![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(275.2, 2%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELM%3C/text%3E%3C/svg%3E)
Microsoft 365 and Office | Development | Microsoft 365 App Publishing
The process of submitting and distributing custom apps across Microsoft 365 platforms, including Outlook, Teams, and the Microsoft 365 app store.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(80, 43%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMP%3C/text%3E%3C/svg%3E)
Hi Lakin Marquieta,
Welcome to Microsoft Q&A Forum!
Have a good day and hope you're doing well!
Thank you for sharing the details about the issue you're facing with CVE-2025-22944 in your Microsoft 365 Apps environment. I completely understand and empathize with your concern. This is a serious RCE vulnerability, especially in a system with 250 endpoints involving many macro-enabled documents, and deploying the KB5063224 patch requires support from tools like Defender for Endpoint (for monitoring and blocking unusual behavior) and Configuration Manager (for phased patch deployment). These tools are powerful for mitigating risks, but configuring them correctly can be complex and require specialized support.
As a moderator of this forum, I must note that our platform cannot provide direct support for advanced technical issues like configuring Defender for Endpoint or Configuration Manager, as they involve specific enterprise environments and may require system access. I highly recommend reaching out to Microsoft Intune Support for specialized assistance, including deployment guidance and troubleshooting. They have a team of experts ready to help via ticket or call. You can contact them here: Microsoft Intune Support (select the option to create a support request).
In the meantime, while waiting for official support, here are some reliable resources from Microsoft for you to research further on Defender for Endpoint and Configuration Manager in the context of mitigating vulnerabilities like CVE-2025-22944:
- Defender for Endpoint – Guide to Monitoring and Blocking Office Exploits: Microsoft Defender for Endpoint Documentation. Focus on setting up alerts for behaviors like Office calling PowerShell.
- Configuration Manager – Deploying Patches and Updates: Configuration Manager Deployment Guide. Guidance on phased deployment for the KB5063224 patch on Windows endpoints.
- Integrating Defender with Configuration Manager for Security: Attack Surface Reduction Rules. Specific rules to block RCE in Office apps.
If you have any general questions about the forum, need basic advice, or if I've misunderstood anything or something is unclear, feel free to let me know. Wishing you a smooth resolution!
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.