Microsoft has launched its month-to-month Patch Tuesday updates, addressing a complete of 66 vulnerabilities in its product suite. This launch features a remediation for one zero-day vulnerability that’s presently being actively exploited, in addition to one other vulnerability that has been publicly disclosed.
The June 2025 safety launch represents a major replace, that includes 10 crucial vulnerabilities that require fast consideration from IT directors worldwide.
The June 2025 Patch Tuesday addresses vulnerabilities throughout a number of classes:
25 Distant Code Execution vulnerabilities
13 Elevation of Privilege vulnerabilities
17 Data Disclosure vulnerabilities
6 Denial of Service vulnerabilities
3 Safety Function Bypass vulnerabilities
2 Spoofing vulnerabilities
Zero-Day Vulnerability Beneath Assault
Probably the most regarding vulnerability on this month’s launch is CVE-2025-33053, a distant code execution flaw in Microsoft’s Internet Distributed Authoring and Versioning (WebDAV) service.
Safety researchers from Test Level Analysis found this vulnerability being actively exploited by the Stealth Falcon superior persistent risk (APT) group in focused assaults towards protection organizations.
The WebDAV vulnerability permits distant attackers to execute arbitrary code on affected techniques when customers click on on specifically crafted WebDAV URLs.
Test Level’s investigation revealed that Stealth Falcon used malicious .url information to take advantage of this zero-day, manipulating the working listing of legit Home windows instruments to execute malware from actor-controlled WebDAV servers.
A second zero-day vulnerability, CVE-2025-33073, was not actively exploited, but it impacts Home windows SMB Consumer and permits elevation of privilege assaults over networks. This publicly disclosed flaw permits licensed attackers to achieve SYSTEM privileges by executing specifically crafted scripts that coerce sufferer machines to authenticate by way of SMB.
German safety agency RedTeam Pentesting initially found this vulnerability, with warnings circulating via DFN-CERT earlier than Microsoft’s official patch.
Microsoft Workplace purposes obtained important consideration with a number of crucial distant code execution fixes, together with heap-based buffer overflow vulnerabilities that would allow native code execution with out consumer interplay. SharePoint Server additionally obtained crucial patches for distant code execution flaws that would compromise enterprise collaboration environments.
A number of core Home windows parts obtained crucial safety updates, together with the Home windows KDC Proxy Service (KPSSVC) which had a use-after-free vulnerability enabling network-based code execution.
The Home windows Netlogon service obtained a crucial elevation of privilege repair, whereas Home windows Distant Desktop Companies addressed a crucial distant code execution vulnerability.
The Schannel part, chargeable for safe communications, obtained a crucial distant code execution patch affecting Home windows cryptographic companies. These fixes are notably necessary for organizations working Home windows Server environments and distant entry options.
Safety consultants advocate prioritizing the set up of those updates, particularly for the 2 zero-day vulnerabilities. The WebDAV zero-day (CVE-2025-33053) poses a direct threat to organizations with internet-facing techniques, whereas the SMB vulnerability (CVE-2025-33073) threatens inner community safety.
