Microsoft patched 112 vulnerabilities, including eight critical flaws and three zero-days; Windows and Office updates require immediate prioritization.
CISA Flags Microsoft Office and HPE OneView Bugs as Actively Exploited
CISA added two actively exploited vulnerabilities—CVE-2009-0556 in Microsoft PowerPoint and CVE-2025-37164 in HPE OneView—to its KEV catalog; agencies must apply patches.