MS Family May 2025 1st Security Update Advisory
Overview
Microsoft(https://www.microsoft.com) has released a security update that fixes vulnerabilities in products it has supplied. Users of affected products are advised to update to the latest version.
Affected Products
Azure Family
Azure Automation
Azure Storage Resource Provider (SRP)
Microsoft Power Apps
Microsoft msagsfeedback.azurewebsites.net
Developer Tools suite
Azure DevOps
Microsoft Dynamics Suite
Microsoft Dataverse
Resolved Vulnerabilities
Six vulnerabilities with a Critical rating were found.
Azure Family
Urgent elevation of privilege vulnerability in Azure Automation (CVE-2025-29827)
Critical spoofing vulnerability in Azure Storage Resource Provider (CVE-2025-29972)
Critical information disclosure vulnerability in Azure (CVE-2025-33072)
Critical information disclosure vulnerability in Microsoft Power Apps (CVE-2025-47733)
Developer Tools suite
Critical elevation of privilege vulnerability in Azure DevOps (CVE-2025-29813)
Microsoft Dynamics Suite
Critical remote code execution vulnerability in Microsoft Dataverse (CVE-2025-47732)
Vulnerability Patches
The following product-specific Vulnerability Patches were made available in the May 8, 2025 Update. Please use the Windows Update feature for automatic installation or refer to the URLs in the product information below to download and install.