Microsoft Patch Tuesday June 2025 – 66 Vulnerabilities Patched Including 2 Zero-Day
Microsoft has released its June 2025 Patch Tuesday security updates, addressing a total of 66 vulnerabilities across its software ecosystem.
This month’s updates include fixes for ten critical vulnerabilities and two zero-day flaws, one of which is actively exploited in the wild and another that was publicly disclosed.
The patches cover a wide range of products, including Windows, Microsoft Office, .NET, Visual Studio, and more.
Microsoft Patch Tuesday June – Key Highlights
- 66 vulnerabilities patched, including 13 elevation of privilege, 25 remote code execution, 17 information disclosure, 6 denial of service, 3 security feature bypass, and 2 spoofing vulnerabilities.
- Ten critical vulnerabilities, with eight remote code execution flaws and two elevation of privilege bugs.
- Two zero-day vulnerabilities, one actively exploited and one publicly disclosed, posing immediate risks to unpatched systems.
- Updates do not include fixes for Mariner, Microsoft Edge, or Power Automate, which were addressed earlier this month.
Here is a table listing the vulnerabilities, with those rated as Critical at the top, followed by the Important vulnerabilities:
Two Zero-Day Vulnerabilities in Focus
1. CVE-2025-33053 – Web Distributed Authoring and Versioning (WEBDAV) Remote Code Execution Vulnerability (Actively Exploited)
This actively exploited zero-day vulnerability affects Microsoft Windows Web Distributed Authoring and Versioning (WebDAV).
Discovered by Alexandra Gofman and David Driker of Check Point Research, the flaw allows a remote attacker to execute arbitrary code on a victim’s system if the user clicks a specially crafted WebDAV URL.
According to Check Point Research, “Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system.” Microsoft has confirmed that the vulnerability is being exploited in the wild, though specific details about the attacks remain undisclosed.
2. CVE-2025-33073 – Windows SMB Client Elevation of Privilege Vulnerability (Publicly Disclosed)
This publicly disclosed zero-day vulnerability resides in the Windows SMB (Server Message Block) client, enabling attackers to gain SYSTEM-level privileges on vulnerable devices.
Microsoft explains that “improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network” by executing a malicious script that coerces the victim’s machine to authenticate via SMB to the attacker’s system.
The flaw was reported by multiple researchers, including Keisuke Hirata (CrowdStrike), Synacktiv, Stefan Walter (SySS GmbH), RedTeam Pentesting GmbH, and James Forshaw (Google Project Zero).
Born City noted that DFN-CERT issued warnings about the flaw following alerts from RedTeam Pentesting.
While a patch is now available, Microsoft suggests mitigating the issue by enforcing server-side SMB signing through Group Policy.
Critical Vulnerabilities Addressed
Among the ten critical vulnerabilities patched, eight are remote code execution flaws affecting products like Microsoft Office, SharePoint Server, Windows Cryptographic Services, Windows KDC Proxy Service, Windows Netlogon, and Windows Remote Desktop Services.
The two critical elevation of privilege vulnerabilities impact Windows Netlogon and other components.
These critical flaws could allow attackers to take full control of affected systems, making timely patching essential.
Notable critical vulnerabilities include:
- CVE-2025-47164, CVE-2025-47167, CVE-2025-47162, CVE-2025-47953 (Microsoft Office): Remote code execution vulnerabilities that could allow attackers to execute malicious code via specially crafted Office files.
- CVE-2025-47172 (Microsoft SharePoint Server): A critical remote code execution flaw that could compromise SharePoint environments.
- CVE-2025-29828 (Windows Schannel): A critical remote code execution vulnerability in Windows Cryptographic Services.
- CVE-2025-32710 (Windows Remote Desktop Services): A critical remote code execution flaw that could be exploited over a network.
The June 2025 Patch Tuesday also addresses numerous important-severity vulnerabilities, including:
- Windows Storage Management Provider: Thirteen information disclosure vulnerabilities (e.g., CVE-2025-24065, CVE-2025-33055) that could leak sensitive data.
- Microsoft Office Components: Multiple remote code execution flaws in Excel, Outlook, PowerPoint, and Word (e.g., CVE-2025-47165, CVE-2025-47171, CVE-2025-47175).
- Windows SMB: Another elevation of privilege vulnerability (CVE-2025-32718) alongside the zero-day CVE-2025-33073.
