CVE-2025-32711: M365 Copilot Information Disclosure Vulnerability

CVE-2025-47977: Nuance Digital Engagement Platform Spoofing Vulnerability

CVE-2025-32717: Microsoft Word Remote Code Execution Vulnerability

CVE-2025-47959: Visual Studio Remote Code Execution Vulnerability

CVE-2025-47968: Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability

Improper verification of cryptographic signature in App Control for Business (WDAC) allows an unauthorized attacker to bypass a security feature locally.

Headline

CVE-2025-33069: Windows App Control for Business Security Feature Bypass Vulnerability

Microsoft Security Response Center: Latest News