[ad_1]
.Microsoft on Tuesday released 67 patches affecting 12 product households. Ten of the addressed points, 5 involving 365 and Office and one involving SharePoint, are thought of by Microsoft to be of Critical severity, and 17 have a CVSS base rating of 8.0 or larger. One, an Important-severity RCE in Windows associated to WEBDAV (CVE-2025-33053), is recognized to be underneath energetic exploitation within the wild. An further Important-severity SMB problem has been publicly disclosed, however isn’t presently recognized to be underneath exploit.
At patch time, 9 further CVEs are extra prone to be exploited within the subsequent 30 days by the corporate’s estimation, not together with the WEBDAV problem talked about above. Various of this month’s points are amenable to direct detection by Sophos protections, and we embrace data on those in a desk beneath. This most actually contains CVE-2025-33053, by which Sophos itself has taken a specific curiosity – and, apparently, vice versa.
In addition to these patches, ten Adobe Reader fixes, 4 of them thought of to be of Critical severity, are included within the launch. Those are listed in Appendix D beneath. That appendix additionally contains data on two Edge-related vulnerabilities and a Critical-severity Power Automate problem that was addressed earlier this month, in addition to restricted data on a Critical-severity bug in Copilot for which an advisory was launched the next day (Wednesday). The periodically launched Servicing Stack updates are additionally obtainable.
We are as all the time together with on the finish of this submit further appendices itemizing all Microsoft’s patches sorted by severity, by predicted exploitability timeline and CVSS Base rating, and by product household; an appendix protecting the advisory-style updates; and a breakout of the patches affecting the assorted Windows Server platforms nonetheless in help.
By the numbers
- Total CVEs: 67
- Publicly disclosed: 1
- Exploit detected: 1
- Severity
- Critical: 10
- Important: 57
- Impact
- Remote Code Execution: 26
- Information Disclosure: 17
- Elevation of Privilege: 13
- Denial of Service: 6
- Security Feature Bypass: 3
- Spoofing: 2
- CVSS base rating 9.0 or larger: 0*
- CVSS base rating 8.0 or later: 18
* One problem, affecting Power Automate for Desktop however patched by Microsoft on June 5, has been assigned a 9.8 CVSS base rating. Since it was mitigated previous to launch, we’re treating that data as advisory-only and don’t embrace it on this month’s statistics. Likewise, the Copilot advisory launched on June 11 has a CVSS base rating of 9.3, however doesn’t determine into these tallies or charts.
Figure 1: A proportionally heavier-than-usual ten Critical-severity patches had been launched in June, although unusually six of these happen in 365, Office, or SharePoint reasonably than the extra customary Windows. (Two Edge updates coated this month should not launched with full affect data and thus don’t seem on this chart; we’re additionally excluding the Power Automate patch as mentioned above)
Products
- Windows: 45*
- 365: 15
- Office: 14
- SharePoint: 5
- Visual Studio: 2
- Word: 2
- .NET: 1
- Excel: 1
- Microsoft AutoUpdate for Macintosh: 1
- Nuance Digital Engagement Platform: 1
- Outlook: 1
- PowerLevel: 1
* One Windows SDK patch (CVE-2025-47962) and one patch affecting the Windows Security App part (CVE-2025-47956) are included within the Windows counts for reader comfort, although neither impacts particular variations of the consumer or server platforms.
As is our customized for this record, CVEs that apply to a couple of product household are counted as soon as for every household they have an effect on. We notice that CVE names don’t all the time replicate affected product households intently. In explicit, some CVEs names within the Office household could point out merchandise that don’t seem within the record of merchandise affected by the CVE, and vice versa.
Figure 2: Twelve product households determine in May’s Patch Tuesday launch; the Nuance medical-product household returns to the charts for a second month, this time addressing a spoofing problem in its Digital Engagement Platform
Notable June updates
In addition to the problems mentioned above, a number of particular objects advantage consideration.
CVE-2025-33053 — Web Distributed Authoring and Versioning (WebDAV) Remote Code Execution Vulnerability
The solely patched problem presently recognized to be underneath exploit within the wild is an Important-severity flaw in Web Distributed Authoring and Versioning code, which has been underpinning a lot of the web because the IE period. That’s the issue; this patch touches the MSHTML, EdgeHTML, and scripting platforms, that are all nonetheless supported. This signifies that these Microsoft clients presently taking Security Only updates want to put in the IE Cumulative updates to correctly guard towards this vulnerability – one thing right here for everybody, in different phrases.
