Microsoft has released emergency security updates to address a critical vulnerability affecting multiple products. Attackers could exploit this flaw to execute arbitrary code with system privileges.
Microsoft has issued a critical security advisory for CVE-2025-71237, a vulnerability affecting the loading mechanisms in multiple Microsoft products. The vulnerability has a CVSS score of 9.8 and is being actively exploited in the wild.
The vulnerability exists in how Microsoft products handle loading of dynamic libraries and resources. Successful exploitation could allow an attacker to execute arbitrary code with elevated privileges. No user interaction is required for exploitation.
Affected Products:
- Windows 10 (Version 1903 and later)
- Windows 11 (All versions)
- Microsoft Office 2019 and later
- Microsoft 365 Apps
- .NET Framework 4.8 and later
Microsoft has released security updates as part of the July 2025 Security Update. Organizations should apply these updates immediately.
Mitigation Steps:
- Install the latest security updates
- Enable automatic updates on all systems
- Restrict network access to untrusted sources
- Implement application whitelisting
- Monitor for suspicious loading activities
Organizations unable to patch immediately should implement the following workarounds:
- Disable loading of untrusted libraries
- Implement strict application control policies
- Configure Windows Defender Application Control to block untrusted applications
Microsoft has confirmed that this vulnerability is being exploited in targeted attacks. The vulnerability was discovered by security researchers at Mandiant who observed exploitation attempts against multiple high-profile organizations.
For detailed technical information and deployment guidance, refer to the official Microsoft Security Advisory.
Organizations with questions should contact Microsoft Support or visit the Microsoft Security Response Center portal.
Comments
Please log in or register to join the discussion