MS Family July 2025 Secondary Security Update Advisory

Overview

 

Microsoft(https://www.microsoft.com) has released a security update that fixes vulnerabilities in products it has supplied. Users of affected products are advised to update to the latest version.

 

Affected Products

 

 

Azure Family

Azure Machine Learning

 

Developer Tools suite

Azure DevOps

 

Microsoft Office Suite

Microsoft Purview

Microsoft SharePoint Enterprise Server 2016 and earlier

Microsoft SharePoint Server 2019 and earlier

Microsoft SharePoint Server Subscription Edition and earlier

 

Resolved Vulnerabilities

 

Five vulnerabilities rated Critical and one rated Important were found.

 

Azure Family

Emergency-rated privilege escalation vulnerabilities in Azure Machine Learning (CVE-2025-49747, CVE-2025-49746, CVE-2025-47995)

 

Developer Tools suite

Emergency-grade privilege escalation vulnerability in Azure DevOps (CVE-2025-47158)

 

Microsoft Office Suite

Critical elevation of privilege vulnerability in Microsoft Purview (CVE-2025-53762)

Critical-grade spoofing vulnerability in Microsoft Office SharePoint (CVE-2025-53771)

 

Vulnerability Patches

 

Product-specific Vulnerability Patches have been made available. Please use the Windows Update feature to install automatically or refer to the URLs in the product information below to download and install.