Microsoft Patch Tuesday June 2025 – 66 Vulnerabilities Patched Including 2 Zero-Day

   Haziran 10, 2025  Posted in GBHackers


Microsoft has released its June 2025 Patch Tuesday security updates, addressing a total of 66 vulnerabilities across its software ecosystem.

This month’s updates include fixes for ten critical vulnerabilities and two zero-day flaws, one of which is actively exploited in the wild and another that was publicly disclosed.

The patches cover a wide range of products, including Windows, Microsoft Office, .NET, Visual Studio, and more.

– Advertisement –
Google News

Microsoft Patch Tuesday June – Key Highlights

  • 66 vulnerabilities patched, including 13 elevation of privilege, 25 remote code execution, 17 information disclosure, 6 denial of service, 3 security feature bypass, and 2 spoofing vulnerabilities.
  • Ten critical vulnerabilities, with eight remote code execution flaws and two elevation of privilege bugs.
  • Two zero-day vulnerabilities, one actively exploited and one publicly disclosed, posing immediate risks to unpatched systems.
  • Updates do not include fixes for Mariner, Microsoft Edge, or Power Automate, which were addressed earlier this month.

Here is a table listing the vulnerabilities, with those rated as Critical at the top, followed by the Important vulnerabilities:

Two Zero-Day Vulnerabilities in Focus

1. CVE-2025-33053 – Web Distributed Authoring and Versioning (WEBDAV) Remote Code Execution Vulnerability (Actively Exploited)

This actively exploited zero-day vulnerability affects Microsoft Windows Web Distributed Authoring and Versioning (WebDAV).

Discovered by Alexandra Gofman and David Driker of Check Point Research, the flaw allows a remote attacker to execute arbitrary code on a victim’s system if the user clicks a specially crafted WebDAV URL.

According to Check Point Research, “Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system.” Microsoft has confirmed that the vulnerability is being exploited in the wild, though specific details about the attacks remain undisclosed.

2. CVE-2025-33073 – Windows SMB Client Elevation of Privilege Vulnerability (Publicly Disclosed)

This publicly disclosed zero-day vulnerability resides in the Windows SMB (Server Message Block) client, enabling attackers to gain SYSTEM-level privileges on vulnerable devices.

Microsoft explains that “improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network” by executing a malicious script that coerces the victim’s machine to authenticate via SMB to the attacker’s system.

The flaw was reported by multiple researchers, including Keisuke Hirata (CrowdStrike), Synacktiv, Stefan Walter (SySS GmbH), RedTeam Pentesting GmbH, and James Forshaw (Google Project Zero).

Born City noted that DFN-CERT issued warnings about the flaw following alerts from RedTeam Pentesting.

While a patch is now available, Microsoft suggests mitigating the issue by enforcing server-side SMB signing through Group Policy.

Critical Vulnerabilities Addressed

Among the ten critical vulnerabilities patched, eight are remote code execution flaws affecting products like Microsoft Office, SharePoint Server, Windows Cryptographic Services, Windows KDC Proxy Service, Windows Netlogon, and Windows Remote Desktop Services.

The two critical elevation of privilege vulnerabilities impact Windows Netlogon and other components.

These critical flaws could allow attackers to take full control of affected systems, making timely patching essential.

Notable critical vulnerabilities include:

  • CVE-2025-47164, CVE-2025-47167, CVE-2025-47162, CVE-2025-47953 (Microsoft Office): Remote code execution vulnerabilities that could allow attackers to execute malicious code via specially crafted Office files.
  • CVE-2025-47172 (Microsoft SharePoint Server): A critical remote code execution flaw that could compromise SharePoint environments.
  • CVE-2025-29828 (Windows Schannel): A critical remote code execution vulnerability in Windows Cryptographic Services.
  • CVE-2025-32710 (Windows Remote Desktop Services): A critical remote code execution flaw that could be exploited over a network.

The June 2025 Patch Tuesday also addresses numerous important-severity vulnerabilities, including:

