← Back
An updated version of the May 2025 Scan Cab is available
MC1080391 · build prod-20251231-200323
Category
preventOrFixIssue
Severity
normal
Major change
False
Last modified
2025-05-22 17:02:23
Summary source
Azure OpenAI (gpt-4.1)
Action by (Graph)
Action by (AI)
Services
Windows
Tags
Admin impact
Master tags
Admin, Security
Roadmap IDs

One-line summary

Admins using .NET SDK 8.0.3xx/8.0.4xx with Scan Cab deployed before May 22, 2025, 10:00 AM PT must re-acquire and redeploy the updated Scan Cab to address CVE-2025-26646.

Similar updates

More like this
MC1091459 The June 2025 Scan Cab is available
The June 2025 Scan Cab is available The June 2025 Scan Cab for offline update compliance checks is now available; download and deploy if your environment uses Scan Cab. The June 2025 Scan Cab was made available at 5:00 PM PT today, June 10, 2025. ...y updates released by Microsoft without first connecting to the Windows Update serviceHow this.
MC1091308 Notice: The June 2025 Scan Cab for Microsoft updates is delayed
Notice: The June 2025 Scan Cab for Microsoft updates is delayed The June 2025 Microsoft security update Scan Cab release is delayed; admins relying on Scan Cab for compliance should monitor for updates. NOTE:  This notice only affects environments where Scan Cab is used to check for Microsoft update compliance. The Scan Cab for the June 2025.
MC1179337 An updated version of the October 2025 Scan Cab is available
An updated version of the October 2025 Scan Cab is available Admins using Scan Cab before Oct 24, 2025, 8:54pm PT must re-acquire and redeploy it to ensure update compliance and address CVE-2025-59287 in Windows Server environments. IMPORTANT : This notice is only relevant for environments where: Scan Cab is used to check for update compliance..
MC1180840 An updated version of the October 2025 Scan Cab is available
An updated version of the October 2025 Scan Cab is available Admins using WSUS and Scan Cab for Windows Server updates must re-acquire and re-deploy the October 2025 Scan Cab if downloaded before 8:54 PM PT on October 24, 2025, to address CVE-2025-59287. IMPORTANT : This notice is only relevant for environments where: Windows Server Update.
MC1187786 An updated version of the November 2025 Scan Cab is available
An updated version of the November 2025 Scan Cab is available Admins using WSUS and Scan Cab for Windows 10 22H2 ESU must re-acquire and re-deploy the updated November 2025 Scan Cab released after 12:00 PM PT on Nov 18, 2025 to address a known issue. ...ws security updates to Windows 10, version 22H2 devices enrolled in Extended Security Updates.
MC1122435 An updated version of the July 2025 Scan Cab is available
An updated version of the July 2025 Scan Cab is available Admins using Scan Cab for SharePoint Server updates must re-download and deploy the updated July 2025 Scan Cab released after 8:00 am PT on July 26, 2025 to ensure correct update compliance. IMPORTANT : This notice is only relevant for environments where: Microsoft SharePoint Server.

Details

Body (from Message Center)

IMPORTANT: This notice is only relevant for environments where:
  • .NET SDK version 8.0.3xx or 8.0.4xx is used
  • Scan Cab is used to check for update compliance
  • The May 2025 Scan Cab was deployed before 10:00 AM PT on May 22, 2025.
 
An updated version of the May 2025 Scan Cab was made available at 10:00 AM PT on May 22, 2025. This Scan Cab includes new metadata corresponding to new updates for the following .NET versions:
 
The new Microsoft update for these .NET versions released May 22, 2025 at 10:00 AM PT included additional protections to address CVE-2025-26646. An authorized attacker with standard user privileges could place a malicious file and then wait for the privileged victim to run the calling command. See the additional information section of this message for details.

How this affects your organization:
IT administrators who downloaded the Scan Cab before 10:00 AM PT on May 22, 2025 should re-acquire and re-deploy their Scan Cab if it is used to assess updates for environments where .NET SDK version 8.0.3xx or 8.0.4xx is used.
 
No action is required on environments where Scan Cab is not employed and do not have .NET versions 8.0.3xx or 8.0.4xx. However, please note that there might be non-Microsoft applications which utilize Scan Cab. Review the documentation for any software and update deployment tools which might be in use for your organization, to understand if this is applicable in your environment.
 
What you need to do to prepare:
Administrators can re-deploy the updated Scan Cab via their usual processes. For detailed guidance, see the Additional information section below.
 
Additional information:

Raw JSON (for debugging)

Expand/collapse the full payload below.
Show/hide raw 
{
  "snapshot_item": {
    "action_required_by": null,
    "ai_action_required_by": null,
    "ai_actions": [
      "Re-acquire updated Scan Cab",
      "Redeploy Scan Cab for affected environments",
      "Review update deployment tools for applicability"
    ],
    "ai_master_tags": [
      "Admin",
      "Security"
    ],
    "ai_model": "gpt-4.1",
    "ai_summary": "Admins using .NET SDK 8.0.3xx/8.0.4xx with Scan Cab deployed before May 22, 2025, 10:00 AM PT must re-acquire and redeploy the updated Scan Cab to address CVE-2025-26646.",
    "ai_topics": [
      "Windows",
      ".net"
    ],
    "category": "preventOrFixIssue",
    "details_map": {},
    "id": "MC1080391",
    "importance": 5,
    "is_major_change": false,
    "last_modified": "2025-05-22T17:02:23Z",
    "ms_products": [
      "Windows"
    ],
    "platforms": null,
    "roadmap_ids": [],
    "services": [
      "Windows"
    ],
    "severity": "normal",
    "tags": [
      "Admin impact"
    ],
    "title": "An updated version of the May 2025 Scan Cab is available"
  }
}