MS Family April 2025 Secondary Security Update Advisory

May 02 2025

Overview

Microsoft(https://www.microsoft.com) has released a security update that fixes vulnerabilities in products it has supplied. Users of affected products are advised to update to the latest version.

Affected Products

Azure Family

Azure AI Bot Service

Azure Functions

Azure Machine Learning

Azure Virtual Desktop

Microsoft Dynamics Suite

Dynamics 365 Customer Service

Resolved Vulnerabilities

Six vulnerabilities rated Critical were found.

Azure Family

Emergency-rated privilege escalation vulnerabilities in the Azure Bot Framework SDK (CVE-2025-30389, CVE-2025-30392)

Critical escalation of privilege vulnerability in Azure Virtual Desktop (CVE-2025-21416)

Urgent escalation of privilege vulnerability in Azure (CVE-2025-30390)

Critical remote code execution vulnerability in Microsoft Azure Functions (CVE-2025-33074)

Microsoft Dynamics Suite

Critical information disclosure vulnerability in Microsoft Dynamics (CVE-2025-30391)

Vulnerability Patches

The following product-specific Vulnerability Patches were made available in the April 30, 2025 Update. Please use the Windows Update feature for automatic installation or refer to the URLs in the product information below to download and install.

https://msrc.microsoft.com/update-guide/

MS Family April 2025 Secondary Security Update Advisory

Overview

Affected Products

Azure Family

Microsoft Dynamics Suite

Resolved Vulnerabilities

Azure Family

Microsoft Dynamics Suite

Vulnerability Patches

Linux Kernel Security Update Advisory (CVE-2025-21756)

Synology Product Security Update Advisory (CVE-2024-10442)

Overview

Affected Products

Azure Family

Microsoft Dynamics Suite

Resolved Vulnerabilities

Azure Family

Microsoft Dynamics Suite

Vulnerability Patches

Tags:

Linux Kernel Security Update Advisory (CVE-2025-21756)

Synology Product Security Update Advisory (CVE-2024-10442)