Microsoft Exchange Server
One of the primary points of focus for both testing and rapid deployment involves Microsoft Exchange Server. Five patches were released, and while all are rated as important, we believe that they should receive immediate attention. The primary factor: the latest directive from CISA detailing the active exploitation of CVE-2025-53786, which directly affects hybrid Exchange environments. It looks like government implementations are both particularly susceptible and actively targeted. Add this update to your “Patch Now” schedule.
Microsoft released two updates for its development platform, (CVE-2025-53772 and CVE-2025-53773) affecting Visual Studio and Microsoft’s Web Deploy tools. Add these low-profile updates to your standard release calendar.
Adobe (and third-party updates)
No updates this time from Microsoft for Adobe products. And the only third-party product updates were for Chromium — which don’t really count. So, I will use this space to apologise for having separate sections for Microsoft SQL and Exchange Server. It’s a lot for anybody. Luckily, I didn’t have to add an extra section for SharePoint server — that would be bad.
This story originally appeared on Computerworld
