Microsoft Updates And Notifications for April 2025

Microsoft releases emergency update to fix Office 2016 crashes
April 10, 2025
https://www.bleepingcomputer.com/ne...-emergency-update-to-fix-office-2016-crashes/

 

Microsoft releases KB5058919/KB5058922/KB5058921 Windows 11 and 10 out of band updates
April 12, 2025
https://www.neowin.net/news/microso...058921-windows-11-and-10-out-of-band-updates/

 

https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security#april-15-2025

 

April 22, 2025—KB5055612 (OS Build 19045.5796) Preview
Applies To:
Windows 10 Home and Pro, version 22H2 Windows 10 Enterprise Multi-Session, version 22H2 Windows 10 Enterprise and Education, version 22H2 Windows 10 IoT Enterprise, version 22H2
https://support.microsoft.com/en-us...-preview-428955dc-5f14-4dd8-a828-a1a3d316cb79

 

April 25, 2025—KB5055627(OS Build 26100.3915) Preview
Applies To:
Windows 11 version 24H2, all editions
https://support.microsoft.com/en-us...-preview-9324a361-965a-4496-8fd8-ba8a9de9fc38

 

CVEs have been published or revised in the Security Update Guide

April 30, 2025

These common vulnerabilities and exposures (CVEs) were recently published or revised in the Microsoft Security Update Guide:

CVE-2025-21416

· Title: Azure Virtual Desktop Elevation of Privilege Vulnerability

· Version: 1.0

· Reason for revision: Information published.

· Originally released: April 30, 2025

· Last updated: April 30, 2025

· Aggregate CVE severity rating: Critical

· Customer action required: No

CVE-2025-30389

· Title: Azure Bot Framework SDK Elevation of Privilege Vulnerability

· Version: 1.0

· Reason for revision: Information published.

· Originally released: April 30, 2025

· Last updated: April 30, 2025

· Aggregate CVE severity rating: Critical

· Customer action required: No

CVE-2025-30390

· Title: Azure ML Compute Elevation of Privilege Vulnerability

· Version: 1.0

· Reason for revision: Information published.

· Originally released: April 30, 2025

· Last updated: April 30, 2025

· Aggregate CVE severity rating: Critical

· Customer action required: No

CVE-2025-30391

· Title: Microsoft Dynamics Information Disclosure Vulnerability

· Version: 1.0

· Reason for revision: Information published.

· Originally released: April 30, 2025

· Last updated: April 30, 2025

· Aggregate CVE severity rating: Critical

· Customer action required: No

CVE-2025-30392

· Title: Azure AI bot Elevation of Privilege Vulnerability

· Version: 1.0

· Reason for revision: Information published.

· Originally released: April 30, 2025

· Last updated: April 30, 2025

· Aggregate CVE severity rating: Critical

· Customer action required: No

CVE-2025-33074

· Title: Azure Functions Remote Code Execution Vulnerability

· Version: 1.0

· Reason for revision: Information published.

· Originally released: April 30, 2025

· Last updated: April 30, 2025

· Aggregate CVE severity rating: Critical

· Customer action required: No