  • Windows Storage Management Provider: Thirteen information disclosure vulnerabilities (e.g., CVE-2025-24065, CVE-2025-33055) that could leak sensitive data.
  • Microsoft Office Components: Multiple remote code execution flaws in Excel, Outlook, PowerPoint, and Word (e.g., CVE-2025-47165, CVE-2025-47171, CVE-2025-47175).
  • Windows SMB: Another elevation of privilege vulnerability (CVE-2025-32718) alongside the zero-day CVE-2025-33073.
  • Windows Secure Boot: A security feature bypass vulnerability (CVE-2025-3052) in InsydeH2O, reported by Cert CC.
TagCVE IDCVE TitleSeverity
Microsoft OfficeCVE-2025-47164Microsoft Office Remote Code Execution VulnerabilityCritical
Microsoft OfficeCVE-2025-47167Microsoft Office Remote Code Execution VulnerabilityCritical
Microsoft OfficeCVE-2025-47162Microsoft Office Remote Code Execution VulnerabilityCritical
Microsoft OfficeCVE-2025-47953Microsoft Office Remote Code Execution VulnerabilityCritical
Microsoft Office SharePointCVE-2025-47172Microsoft SharePoint Server Remote Code Execution VulnerabilityCritical
Windows Cryptographic ServicesCVE-2025-29828Windows Schannel Remote Code Execution VulnerabilityCritical
Windows KDC Proxy Service (KPSSVC)CVE-2025-33071Windows KDC Proxy Service (KPSSVC) Remote Code Execution VulnerabilityCritical
Windows NetlogonCVE-2025-33070Windows Netlogon Elevation of Privilege VulnerabilityCritical
Windows Remote Desktop ServicesCVE-2025-32710Windows Remote Desktop Services Remote Code Execution VulnerabilityCritical
.NET and Visual StudioCVE-2025-30399.NET and Visual Studio Remote Code Execution VulnerabilityImportant
App Control for Business (WDAC)CVE-2025-33069Windows App Control for Business Security Feature Bypass VulnerabilityImportant
Microsoft AutoUpdate (MAU)CVE-2025-47968Microsoft AutoUpdate (MAU) Elevation of Privilege VulnerabilityImportant
Microsoft Local Security Authority Server (lsasrv)CVE-2025-33056Windows Local Security Authority (LSA) Denial of Service VulnerabilityImportant
Microsoft OfficeCVE-2025-47173Microsoft Office Remote Code Execution VulnerabilityImportant
Microsoft Office ExcelCVE-2025-47165Microsoft Excel Remote Code Execution VulnerabilityImportant
Microsoft Office ExcelCVE-2025-47174Microsoft Excel Remote Code Execution VulnerabilityImportant
Microsoft Office OutlookCVE-2025-47171Microsoft Outlook Remote Code Execution VulnerabilityImportant
Microsoft Office OutlookCVE-2025-47176Microsoft Outlook Remote Code Execution VulnerabilityImportant
Microsoft Office PowerPointCVE-2025-47175Microsoft PowerPoint Remote Code Execution VulnerabilityImportant
Microsoft Office SharePointCVE-2025-47166Microsoft SharePoint Server Remote Code Execution VulnerabilityImportant
Microsoft Office SharePointCVE-2025-47163Microsoft SharePoint Server Remote Code Execution VulnerabilityImportant
Microsoft Office WordCVE-2025-47170Microsoft Word Remote Code Execution VulnerabilityImportant
Microsoft Office WordCVE-2025-47957Microsoft Word Remote Code Execution VulnerabilityImportant
Microsoft Office WordCVE-2025-47169Microsoft Word Remote Code Execution VulnerabilityImportant
Microsoft Office WordCVE-2025-47168Microsoft Word Remote Code Execution VulnerabilityImportant
Nuance Digital Engagement PlatformCVE-2025-47977Nuance Digital Engagement Platform Spoofing VulnerabilityImportant
Remote Desktop ClientCVE-2025-32715Remote Desktop Protocol Client Information Disclosure VulnerabilityImportant
Visual StudioCVE-2025-47959Visual Studio Remote Code Execution VulnerabilityImportant
WebDAVCVE-2025-33053Web Distributed Authoring and Versioning (WEBDAV) Remote Code Execution VulnerabilityImportant
Windows Common Log File System DriverCVE-2025-32713Windows Common Log File System Driver Elevation of Privilege VulnerabilityImportant
Windows DHCP ServerCVE-2025-33050DHCP Server Service Denial of Service VulnerabilityImportant
Windows DHCP ServerCVE-2025-32725DHCP Server Service Denial of Service VulnerabilityImportant
Windows DWM Core LibraryCVE-2025-33052Windows DWM Core Library Information Disclosure VulnerabilityImportant
Windows HelloCVE-2025-47969Windows Virtualization-Based Security (VBS) Information Disclosure VulnerabilityImportant
Windows InstallerCVE-2025-33075Windows Installer Elevation of Privilege VulnerabilityImportant
Windows InstallerCVE-2025-32714Windows Installer Elevation of Privilege VulnerabilityImportant
Windows KernelCVE-2025-33067Windows Task Scheduler Elevation of Privilege VulnerabilityImportant
Windows Local Security Authority (LSA)CVE-2025-33057Windows Local Security Authority (LSA) Denial of Service VulnerabilityImportant
Windows Local Security Authority Subsystem Service (LSASS)CVE-2025-32724Local Security Authority Subsystem Service (LSASS) Denial of Service VulnerabilityImportant
Windows MediaCVE-2025-32716Windows Media Elevation of Privilege VulnerabilityImportant
Windows Recovery DriverCVE-2025-32721Windows Recovery Driver Elevation of Privilege VulnerabilityImportant
Windows Remote Access Connection ManagerCVE-2025-47955Windows Remote Access Connection Manager Elevation of Privilege VulnerabilityImportant
Windows Routing and Remote Access Service (RRAS)CVE-2025-33064Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityImportant
Windows Routing and Remote Access Service (RRAS)CVE-2025-33066Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityImportant
Windows SDKCVE-2025-47962Windows SDK Elevation of Privilege VulnerabilityImportant
Windows Secure BootCVE-2025-3052Cert CC: CVE-2025-3052 InsydeH2O Secure Secure Boot BypassImportant
Windows Security AppCVE-2025-47956Windows Security App Spoofing VulnerabilityImportant
Windows ShellCVE-2025-47160Windows Shortcut Files Security Feature Bypass VulnerabilityImportant
Windows SMBCVE-2025-33073Windows SMB Client Elevation of Privilege VulnerabilityImportant
Windows SMBCVE-2025-32718Windows SMB Client Elevation of Privilege VulnerabilityImportant
Windows Standards-Based Storage Management ServiceCVE-2025-33068Windows Standards-Based Storage Management Service Denial of Service VulnerabilityImportant
Windows Storage Management ProviderCVE-2025-24065Windows Storage Management Provider Information Disclosure VulnerabilityImportant
Windows Storage Management ProviderCVE-2025-24068Windows Storage Management Provider Information Disclosure VulnerabilityImportant
Windows Storage Management ProviderCVE-2025-24069Windows Storage Management Provider Information Disclosure VulnerabilityImportant
Windows Storage Management ProviderCVE-2025-32719Windows Storage Management Provider Information Disclosure VulnerabilityImportant
Windows Storage Management ProviderCVE-2025-32720Windows Storage Management Provider Information Disclosure VulnerabilityImportant
Windows Storage Management ProviderCVE-2025-33055Windows Storage Management Provider Information Disclosure VulnerabilityImportant
Windows Storage Management ProviderCVE-2025-33058Windows Storage Management Provider Information Disclosure VulnerabilityImportant
Windows Storage Management ProviderCVE-2025-33059Windows Storage Management Provider Information Disclosure VulnerabilityImportant
Windows Storage Management ProviderCVE-2025-33060Windows Storage Management Provider Information Disclosure VulnerabilityImportant
Windows Storage Management ProviderCVE-2025-33061Windows Storage Management Provider Information Disclosure VulnerabilityImportant
Windows Storage Management ProviderCVE-2025-33062Windows Storage Management Provider Information Disclosure VulnerabilityImportant
Windows Storage Management ProviderCVE-2025-33063Windows Storage Management Provider Information Disclosure VulnerabilityImportant
Windows Storage Management ProviderCVE-2025-33065Windows Storage Management Provider Information Disclosure VulnerabilityImportant
Windows Storage Port DriverCVE-2025-32722Windows Storage Port Driver Information Disclosure VulnerabilityImportant
Windows Win32K – GRFXCVE-2025-32712Win32k Elevation of Privilege VulnerabilityImportant

