—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Multiple Vulnerabilities in Microsoft Products 

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: High

Software Affected

Microsoft Windows

Microsoft Office

Microsoft Office LTSC for Mac 2021 & 2024(32&64-bit editions)

Microsoft SQL Server

Azure Networking

Azure Bot Services

Azure Connected Machine Agent

Xbox Gaming Services

Microsoft 365 Apps

Dynamics 365 Fast Track Implementation

Office Online Server

Microsoft Edge (Chromium-based)

Microsoft Entra ID

Microsoft Auto Update for Mac

Overview

Multiple vulnerabilities have been reported in Microsoft products, which could allow an attacker to bypass security restrictions, gain elevated privileges, obtain sensitive information, and conduct remote code execution, spoofing attacks or cause Denial of Service (DoS) condition on the targeted system.

Target Audience:

Individuals and IT administrators, security teams responsible for maintaining and updating Microsoft products.

Risk Assessment:

High risk of unauthorized access of data and system instability/ or compromise.

Impact Assessment:

Bypass Security Restrictions, Elevation of Privileges, Information Disclosure, Remote Code Execution, Spoofing Attacks, Denial of Service (DoS).

Description

Multiple vulnerabilities have been reported in Microsoft products, which could allow an attacker to bypass security restrictions, gain elevated privileges, obtain sensitive information, and conduct remote code execution, spoofing attacks or cause Denial of Service (DoS) condition on the targeted system.

For complete list of affected products, CVEs, workarounds and solutions, refer to the Microsoft security updates.

https://msrc.microsoft.com/update-guide/releaseNote/2025-Sep

Solution

Apply appropriate updates as mentioned in:  

https://msrc.microsoft.com/update-guide/releaseNote/2025-Sep

Vendor Information

Microsoft

https://msrc.microsoft.com/update-guide/

References

 

https://msrc.microsoft.com/update-guide/releaseNote/2025-Sep

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmjBiHwACgkQ3jCgcSdc

ys82oBAAlxlj9RTco3ROKONLpqJYVkYAoozgj1IZi6B/iJMZKzfevLn0jqMtsiEg

Y9xQicTYtWzBh8Tm9lEO6A08pMxBP4p87OSa+nagJzAKY2MxICUytwShfDASV9k5

fi6X0ght3ryXMwAN4aCvHU33PnhWxkWCWhytlwOUWJsTItK1bpzewaw9C66/RWNm

Z3Sr9VU1IlEDa3VhpForQgjl1BZ3gWF+XgQ+I8R9deEsWQCLlFD975gh08SoDC9b

+pcxPLSodVLGqJMQGRE3s8dfKGhxUGB/ZrjTafBFwtIKbMnlo4Pqr27nkkrMGcSY

sLRFkxFT9QU1u4h922aPxZMOPyxHyW1kWmrVJ1V9qSW8I7uadS4UimOajRKMQmDs

GI8OMaGWZvoDd80qAMtyldFp9i03MBJsVVjdSI27f+czcSNwyVvCr09cBoLLeYRo

mE7IbP4O14716ea313WHE5gH0CAelnWT8dpi+mBP99K1TeLW14putAzcR4VKYNH1

ja1fcQ3uX+pKa7KOs9BzSugX4LDITTBqRwLPykU8IEXzGOsNd2hPZ0HugChLfHmG

r6HyL/uEc3Xf8CIgPB3xDHnCSoeB38h+q/hPRm3899FmULlFmxcYYq57sB0CK6ZL

ftXy9hB0fj322bZtLez8f9Hodt/I99OujBuGpf+trlAgCYsPb4A=

=5izY

—–END PGP SIGNATURE—–