- Windows Secure Boot: A security feature bypass vulnerability (CVE-2025-3052) in InsydeH2O, reported by Cert CC.
| Tag | CVE ID | CVE Title | Severity |
|---|---|---|---|
| Microsoft Office | CVE-2025-47164 | Microsoft Office Remote Code Execution Vulnerability | Critical |
| Microsoft Office | CVE-2025-47167 | Microsoft Office Remote Code Execution Vulnerability | Critical |
| Microsoft Office | CVE-2025-47162 | Microsoft Office Remote Code Execution Vulnerability | Critical |
| Microsoft Office | CVE-2025-47953 | Microsoft Office Remote Code Execution Vulnerability | Critical |
| Microsoft Office SharePoint | CVE-2025-47172 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Critical |
| Windows Cryptographic Services | CVE-2025-29828 | Windows Schannel Remote Code Execution Vulnerability | Critical |
| Windows KDC Proxy Service (KPSSVC) | CVE-2025-33071 | Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability | Critical |
| Windows Netlogon | CVE-2025-33070 | Windows Netlogon Elevation of Privilege Vulnerability | Critical |
| Windows Remote Desktop Services | CVE-2025-32710 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Critical |
| .NET and Visual Studio | CVE-2025-30399 | .NET and Visual Studio Remote Code Execution Vulnerability | Important |
| App Control for Business (WDAC) | CVE-2025-33069 | Windows App Control for Business Security Feature Bypass Vulnerability | Important |
| Microsoft AutoUpdate (MAU) | CVE-2025-47968 | Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability | Important |
| Microsoft Local Security Authority Server (lsasrv) | CVE-2025-33056 | Windows Local Security Authority (LSA) Denial of Service Vulnerability | Important |
| Microsoft Office | CVE-2025-47173 | Microsoft Office Remote Code Execution Vulnerability | Important |
| Microsoft Office Excel | CVE-2025-47165 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office Excel | CVE-2025-47174 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office Outlook | CVE-2025-47171 | Microsoft Outlook Remote Code Execution Vulnerability | Important |
| Microsoft Office Outlook | CVE-2025-47176 | Microsoft Outlook Remote Code Execution Vulnerability | Important |
| Microsoft Office PowerPoint | CVE-2025-47175 | Microsoft PowerPoint Remote Code Execution Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2025-47166 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2025-47163 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Important |
| Microsoft Office Word | CVE-2025-47170 | Microsoft Word Remote Code Execution Vulnerability | Important |
| Microsoft Office Word | CVE-2025-47957 | Microsoft Word Remote Code Execution Vulnerability | Important |
| Microsoft Office Word | CVE-2025-47169 | Microsoft Word Remote Code Execution Vulnerability | Important |
| Microsoft Office Word | CVE-2025-47168 | Microsoft Word Remote Code Execution Vulnerability | Important |
| Nuance Digital Engagement Platform | CVE-2025-47977 | Nuance Digital Engagement Platform Spoofing Vulnerability | Important |
| Remote Desktop Client | CVE-2025-32715 | Remote Desktop Protocol Client Information Disclosure Vulnerability | Important |
| Visual Studio | CVE-2025-47959 | Visual Studio Remote Code Execution Vulnerability | Important |
| WebDAV | CVE-2025-33053 | Web Distributed Authoring and Versioning (WEBDAV) Remote Code Execution Vulnerability | Important |
| Windows Common Log File System Driver | CVE-2025-32713 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Important |
| Windows DHCP Server | CVE-2025-33050 | DHCP Server Service Denial of Service Vulnerability | Important |
| Windows DHCP Server | CVE-2025-32725 | DHCP Server Service Denial of Service Vulnerability | Important |
| Windows DWM Core Library | CVE-2025-33052 | Windows DWM Core Library Information Disclosure Vulnerability | Important |
| Windows Hello | CVE-2025-47969 | Windows Virtualization-Based Security (VBS) Information Disclosure Vulnerability | Important |
| Windows Installer | CVE-2025-33075 | Windows Installer Elevation of Privilege Vulnerability | Important |
| Windows Installer | CVE-2025-32714 | Windows Installer Elevation of Privilege Vulnerability | Important |
| Windows Kernel | CVE-2025-33067 | Windows Task Scheduler Elevation of Privilege Vulnerability | Important |
| Windows Local Security Authority (LSA) | CVE-2025-33057 | Windows Local Security Authority (LSA) Denial of Service Vulnerability | Important |
| Windows Local Security Authority Subsystem Service (LSASS) | CVE-2025-32724 | Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability | Important |
| Windows Media | CVE-2025-32716 | Windows Media Elevation of Privilege Vulnerability | Important |
