Microsoft Patch Tuesday May 2025 Released With the Fixes for 72 Flaws With 5 Actively Exploited 0-Day

CVE Number CVE Title Impact Max Severity CVE-2025-29966 Remote Desktop Client Remote Code Execution Vulnerability Remote Code Execution Critical CVE-2025-29967 Remote Desktop Client Remote Code Execution Vulnerability Remote Code Execution Critical CVE-2025-30377 Microsoft Office Remote Code Execution Vulnerability Remote Code Execution Critical CVE-2025-30386 Microsoft Office Remote Code Execution Vulnerability Remote Code Execution Critical CVE-2025-29833 Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability Remote Code Execution Critical CVE-2025-26629 Microsoft Office Remote Code Execution Vulnerability Remote Code Execution Important CVE-2025-26646 .NET, Visual Studio, and Build Tools for Visual Studio Spoofing Vulnerability Spoofing Important CVE-2025-26684 Microsoft Defender Elevation of Privilege Vulnerability Elevation of Privilege Important CVE-2025-29959 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability Information Disclosure Important CVE-2025-29960 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability Information Disclosure Important CVE-2025-29964 Windows Media Remote Code Execution Vulnerability Remote Code Execution Important CVE-2025-29968 Active Directory Certificate Services (AD CS) Denial of Service Vulnerability Denial of Service Important CVE-2025-29969 MS-EVEN RPC Remote Code Execution Vulnerability Remote Code Execution Important CVE-2025-29970 Microsoft Brokering File System Elevation of Privilege Vulnerability Elevation of Privilege Important CVE-2025-29973 Microsoft Azure File Sync Elevation of Privilege Vulnerability Elevation of Privilege Important CVE-2025-29971 Web Threat Defense (WTD.sys) Denial of Service Vulnerability Denial of Service Important CVE-2025-29975 Microsoft PC Manager Elevation of Privilege Vulnerability Elevation of Privilege Important CVE-2025-29976 Microsoft SharePoint Server Elevation of Privilege Vulnerability Elevation of Privilege Important CVE-2025-29977 Microsoft Excel Remote Code Execution Vulnerability Remote Code Execution Important CVE-2025-29978 Microsoft PowerPoint Remote Code Execution Vulnerability Remote Code Execution Important CVE-2025-29979 Microsoft Excel Remote Code Execution Vulnerability Remote Code Execution Important CVE-2025-30375 Microsoft Excel Remote Code Execution Vulnerability Remote Code Execution Important CVE-2025-30376 Microsoft Excel Remote Code Execution Vulnerability Remote Code Execution Important CVE-2025-30378 Microsoft SharePoint Server Remote Code Execution Vulnerability Remote Code Execution Important CVE-2025-30379 Microsoft Excel Remote Code Execution Vulnerability Remote Code Execution Important CVE-2025-30381 Microsoft Excel Remote Code Execution Vulnerability Remote Code Execution Important CVE-2025-30382 Microsoft SharePoint Server Remote Code Execution Vulnerability Remote Code Execution Important CVE-2025-30383 Microsoft Excel Remote Code Execution Vulnerability Remote Code Execution Important CVE-2025-30384 Microsoft SharePoint Server Remote Code Execution Vulnerability Remote Code Execution Important CVE-2025-30387 Document Intelligence Studio On-Prem Elevation of Privilege Vulnerability Elevation of Privilege Important CVE-2025-27468 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability Elevation of Privilege Important CVE-2025-30393 Microsoft Excel Remote Code Execution Vulnerability Remote Code Execution Important CVE-2025-29826 Microsoft Dataverse Elevation of Privilege Vulnerability Elevation of Privilege Important CVE-2025-30394 Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability Denial of Service Important CVE-2025-30400 Microsoft DWM Core Library Elevation of Privilege Vulnerability Elevation of Privilege Important CVE-2025-32701 Windows Common Log File System Driver Elevation of Privilege Vulnerability Elevation of Privilege Important CVE-2025-32703 Visual Studio Information Disclosure Vulnerability Information Disclosure Important CVE-2025-32706 Windows Common Log File System Driver Elevation of Privilege Vulnerability Elevation of Privilege Important CVE-2025-21264 Visual Studio Code Security Feature Bypass Vulnerability Security Feature Bypass Important CVE-2025-32709 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Elevation of Privilege Important CVE-2025-26677 Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability Denial of Service Important CVE-2025-27488 Microsoft Windows Hardware Lab Kit (HLK) Elevation of Privilege Vulnerability Elevation of Privilege Important CVE-2025-26685 Microsoft Defender for Identity Spoofing Vulnerability Spoofing Important CVE-2025-29829 Windows Trusted Runtime Interface Driver Information Disclosure Vulnerability Information Disclosure Important CVE-2025-29830 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability Information Disclosure Important CVE-2025-29831 Windows Remote Desktop Services Remote Code Execution Vulnerability Remote Code Execution Important CVE-2025-29832 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability Information Disclosure Important CVE-2025-29835 Windows Remote Access Connection Manager Information Disclosure Vulnerability Information Disclosure Important CVE-2025-29836 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability Information Disclosure Important CVE-2025-29837 Windows Installer Information Disclosure Vulnerability Information Disclosure Important CVE-2025-29838 Windows ExecutionContext Driver Elevation of Privilege Vulnerability Elevation of Privilege Important CVE-2025-29839 Windows Multiple UNC Provider Driver Information Disclosure Vulnerability Information Disclosure Important CVE-2025-29840 Windows Media Remote Code Execution Vulnerability Remote Code Execution Important CVE-2025-29841 Universal Print Management Service Elevation of Privilege Vulnerability Elevation of Privilege Important CVE-2025-29842 UrlMon Security Feature Bypass Vulnerability Security Feature Bypass Important CVE-2025-29954 Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability Denial of Service Important CVE-2025-29955 Windows Hyper-V Denial of Service Vulnerability Denial of Service Important CVE-2025-29956 Windows SMB Information Disclosure Vulnerability Information Disclosure Important CVE-2025-29957 Windows Deployment Services Denial of Service Vulnerability Denial of Service Important CVE-2025-29958 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability Information Disclosure Important CVE-2025-29961 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability Information Disclosure Important CVE-2025-29962 Windows Media Remote Code Execution Vulnerability Remote Code Execution Important CVE-2025-29963 Windows Media Remote Code Execution Vulnerability Remote Code Execution Important CVE-2025-29974 Windows Kernel Information Disclosure Vulnerability Information Disclosure Important CVE-2025-30385 Windows Common Log File System Driver Elevation of Privilege Vulnerability Elevation of Privilege Important CVE-2025-30388 Windows Graphics Component Remote Code Execution Vulnerability Remote Code Execution Important CVE-2025-30397 Scripting Engine Memory Corruption Vulnerability Remote Code Execution Important CVE-2025-32702 Visual Studio Remote Code Execution Vulnerability Remote Code Execution Important CVE-2025-32704 Microsoft Excel Remote Code Execution Vulnerability Remote Code Execution Important CVE-2025-32705 Microsoft Outlook Remote Code Execution Vulnerability Remote Code Execution Important CVE-2025-32707 NTFS Elevation of Privilege Vulnerability Elevation of Privilege Important CVE-2025-24063 Kernel Streaming Service Driver Elevation of Privilege Vulnerability Elevation of Privilege Important