Microsoft Patch Tuesday June 2025 Listing
TagCVE IDCVE TitleSeverityMicrosoft OfficeCVE-2025-47164Microsoft Workplace Distant Code Execution VulnerabilityCriticalMicrosoft OfficeCVE-2025-47167Microsoft Workplace Distant Code Execution VulnerabilityCriticalMicrosoft OfficeCVE-2025-47162Microsoft Workplace Distant Code Execution VulnerabilityCriticalMicrosoft OfficeCVE-2025-47953Microsoft Workplace Distant Code Execution VulnerabilityCriticalMicrosoft Workplace SharePointCVE-2025-47172Microsoft SharePoint Server Distant Code Execution VulnerabilityCriticalWindows Cryptographic ServicesCVE-2025-29828Windows Schannel Distant Code Execution VulnerabilityCriticalWindows KDC Proxy Service (KPSSVC)CVE-2025-33071Windows KDC Proxy Service (KPSSVC) Distant Code Execution VulnerabilityCriticalWindows NetlogonCVE-2025-33070Windows Netlogon Elevation of Privilege VulnerabilityCriticalWindows Distant Desktop ServicesCVE-2025-32710Windows Distant Desktop Companies Distant Code Execution VulnerabilityCritical.NET and Visible StudioCVE-2025-30399.NET and Visible Studio Distant Code Execution VulnerabilityImportantApp Management for Enterprise (WDAC)CVE-2025-33069Windows App Management for Enterprise Safety Function Bypass VulnerabilityImportantMicrosoft AutoUpdate (MAU)CVE-2025-47968Microsoft AutoUpdate (MAU) Elevation of Privilege VulnerabilityImportantMicrosoft Native Safety Authority Server (lsasrv)CVE-2025-33056Windows Native Safety Authority (LSA) Denial of Service VulnerabilityImportantMicrosoft OfficeCVE-2025-47173Microsoft Workplace Distant Code Execution VulnerabilityImportantMicrosoft Workplace ExcelCVE-2025-47165Microsoft Excel Distant Code Execution VulnerabilityImportantMicrosoft Workplace ExcelCVE-2025-47174Microsoft Excel Distant Code Execution VulnerabilityImportantMicrosoft Workplace OutlookCVE-2025-47171Microsoft Outlook Distant Code Execution VulnerabilityImportantMicrosoft Workplace OutlookCVE-2025-47176Microsoft Outlook Distant Code Execution VulnerabilityImportantMicrosoft Workplace PowerPointCVE-2025-47175Microsoft PowerPoint Distant Code Execution VulnerabilityImportantMicrosoft Workplace SharePointCVE-2025-47166Microsoft SharePoint Server Distant Code Execution VulnerabilityImportantMicrosoft Workplace SharePointCVE-2025-47163Microsoft SharePoint Server Distant Code Execution VulnerabilityImportantMicrosoft Workplace WordCVE-2025-47170Microsoft Phrase Distant Code Execution VulnerabilityImportantMicrosoft Workplace WordCVE-2025-47957Microsoft Phrase Distant Code Execution VulnerabilityImportantMicrosoft Workplace WordCVE-2025-47169Microsoft Phrase Distant Code Execution VulnerabilityImportantMicrosoft Workplace WordCVE-2025-47168Microsoft Phrase Distant Code Execution VulnerabilityImportantNuance Digital Engagement PlatformCVE-2025-47977Nuance Digital Engagement Platform Spoofing VulnerabilityImportantRemote Desktop ClientCVE-2025-32715Remote Desktop Protocol Consumer Data Disclosure VulnerabilityImportantVisual StudioCVE-2025-47959Visual Studio Distant Code Execution VulnerabilityImportantWebDAVCVE-2025-33053Web Distributed Authoring and Versioning (WEBDAV) Distant Code Execution VulnerabilityImportantWindows Frequent Log File System DriverCVE-2025-32713Windows Frequent Log File System Driver Elevation of Privilege VulnerabilityImportantWindows DHCP ServerCVE-2025-33050DHCP Server Service Denial of Service VulnerabilityImportantWindows DHCP ServerCVE-2025-32725DHCP Server Service Denial of Service VulnerabilityImportantWindows DWM Core LibraryCVE-2025-33052Windows DWM Core Library Data Disclosure VulnerabilityImportantWindows HelloCVE-2025-47969Windows Virtualization-Primarily based Safety (VBS) Data Disclosure VulnerabilityImportantWindows InstallerCVE-2025-33075Windows Installer Elevation of Privilege VulnerabilityImportantWindows InstallerCVE-2025-32714Windows Installer Elevation of Privilege VulnerabilityImportantWindows KernelCVE-2025-33067Windows Job Scheduler Elevation of Privilege VulnerabilityImportantWindows Native Safety Authority (LSA)CVE-2025-33057Windows Native Safety Authority (LSA) Denial of Service VulnerabilityImportantWindows