HANDS ON SharePoint
HANDS ON Teams
HANDS ON Lists
HANDS ON tek
M365 Admin
An updated version of the May 2025 Scan Cab is available
IMPORTANT: This notice is only relevant for environments where:
- .NET SDK version 8.0.3xx or 8.0.4xx is used
- Scan Cab is used to check for update compliance
- The May 2025 Scan Cab was deployed before 10:00 AM PT on May 22, 2025.
An updated version of the May 2025 Scan Cab was made available at 10:00 AM PT on May 22, 2025. This Scan Cab includes new metadata corresponding to new updates for the following .NET versions:
The new Microsoft update for these .NET versions released May 22, 2025 at 10:00 AM PT included additional protections to address CVE-2025-26646. An authorized attacker with standard user privileges could place a malicious file and then wait for the privileged victim to run the calling command. See the additional information section of this message for details.
How this affects your organization:
IT administrators who downloaded the Scan Cab before 10:00 AM PT on May 22, 2025 should re-acquire and re-deploy their Scan Cab if it is used to assess updates for environments where .NET SDK version 8.0.3xx or 8.0.4xx is used.
No action is required on environments where Scan Cab is not employed and do not have .NET versions 8.0.3xx or 8.0.4xx. However, please note that there might be non-Microsoft applications which utilize Scan Cab. Review the documentation for any software and update deployment tools which might be in use for your organization, to understand if this is applicable in your environment.
What you need to do to prepare:
Administrators can re-deploy the updated Scan Cab via their usual processes. For detailed guidance, see the Additional information section below.
Additional information:
- Updated Scan Cab: Download the new Scan Cab here
- CVE-2025-26646: .NET, Visual Studio, and Build Tools for Visual Studio Spoofing Vulnerability
- .NET 8.0 Update – May 13, 2025 (KB5059200) – Microsoft Support
- Announcing a smaller WSUS Scan Cab – Microsoft Tech Community: Learn more about WSUS and the Scan Cab process
- Using WUA to Scan for Updates Offline – Win32 apps | Microsoft Docs: Windows Update Agent (WUA) can be used to scan computers for security updates without connecting to Windows Update
- WSUS and the Catalog Site | Microsoft Docs: The Catalog Site used by WSUS to import updates and drivers
Message ID: MC1080391