| Windows Recovery Driver | CVE-2025-32721 | Windows Recovery Driver Elevation of Privilege Vulnerability | Important |
| Windows Remote Access Connection Manager | CVE-2025-47955 | Windows Remote Access Connection Manager Elevation of Privilege Vulnerability | Important |
| Windows Routing and Remote Access Service (RRAS) | CVE-2025-33064 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Important |
| Windows Routing and Remote Access Service (RRAS) | CVE-2025-33066 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Important |
| Windows SDK | CVE-2025-47962 | Windows SDK Elevation of Privilege Vulnerability | Important |
| Windows Secure Boot | CVE-2025-3052 | Cert CC: CVE-2025-3052 InsydeH2O Secure Secure Boot Bypass | Important |
| Windows Security App | CVE-2025-47956 | Windows Security App Spoofing Vulnerability | Important |
| Windows Shell | CVE-2025-47160 | Windows Shortcut Files Security Feature Bypass Vulnerability | Important |
| Windows SMB | CVE-2025-33073 | Windows SMB Client Elevation of Privilege Vulnerability | Important |
| Windows SMB | CVE-2025-32718 | Windows SMB Client Elevation of Privilege Vulnerability | Important |
| Windows Standards-Based Storage Management Service | CVE-2025-33068 | Windows Standards-Based Storage Management Service Denial of Service Vulnerability | Important |
| Windows Storage Management Provider | CVE-2025-24065 | Windows Storage Management Provider Information Disclosure Vulnerability | Important |
| Windows Storage Management Provider | CVE-2025-24068 | Windows Storage Management Provider Information Disclosure Vulnerability | Important |
| Windows Storage Management Provider | CVE-2025-24069 | Windows Storage Management Provider Information Disclosure Vulnerability | Important |
| Windows Storage Management Provider | CVE-2025-32719 | Windows Storage Management Provider Information Disclosure Vulnerability | Important |
| Windows Storage Management Provider | CVE-2025-32720 | Windows Storage Management Provider Information Disclosure Vulnerability | Important |
| Windows Storage Management Provider | CVE-2025-33055 | Windows Storage Management Provider Information Disclosure Vulnerability | Important |
| Windows Storage Management Provider | CVE-2025-33058 | Windows Storage Management Provider Information Disclosure Vulnerability | Important |
| Windows Storage Management Provider | CVE-2025-33059 | Windows Storage Management Provider Information Disclosure Vulnerability | Important |
| Windows Storage Management Provider | CVE-2025-33060 | Windows Storage Management Provider Information Disclosure Vulnerability | Important |
| Windows Storage Management Provider | CVE-2025-33061 | Windows Storage Management Provider Information Disclosure Vulnerability | Important |
| Windows Storage Management Provider | CVE-2025-33062 | Windows Storage Management Provider Information Disclosure Vulnerability | Important |
| Windows Storage Management Provider | CVE-2025-33063 | Windows Storage Management Provider Information Disclosure Vulnerability | Important |
| Windows Storage Management Provider | CVE-2025-33065 | Windows Storage Management Provider Information Disclosure Vulnerability | Important |
| Windows Storage Port Driver | CVE-2025-32722 | Windows Storage Port Driver Information Disclosure Vulnerability | Important |
| Windows Win32K – GRFX | CVE-2025-32712 | Win32k Elevation of Privilege Vulnerability | Important |
Updates from Other Vendors
In addition to Microsoft, several other vendors released security updates in June 2025:
- Adobe: Patches for InCopy, Experience Manager, Commerce, InDesign, and Acrobat Reader.
- Cisco: Fixes for three vulnerabilities in Identity Services Engine and Customer Collaboration Platform.
- Fortinet: Updates for an OS command injection flaw in FortiManager and FortiAnalyzer.
- Google: Android and Chrome updates, including a fix for an actively exploited Chrome zero-day.
- SAP: Security updates for a critical missing authorization check in SAP NetWeaver.
Recommendations
Organizations and individuals are urged to apply the June 2025 Patch Tuesday updates as soon as possible, particularly due to the actively exploited zero-day (CVE-2025-33053) and the publicly disclosed flaw (CVE-2025-33073).
Prioritize patching systems exposed to the internet, such as those running WebDAV or SMB services, and ensure critical vulnerabilities in Office and Windows components are addressed promptly.
For more details on non-security updates, refer to Microsoft’s articles on Windows 11 KB5060842 and KB5060999, and Windows 10 KB5060533 cumulative updates. To view the full list of resolved vulnerabilities, visit Microsoft’s Security Update Guide.
Find this News Interesting! Follow us on Google News, LinkedIn, & X to Get Instant Updates
Source link
