You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2025 64677
About this tag
CVE-2025-64677 is a Microsoft Office vulnerability involving spoofing of the Out-of-Box Experience (OoBE) interface. This presentation-layer flaw can be exploited to impersonate legitimate setup or first-run UI elements, potentially tricking users into granting permissions or executing unintended actions. The vulnerability is listed in Microsoft's Security Update Guide, though public details remain limited. Defenders need to consult the MSRC page for specific KBs and affected Office SKUs. This tag covers discussion of the risk, patch guidance, and mitigation strategies for CVE-2025-64677.
Microsoft’s Security Update Guide lists a vulnerability identified as CVE-2025-64677 described as an Office “Out‑of‑Box Experience” (OoBE) spoofing issue — a presentation‑layer flaw that can be used to impersonate setup or first‑run UI elements and coerce users into granting access, consenting...