Native Safety Authority Subsystem Service (LSASS)CVE-2025-32724Local Safety Authority Subsystem Service (LSASS) Denial of Service VulnerabilityImportantWindows MediaCVE-2025-32716Windows Media Elevation of Privilege VulnerabilityImportantWindows Restoration DriverCVE-2025-32721Windows Restoration Driver Elevation of Privilege VulnerabilityImportantWindows Distant Entry Connection ManagerCVE-2025-47955Windows Distant Entry Connection Supervisor Elevation of Privilege VulnerabilityImportantWindows Routing and Distant Entry Service (RRAS)CVE-2025-33064Windows Routing and Distant Entry Service (RRAS) Distant Code Execution VulnerabilityImportantWindows Routing and Distant Entry Service (RRAS)CVE-2025-33066Windows Routing and Distant Entry Service (RRAS) Distant Code Execution VulnerabilityImportantWindows SDKCVE-2025-47962Windows SDK Elevation of Privilege VulnerabilityImportantWindows Safe BootCVE-2025-3052Cert CC: CVE-2025-3052 InsydeH2O Safe Safe Boot BypassImportantWindows Safety AppCVE-2025-47956Windows Safety App Spoofing VulnerabilityImportantWindows ShellCVE-2025-47160Windows Shortcut Information Safety Function Bypass VulnerabilityImportantWindows SMBCVE-2025-33073Windows SMB Consumer Elevation of Privilege VulnerabilityImportantWindows SMBCVE-2025-32718Windows SMB Consumer Elevation of Privilege VulnerabilityImportantWindows Requirements-Primarily based Storage Administration ServiceCVE-2025-33068Windows Requirements-Primarily based Storage Administration Service Denial of Service VulnerabilityImportantWindows Storage Administration ProviderCVE-2025-24065Windows Storage Administration Supplier Data Disclosure VulnerabilityImportantWindows Storage Administration ProviderCVE-2025-24068Windows Storage Administration Supplier Data Disclosure VulnerabilityImportantWindows Storage Administration ProviderCVE-2025-24069Windows Storage Administration Supplier Data Disclosure VulnerabilityImportantWindows Storage Administration ProviderCVE-2025-32719Windows Storage Administration Supplier Data Disclosure VulnerabilityImportantWindows Storage Administration ProviderCVE-2025-32720Windows Storage Administration Supplier Data Disclosure VulnerabilityImportantWindows Storage Administration ProviderCVE-2025-33055Windows Storage Administration Supplier Data Disclosure VulnerabilityImportantWindows Storage Administration ProviderCVE-2025-33058Windows Storage Administration Supplier Data Disclosure VulnerabilityImportantWindows Storage Administration ProviderCVE-2025-33059Windows Storage Administration Supplier Data Disclosure VulnerabilityImportantWindows Storage Administration ProviderCVE-2025-33060Windows Storage Administration Supplier Data Disclosure VulnerabilityImportantWindows Storage Administration ProviderCVE-2025-33061Windows Storage Administration Supplier Data Disclosure VulnerabilityImportantWindows Storage Administration ProviderCVE-2025-33062Windows Storage Administration Supplier Data Disclosure VulnerabilityImportantWindows Storage Administration ProviderCVE-2025-33063Windows Storage Administration Supplier Data Disclosure VulnerabilityImportantWindows Storage Administration ProviderCVE-2025-33065Windows Storage Administration Supplier Data Disclosure VulnerabilityImportantWindows Storage Port DriverCVE-2025-32722Windows Storage Port Driver Data Disclosure VulnerabilityImportantWindows Win32K – GRFXCVE-2025-32712Win32k Elevation of Privilege VulnerabilityImportant
Microsoft has indicated that proof-of-concept exploits could possibly be quickly developed by analyzing the printed safety updates, making swift deployment crucial.
Organizations ought to prioritize patching internet-facing techniques and domain-joined machines first, whereas implementing community segmentation as a further defensive measure.
The June 2025 Patch Tuesday represents one of many extra important month-to-month releases, combining actively exploited threats with complete fixes throughout Microsoft’s enterprise and shopper product traces.
Automate risk response with ANY.RUN’s TI Feeds—Enrich alerts and block malicious IPs throughout all endpoints -> Request full entry