Updates from Other Vendors

In addition to Microsoft, several other vendors released security updates in June 2025:

  • Adobe: Patches for InCopy, Experience Manager, Commerce, InDesign, and Acrobat Reader.
  • Cisco: Fixes for three vulnerabilities in Identity Services Engine and Customer Collaboration Platform.
  • Fortinet: Updates for an OS command injection flaw in FortiManager and FortiAnalyzer.
  • Google: Android and Chrome updates, including a fix for an actively exploited Chrome zero-day.
  • SAP: Security updates for a critical missing authorization check in SAP NetWeaver.

Recommendations

Organizations and individuals are urged to apply the June 2025 Patch Tuesday updates as soon as possible, particularly due to the actively exploited zero-day (CVE-2025-33053) and the publicly disclosed flaw (CVE-2025-33073).

Prioritize patching systems exposed to the internet, such as those running WebDAV or SMB services, and ensure critical vulnerabilities in Office and Windows components are addressed promptly.

For more details on non-security updates, refer to Microsoft’s articles on Windows 11 KB5060842 and KB5060999, and Windows 10 KB5060533 cumulative updates. To view the full list of resolved vulnerabilities, visit Microsoft’s Security Update Guide.

Find this News Interesting! Follow us on Google News, LinkedIn, & X to Get Instant Updates



Source link