorized attacker to disclose information locally. |
|
CVE-2025-48822 |
Windows Hyper-V Discrete Device Assignment (DDA) Remote Code Execution Vulnerability |
Important |
A remote attacker can craft an INF file to induce the victim to open the file and exploit the vulnerability. Successful exploit of this vulnerability can cause arbitrary code execution on the target system. |
|
CVE-2025-49704 |
Microsoft SharePoint Remote Code Execution Vulnerability |
Important |
Improper control of generation of code in Microsoft Office SharePoint allows an attacker to remotely execute code on the target system. |
|
CVE-2025-49703 CVE-2025-49698 |
Microsoft Word Remote Code Execution Vulnerability |
Important |
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. An attacker can send a specially crafted file to the victim and induce the victim to open the file to exploit the vulnerability. Successful exploit of this vulnerability can cause remote code execution on the target system. |
|
CVE-2025-49696 |
Microsoft Office Remote Code Execution Vulnerability |
Important |
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally. |
|
CVE-2025-49695 |
Microsoft Office Remote Code Execution Vulnerability |
Important |
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. |
|
CVE-2025-49717 |
Microsoft SQL Server Remote Code Execution Vulnerability |
Important |
An authenticated attacker can send specially crafted data to the victim, causing a heap-based buffer overflow and executing arbitrary code on the target system. |
|
CVE-2025-49702 |
Microsoft Office Remote Code Execution Vulnerability |
Important |
Access of resource using incompatible type in Microsoft Office allows an unauthorized attacker to execute code locally. |
|
CVE-2025-47981 |
SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability |
Important |
An unauthorized attacker can exploit the vulnerability by sending a specially crafted message to the target server. Successful exploit of this vulnerability allows the attacker to execute remote code on the target system. |
|
CVE-2025-49735 |
Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability |
Important |
Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network. |
|
CVE-2025-49697 |
Microsoft Office Remote Code Execution Vulnerability |
Important |
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. |
(Note: Vulnerabilities listed above are important ones. For more information, refer to the official website of Microsoft.)
V. Security Recommendations
1. Use Windows Update or download patches from the following address to fix the vulnerabilities:
https://msrc.microsoft.com/update-guide
2. Back up data remotely to protect your data.
Note: Before fixing vulnerabilities, back up your files and conduct a thorough test.