Patchday Microsoft: Malware loopholes in Office and Windows closed
To prevent attackers from exploiting security vulnerabilities, admins must ensure that Windows Update is active: there are important security patches.
(Image: heise online)
Attackers can exploit several vulnerabilities in Azure, Defender, Hyper-V, Office, Windows, and an Xbox service, among others. In the worst-case scenario, malicious code can get onto computers and completely compromise systems. A Windows vulnerability is publicly known, and attacks may be imminent. So far, however, there have been no reports of attacks.
Security gaps closed
The known vulnerability (CVE-2025-55234 “high”) affects the SMB component of Windows. Attackers can use this to launch a relay attack. Attackers often intercept login data. In this case, attackers can gain higher user rights, according to Microsoft. Windows 10, 11, and various Windows server versions, among others, are at risk. In addition to installing the security update, Microsoft recommends activating functions such as SMB server signing against relay attacks.
The most dangerous is a vulnerability (CVE-2025-55232 “critical”) in Microsoft's computer cluster management High-Performance Computer (HPC). If attackers successfully exploit the vulnerability, they can execute malicious code via a network.
Microsoft also classifies other vulnerabilities as “critical.” These include some in Hyper-V (CVE-2025-55224 “high”), Windows Graphics Component (CVE-2025-55228 “high”), and Windows NTLM (CVE-2025-54918 “high”). In these cases, attackers can primarily gain higher user rights. Malicious code can get onto systems via an Office vulnerability (CVE-2025-54910 “high”).
One vulnerability (CVE-2025-55245 “high”) affects the Xbox Gaming Services app. Attackers can delete files on a system after successful attacks.
Videos by heise
Microsoft provides further information on the vulnerabilities and patches in the Security Update Guide.
(des)
