Skip to content
  • Blog Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form

Microsoft Patches 130 Vulnerabilities for July 2025 Patch Tuesday

Posted on July 8, 2025July 8, 2025 By CWS

Microsoft on Tuesday introduced safety fixes for 130 vulnerabilities throughout its merchandise, together with a beforehand disclosed SQL Server bug.

Tracked as CVE-2025-49719 (CVSS rating of seven.5), the already disclosed SQL Server flaw is described as an improper enter validation problem that would enable unauthenticated attackers to leak data over the community.

In line with Microsoft, the safety defect has not been exploited as a zero-day, nevertheless it was publicly disclosed earlier than patches have been launched.

“Replace your related model of SQL Server. Any relevant driver fixes are included in these updates. Replace your software to make use of Microsoft OLE DB Driver 18 or 19. Replace the drivers to the variations listed on this web page, which give safety towards this vulnerability,” the corporate notes in its advisory.

Regardless of the inclusion of this SQL Server bug, this month’s set of patches breaks an 11-month streak of zero-day mitigations from Redmond.

The July 2025 Patch Tuesday record additionally contains roughly a dozen patches rated essential severity, together with 10 addressing vulnerabilities that would result in distant code execution (RCE).

Important patches concentrating on RCE flaws have been launched for the SPNEGO Prolonged Negotiation (NEGOEX) Safety Mechanism, SharePoint (CVE-2025-49701 and CVE-2025-49704), and Kerberos Key Distribution Heart proxy service (KPSSVC) (CVE-2025-49735).

Redmond’s Workplace suite additionally obtained its share of patches for code execution flaws that could possibly be exploited by convincing customers to open malicious paperwork.Commercial. Scroll to proceed studying.

Two Workplace bugs addressed this month that would result in native code execution are CVE-2025-49695 (a use-after-free) and CVE-2025-49696 (an out-of-bounds learn).

One other noteworthy bug resolved on Tuesday is CVE-2025-49724, a use-after-free in Home windows Linked Units Platform Service that could possibly be exploited by distant, unauthenticated attackers for code execution.

In line with Microsoft, nevertheless, profitable exploitation requires for the attacker to ship crafted visitors to a tool that has the Close by Sharing function enabled, and for the consumer to take particular actions.

Of the entire 130 flaws that Redmond resolved this month, 53 may result in privilege escalation, 41 to RCE, 18 to data disclosure, 8 to safety bypasses, 6 to denial-of-service, and 4 to spoofing.

The fixes ought to roll out to methods with the automated updates enabled shortly. Customers who would not have the function enabled are suggested to use the obtainable patches as quickly as doable.

Associated: Microsoft Patch Tuesday Covers WebDAV Flaw Marked as ‘Already Exploited’

Associated: Zero-Day Assaults Spotlight One other Busy Microsoft Patch Tuesday

Associated: Microsoft Patches 125 Home windows Vulns, Together with Exploited CLFS Zero-Day

Security Week News Tags:July, Microsoft, Patch, Patches, Tuesday, Vulnerabilities

Post navigation

Previous Post: Impostor Uses AI to Impersonate Rubio and Contact Foreign and US Officials
Next Post: Adobe Patches Critical Code Execution Bugs

Related Posts

Marks & Spencer Expects Ransomware Attack to Cost $400 Million Security Week News
Code Execution Flaws Haunt Adobe Acrobat Reader, Adobe Commerce Security Week News
Organizations Warned of Vulnerability Exploited Against Discontinued TP-Link Routers Security Week News
Prison Sentence for Man Involved in SEC X Account Hack Security Week News
Qantas Hit with Extortion Demand After Data Breach Security Week News
Nova Scotia Power Confirms Ransomware Attack, 280k Notified of Data Breach Security Week News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • How to Implement Role-Based Access Control (RBAC)
  • Adobe Patches Critical Code Execution Bugs
  • Microsoft Patches 130 Vulnerabilities for July 2025 Patch Tuesday
  • Impostor Uses AI to Impersonate Rubio and Contact Foreign and US Officials
  • Microsoft Releases Cumulative Update for Windows 10 With July Patch Tuesday 2025

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • How to Implement Role-Based Access Control (RBAC)
  • Adobe Patches Critical Code Execution Bugs
  • Microsoft Patches 130 Vulnerabilities for July 2025 Patch Tuesday
  • Impostor Uses AI to Impersonate Rubio and Contact Foreign and US Officials
  • Microsoft Releases Cumulative Update for Windows 10 With July Patch Tuesday 2025

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News