The adversaries exploiting that vulnerability apparently discovered Sophos protections vexing. Endpoint safety scans new applications earlier than they run—however after launch, scanning drops off. Attackers exploit this by delivering applications with encrypted our bodies that evade static scanning and AI fashions. Once working, the code decrypts itself, masses implants, and executes solely in reminiscence—by no means touching disk.
Sophos counters this with Dynamic Shellcode Protection, which limits how a lot executable reminiscence a course of can allocate. That restriction breaks stealthy in-memory assaults, forcing adversaries to revert to noisier, extra detectable methods like distant injection—the place they’re a lot simpler to catch.
After that the attackers would have run into a number of extra Sophos layers of blacklist, antimalware signatures, and different defenses — but it surely’s fascinating to us to see ourselves mirrored in an adversary’s code as a very robust nut to crack. In any case, we advocate as all the time that defenders prioritize higher-profile patches similar to this one.
CVE-2025-33073 – Windows SMB Client Elevation of Privilege Vulnerability
It’s not recognized to be underneath energetic exploitation but, and Microsoft signifies that they assume it’s much less prone to be exploited throughout the subsequent 30 days, however this Important-severity EoP is the one June CVE recognized to have been publicly disclosed to this point. The problem comes right down to improper entry controls, and it impacts all supported Windows consumer and server variations.
CVE-2025-47166 — Microsoft SharePoint Server Remote Code Execution Vulnerability
After debuting in May, “zcgonvh’s cat Vanilla” makes a direct return look on the finder roster – that’s proper, the cat got here again the very subsequent Patch Tuesday.
CVE-2025-32711 — M365 Copilot Information Disclosure Vulnerability
Finally, one CVE that was not launched within the Tuesday assortment, however merited the discharge of an advisory the next day: a Critical-severity, CVSS-base 9.3, information-disclosure error that made it attainable for an unauthorized attacker to make use of command injection to reveal data from the AI software. The vulnerability was responsibly disclosed to Microsoft and the corporate acknowledged early Wednesday that the patch is already pushed to clients.
Figure 3: As we wrap up the primary half of the 12 months, the proportion of Critical-severity RCEs over the previous six months is eye-catching
Figure 4: Comparing first-half totals for 2024 and 2025, we see that the excessive variety of Critical-severity RCEs stands out much more strongly when in comparison with the 12 months earlier than – 40, in contrast with simply 9 for the primary half of the 12 months earlier than. A couple of different traits stand out as effectively, together with massive year-over-year will increase in data disclosure CVEs (44 in 1H24, 77 to this point in 2025) and denial of service points (34 in 1H24, 57 to this point in 2025)
Sophos protections
| CVE | Sophos Intercept X/Endpoint IPS | Sophos XGS Firewall |
| CVE-2025-32713 | Exp/2532713-A | Exp/2532713-A |
| CVE-2025-32714 | Exp/2532714-A | Exp/2532714-A |
| CVE-2025-33053 | sid:2311111 | sid:2311111 |
| CVE-2025-33070 | sid:2311128 | sid:2311128 |
| CVE-2025-47162 | sid:2311145 | sid:2311145 |
| CVE-2025-47164 | sid:2311146 | sid:2311146 |
| CVE-2025-47167 | sid:231113 | sid:231113 |
CVE-2025-33053 additionally has an relevant detection of notice, Troj/UrlRun-B, along with the XSG signature famous above.
As you possibly can each month, when you don’t wish to wait on your system to tug down Microsoft’s updates itself, you possibly can obtain them manually from the Windows Update Catalog web site. Run the winver.exe software to find out which construct of Windows 10 or 11 you’re working, then obtain the Cumulative Update package deal on your particular system’s structure and construct quantity.
Appendix A: Vulnerability Impact and Severity
This is a listing of June patches sorted by affect, then sub-sorted by severity. Each record is additional organized by CVE.
