CVE-2025-62565: Windows File Explorer Elevation of Privilege Vulnerability

CVE-2025-62570: Windows Camera Frame Server Monitor Information Disclosure Vulnerability

CVE-2025-64678: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

CVE-2025-64672: Microsoft SharePoint Server Spoofing Vulnerability

CVE-2025-64661: Windows Shell Elevation of Privilege Vulnerability

*The CVSS Score says user action is required. What type of user action is required?*

A user would have to open a maliciously crafted email sent to Dynamics 365 Customer Engagement.

Headline

CVE-2021-40457: Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability

Microsoft Security Response Center: Latest News