Category
preventOrFixIssue
Severity
normal
Major change
False
Last modified
2025-05-22 17:02:23
Summary source
Azure OpenAI (gpt-4.1)
Action by (Graph)
—
Action by (AI)
—
Services
Windows
Tags
Admin impact
Master tags
Security
Roadmap IDs
One-line summary
Admins using .NET SDK 8.0.3xx/8.0.4xx with Scan Cab deployed before May 22, 2025, 10:00 AM PT must re-acquire and redeploy the updated Scan Cab to address CVE-2025-26646.
Similar updates
More like thisMC1073882 An updated version of the May 2025 Scan Cab is available
An updated version of the May 2025 Scan Cab is available Admins using Scan Cab for Windows Server 2008/2008 R2 under Premium Assurance must re-acquire and redeploy the May 2025 Scan Cab if downloaded before May 14, 2025, 11:00 AM PT due to updated security metadata. ...ew updates for the following Windows versions: Windows Server 2008 R2 Windows.
MC1052165 The April 2025 Scan Cab is available
The April 2025 Scan Cab is available The April 2025 Scan Cab is now available for offline update compliance checks; download and deploy if your environment uses Scan Cab. The April 2025 Scan Cab was made available at 8:00 PM PT today, April 9, 2025. ...pdates released by Microsoft without first connecting to the Windows Update serviceHow this.
MC1091459 The June 2025 Scan Cab is available
The June 2025 Scan Cab is available The June 2025 Scan Cab for offline update compliance checks is now available; download and deploy if your environment uses Scan Cab. The June 2025 Scan Cab was made available at 5:00 PM PT today, June 10, 2025. ...y updates released by Microsoft without first connecting to the Windows Update serviceHow this.
MC1091308 Notice: The June 2025 Scan Cab for Microsoft updates is delayed
Notice: The June 2025 Scan Cab for Microsoft updates is delayed The June 2025 Microsoft security update Scan Cab release is delayed; admins relying on Scan Cab for compliance should monitor for updates. NOTE: This notice only affects environments where Scan Cab is used to check for Microsoft update compliance. The Scan Cab for the June 2025.
MC1179337 An updated version of the October 2025 Scan Cab is available
An updated version of the October 2025 Scan Cab is available Admins using Scan Cab before Oct 24, 2025, 8:54pm PT must re-acquire and redeploy it to ensure update compliance and address CVE-2025-59287 in Windows Server environments. IMPORTANT : This notice is only relevant for environments where: Scan Cab is used to check for update compliance..
MC1050818 Notice: The Scan Cab for the April 2025 Windows monthly security update is delayed
Notice: The Scan Cab for the April 2025 Windows monthly security update is delayed The April 2025 Windows monthly security update Scan Cab (4B release) is delayed; no Scan Cab is available yet. Updates will follow as more information is available. NOTE: This notice only affects environments where Scan Cab is used to check for update compliance..
Details
Body (from Message Center)
IMPORTANT: This notice is only relevant for environments where:
- .NET SDK version 8.0.3xx or 8.0.4xx is used
- Scan Cab is used to check for update compliance
- The May 2025 Scan Cab was deployed before 10:00 AM PT on May 22, 2025.
An updated version of the May 2025 Scan Cab was made available at 10:00 AM PT on May 22, 2025. This Scan Cab includes new metadata corresponding to new updates for the following .NET versions:
The new Microsoft update for these .NET versions released May 22, 2025 at 10:00 AM PT included additional protections to address CVE-2025-26646. An authorized attacker with standard user privileges could place a malicious file and then wait for the privileged victim to run the calling command. See the additional information section of this message for details.
How this affects your organization:
IT administrators who downloaded the Scan Cab before 10:00 AM PT on May 22, 2025 should re-acquire and re-deploy their Scan Cab if it is used to assess updates for environments where .NET SDK version 8.0.3xx or 8.0.4xx is used.
No action is required on environments where Scan Cab is not employed and do not have .NET versions 8.0.3xx or 8.0.4xx. However, please note that there might be non-Microsoft applications which utilize Scan Cab. Review the documentation for any software and update deployment tools which might be in use for your organization, to understand if this is applicable in your environment.
What you need to do to prepare:
Administrators can re-deploy the updated Scan Cab via their usual processes. For detailed guidance, see the Additional information section below.
Additional information:
- Updated Scan Cab: Download the new Scan Cab here
- CVE-2025-26646: .NET, Visual Studio, and Build Tools for Visual Studio Spoofing Vulnerability
- .NET 8.0 Update - May 13, 2025 (KB5059200) - Microsoft Support
- Announcing a smaller WSUS Scan Cab - Microsoft Tech Community: Learn more about WSUS and the Scan Cab process
- Using WUA to Scan for Updates Offline - Win32 apps | Microsoft Docs: Windows Update Agent (WUA) can be used to scan computers for security updates without connecting to Windows Update
- WSUS and the Catalog Site | Microsoft Docs: The Catalog Site used by WSUS to import updates and drivers
Raw JSON (for debugging)
Expand/collapse the full payload below.
Show/hide raw
{
"snapshot_item": {
"action_required_by": null,
"ai_action_required_by": null,
"ai_actions": [
"Re-acquire updated Scan Cab",
"Redeploy Scan Cab for affected environments",
"Review update deployment tools for applicability"
],
"ai_master_tags": [
"Security"
],
"ai_model": "gpt-4.1",
"ai_summary": "Admins using .NET SDK 8.0.3xx/8.0.4xx with Scan Cab deployed before May 22, 2025, 10:00 AM PT must re-acquire and redeploy the updated Scan Cab to address CVE-2025-26646.",
"ai_topics": [
"Windows",
".net"
],
"category": "preventOrFixIssue",
"details_map": {},
"id": "MC1080391",
"importance": 5,
"is_major_change": false,
"last_modified": "2025-05-22T17:02:23Z",
"ms_products": [
"Windows"
],
"platforms": null,
"roadmap_ids": [],
"services": [
"Windows"
],
"severity": "normal",
"tags": [
"Admin impact"
],
"title": "An updated version of the May 2025 Scan Cab is available"
}
}