Patch tracker / KB5002753
KB5002753
Microsoft security update released 2025-07-08. Fixes 2 CVEs.
CriticalCISA KEVRansomware
Download KB5002753
Get the official update for KB5002753. The download and file size for each supported product are on the Microsoft Update Catalog page.
Update summary
Released
2025-07-08
CVEs fixed
2
Max CVSS
9.8
Severity
Critical
Exploitation and severity
Fixes 2 CVEs. At least one is actively exploited (CISA KEV). Most severe CVSS 9.8 (Critical). EPSS exploit probability up to 100%. One is linked to ransomware.
Among the top 5% of tracked Microsoft updates by EPSS exploit probability.
What to do
Treat as urgent: it is being exploited in the wild (CISA KEV), so patch ahead of items that are not. Senserva flags whether KB5002753 is missing on your devices.
CVEs fixed by this update
Affected products
- Microsoft SharePoint Enterprise Server 2016
- Microsoft SharePoint Server 2019
- Microsoft SharePoint Server Subscription Edition
See this and every Microsoft update ranked by real-world risk on the Microsoft Patch Tracker.