Source

**Are the updates for the Microsoft 365 for Office currently available?** The security update for Microsoft 365 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information.

23 days ago

Microsoft Security Response Center

Open in Source

#vulnerability #microsoft #rce #Microsoft Office Word #Security Vulnerability

CVE-2025-47172: Microsoft SharePoint Server Remote Code Execution Vulnerability

Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

23 days ago

Microsoft Security Response Center

Open in Source

#sql #vulnerability #microsoft #rce #auth #Microsoft Office SharePoint #Security Vulnerability

CVE-2025-3052: Cert CC: CVE-2025-3052 InsydeH2O Secure Boot Bypass

**What kind of security feature could be bypassed by successfully exploiting this vulnerability?** An attacker who successfully exploited this vulnerability could bypass Secure Boot.

23 days ago

Microsoft Security Response Center

Open in Source

#vulnerability #Windows Secure Boot #Security Vulnerability

CVE-2025-47174: Microsoft Excel Remote Code Execution Vulnerability

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

23 days ago

Microsoft Security Response Center

Open in Source

#vulnerability #microsoft #rce #buffer_overflow #auth #Microsoft Office Excel #Security Vulnerability

CVE-2025-47169: Microsoft Word Remote Code Execution Vulnerability

Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally.