Important Notice: Security vulnerabilities of Microsoft (updated at 11 June 2026)

關於 Microsoft 的安全漏洞通告 (更新於 2025年6月11日)

2025-06-11 ICTO Bulletin / 公告

資訊安全警示 Information Security Alert

English
中文

To: All Users

As informed by the Cybersecurity Incident Alert and Response Centre (CARIC), Microsoft have recently released its June security update notice, there are 69 vulnerability updates this time.

The updates this time mainly cover the following components: .NET and Visual Studio, Windows Common Log File System Driver, Windows Cryptographic Services, Windows DHCP Server, Windows KDC Proxy Service (KPSSVC), Windows DWM Core Library, Windows Local Security Authority Subsystem Service (LSASS) products vulnerabilities.

Details of the vulnerabilities:

Web Distributed Authoring and Versioning (WEBDAV) Remote Code Execution Vulnerability

For more details, please refer to: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-33053

Windows SMB Client Elevation of Privilege Vulnerability

For more details, please refer to: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-33073

Microsoft Office Remote Code Execution Vulnerability

For more details, please refer to: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-47167
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-47164
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-47953

Windows Netlogon Elevation of Privilege Vulnerability

For more details, please refer to: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-33070

Windows Common Log File System Driver Elevation of Privilege Vulnerability

For more details, please refer to: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-32701

Microsoft SharePoint Server Remote Code Execution Vulnerability

For more details, please refer to: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-47172

Windows Remote Desktop Services Remote Code Execution Vulnerability

For more details, please refer to: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-32710

Windows Common Log File System Driver Elevation of Privilege Vulnerability

For more details, please refer to: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-32713

For more details about Microsoft June Updates, please refer to: https://msrc.microsoft.com/update-guide/releaseNote/2025-Jun

If the relevant affected products are used, please install the security updates released by Microsoft as soon as possible.

Reference

Should you have any enquiries, please feel free to contact ICTO Help Desk.

ICTO Help Desk
Location : Room 2085, 2/F, Central Teaching Building (E5), eMap
Telephone : 8822 8600
email : icto.helpdesk@um.edu.mo

Information and Communication Technology Office

各位用戶：

資訊及通訊科技部接獲網絡安全事故預警及應急中心的通知，Microsoft 近日發布了 6月安全更新通告，此次包含了 69個漏洞更新。

此次釋出的更新主要涵蓋了以下組件： .NET and Visual Studio, Windows Common Log File System Driver, Windows Cryptographic Services, Windows DHCP Server, Windows KDC Proxy Service (KPSSVC), Windows DWM Core Library, Windows Local Security Authority Subsystem Service (LSASS) 等產品的漏洞。

漏洞詳情: