check before: 2025-05-14
Product:
Microsoft 365 Apps, Office Client, Windows, Windows Server
Platform:
Mac, Online, World tenant
Status:
Launched
Change type:
Admin impact
Links:
Details:
IMPORTANT: This notice is only relevant for environments where:
Windows Server 2008 and Windows Server 2008 R2 updates are deployed under the Premium Assurance program
Scan Cab is used to check for update compliance
The May 2025 Scan Cab (released May 13, 2025 at 10:00 AM PT) was deployed before 11:00 AM PT on May 14, 2025.
An updated version of the May 2025 Scan Cab was made available at 11:00 AM PT on May 14, 2025. This Scan Cab includes new metadata corresponding to new updates for the following Windows versions:
Windows Server 2008 R2
Windows Server 2008
The new Windows updates for these server versions released May 13, 2025 at 6:00 PM PT included additional protections to address CVE-2025-32709, a security vulnerability in the Windows Ancillary Function Driver (AFD) for WinSock. The AFD component is akernel-mode driver that provides support for the WinSock API and is contained in the afd.sys file. The afd.sys driver manages the Winsock TCP/IP communications protocol. See the additional information section of this message for details.
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
Created:
2025-05-15
updated:
2025-05-15
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
linked item details
XXXXXXX ... free basic plan only
summary for non-techies**
The "Scan Cab" tool in IT environments has been updated to address a new security issue, and users need to recheck their software with the updated tool to ensure all systems are secure and up-to-date.
Direct effects for Operations**
Increased Security Vulnerability
If the updated Scan Cab is not deployed, systems may remain vulnerable to CVE-2025-32709, leading to potential exploitation and data breaches.
- roles: IT Administrators, Security Officers
- references: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32709, https://support.microsoft.com/topic/59fcbbd7-7f20-470a-9241-f03282ca045d
Update Compliance Failure
Failure to re-deploy the updated Scan Cab may result in inaccurate update compliance assessments, leading to unpatched systems and compliance issues.
- roles: IT Administrators, Compliance Officers
- references: https://learn.microsoft.com/windows-server/administration/windows-server-update-services/manage/wsus-and-the-catalog-site, https://techcommunity.microsoft.com/t5/windows-it-pro-blog/announcing-a-smaller-wsus-scan-cab/ba-p/2928256?msclkid=256145ccd0c011ec9266b53af8d0aca1
Configutation Options**
XXXXXXX ... paid membership only
Data Protection**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
explanation for non-techies**
XXXXXXX ... free basic plan only
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
Last updated 1 month ago
