The July 2025 security bug fixes list plugs another 137 problems found in Microsoft software. Some are really serious and need patching right away for all Microsoft 365 and Office users. BitLocker also gets some security fixes.
This months load of Microsoft Office security updates includes a fix for a series of “Remote Code Execution” bugs that allow code to be run on a device just by opening the document or viewing in a preview pane. These five security bugs affect all supported versions of Office from Microsoft 365 and Office 2024 back to Office 2016 and are rightly rated as ‘Critical’.
Running the usual update process (if not done automatically) will ensure your software is protected. While the critical bugs haven’t yet been used by hackers, it’s only a matter of time.
| Office / Microsoft 365 | CVE-2025-49697 | Remote Code Execution Vulnerability | Critical |
| Office / Microsoft 365 | CVE-2025-49695 | Remote Code Execution Vulnerability | Critical |
| Office / Microsoft 365 | CVE-2025-49696 | Remote Code Execution Vulnerability | Critical |
| Office / Microsoft 365 | CVE-2025-49702 | Remote Code Execution Vulnerability | Critical |
| Word / Microsoft 365 | CVE-2025-49703 | Remote Code Execution Vulnerability | Critical |
| Word / Microsoft 365 | CVE-2025-49698 | Remote Code Execution Vulnerability | Critical |
| Office | CVE-2025-47994 | Elevation of Privilege Vulnerability | Important |
| Office | CVE-2025-49699 | Remote Code Execution Vulnerability | Important |
| Excel | CVE-2025-48812 | Information Disclosure Vulnerability | Important |
| Excel | CVE-2025-49711 | Remote Code Execution Vulnerability | Important |
| PowerPoint | CVE-2025-49705 | Remote Code Execution Vulnerability | Important |
| Word | CVE-2025-49700 | Remote Code Execution Vulnerability | Important |
| Office Developer Platform | CVE-2025-49756 | Security Feature Bypass Vulnerability | Important |
Bitlocker fixes
Windows should also be updated, if only to plug these security holes in the vital BitLocker encryption system.
| BitLocker | CVE-2025-48818 | Security Feature Bypass Vulnerability | Important |
| BitLocker | CVE-2025-48001 | Security Feature Bypass Vulnerability | Important |
| BitLocker | CVE-2025-48804 | Security Feature Bypass Vulnerability | Important |
| BitLocker | CVE-2025-48003 | Security Feature Bypass Vulnerability | Important |
| BitLocker | CVE-2025-48800 | Security Feature Bypass Vulnerability | Important |