Remote Code Execution (25 CVEs)
| Critical severity | |
| CVE-2025-29828 | Windows Schannel Remote Code Execution Vulnerability |
| CVE-2025-32710 | Windows Remote Desktop Services Remote Code Execution Vulnerability |
| CVE-2025-32717 | Microsoft Word Remote Code Execution Vulnerability |
| CVE-2025-33071 | Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability |
| CVE-2025-47162 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2025-47164 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2025-47167 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2025-47172 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
| CVE-2025-47953 | Microsoft Office Remote Code Execution Vulnerability |
| Important severity | |
| CVE-2025-30399 | .NET and Visual Studio Remote Code Execution Vulnerability |
| CVE-2025-33053 | Web Distributed Authoring and Versioning (WEBDAV) Remote Code Execution Vulnerability |
| CVE-2025-33064 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| CVE-2025-33066 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| CVE-2025-47163 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
| CVE-2025-47165 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-47166 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
| CVE-2025-47168 | Microsoft Word Remote Code Execution Vulnerability |
| CVE-2025-47169 | Microsoft Word Remote Code Execution Vulnerability |
| CVE-2025-47170 | Microsoft Word Remote Code Execution Vulnerability |
| CVE-2025-47171 | Microsoft Outlook Remote Code Execution Vulnerability |
| CVE-2025-47173 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2025-47174 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-47175 | Microsoft PowerLevel Remote Code Execution Vulnerability |
| CVE-2025-47176 | Microsoft Outlook Remote Code Execution Vulnerability |
| CVE-2025-47957 | Microsoft Word Remote Code Execution Vulnerability |
| CVE-2025-47959 | Visual Studio Remote Code Execution Vulnerability |
Information Disclosure (17 CVEs)
| Important severity | |
| CVE-2025-24065 | Windows Storage Management Provider Information Disclosure Vulnerability |
| CVE-2025-24068 | Windows Storage Management Provider Information Disclosure Vulnerability |
| CVE-2025-24069 | Windows Storage Management Provider Information Disclosure Vulnerability |
| CVE-2025-32715 | Remote Desktop Protocol Client Information Disclosure Vulnerability |
| CVE-2025-32719 | Windows Storage Management Provider Information Disclosure Vulnerability |
| CVE-2025-32720 | Windows Storage Management Provider Information Disclosure Vulnerability |
| CVE-2025-32722 | Windows Storage Port Driver Information Disclosure Vulnerability |
| CVE-2025-33052 | Windows DWM Core Library Information Disclosure Vulnerability |
| CVE-2025-33055 | Windows Storage Management Provider Information Disclosure Vulnerability |
| CVE-2025-33058 | Windows Storage Management Provider Information Disclosure Vulnerability |
| CVE-2025-33059 | Windows Storage Management Provider Information Disclosure Vulnerability |
| CVE-2025-33060 | Windows Storage Management Provider Information Disclosure Vulnerability |
| CVE-2025-33061 | Windows Storage Management Provider Information Disclosure Vulnerability |
| CVE-2025-33062 | Windows Storage Management Provider Information Disclosure Vulnerability |
| CVE-2025-33063 | Windows Storage Management Provider Information Disclosure Vulnerability |
| CVE-2025-33065 | Windows Storage Management Provider Information Disclosure Vulnerability |
| CVE-2025-47969 | Windows Virtualization-Based Security (VBS) Information Disclosure Vulnerability |
Elevation of Privilege (13 CVEs)
| Critical severity | |
| CVE-2025-33070 | Windows Netlogon Elevation of Privilege Vulnerability |
| Important severity | |
| CVE-2025-32712 | Win32k Elevation of Privilege Vulnerability |
| CVE-2025-32713 | Windows Common Log File System Driver Elevation of Privilege Vulnerability |
| CVE-2025-32714 | Windows Installer Elevation of Privilege Vulnerability |
| CVE-2025-32716 | Windows Media Elevation of Privilege Vulnerability |
| CVE-2025-32718 | Windows SMB Client Elevation of Privilege Vulnerability |
| CVE-2025-32721 | Windows Recovery Driver Elevation of Privilege Vulnerability |
| CVE-2025-33067 | Windows Task Scheduler Elevation of Privilege Vulnerability |
| CVE-2025-33073 | Windows SMB Client Elevation of Privilege Vulnerability |
| CVE-2025-33075 | Windows Installer Elevation of Privilege Vulnerability |
| CVE-2025-47955 | Windows Remote Access Connection Manager Elevation of Privilege Vulnerability |
| CVE-2025-47962 | Windows SDK Elevation of Privilege Vulnerability |
| CVE-2025-47968 | Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability |
Denial of Service (6 CVEs)
| Important severity | |
| CVE-2025-32724 | Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability |
| CVE-2025-32725 | DHCP Server Service Denial of Service Vulnerability |
| CVE-2025-33050 | DHCP Server Service Denial of Service Vulnerability |
| CVE-2025-33056 | Windows Local Security Authority (LSA) Denial of Service Vulnerability |
| CVE-2025-33057 | Windows Local Security Authority (LSA) Denial of Service Vulnerability |
| CVE-2025-33068 | Windows Standards-Based Storage Management Service Denial of Service Vulnerability |
| CVE-2025-32724 | Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability |
Security Feature Bypass (3 CVEs)
| Important severity | |
| CVE-2025-3052 | Cert CC: CVE-2025-3052 InsydeH2O Secure Boot Bypass |
| CVE-2025-33069 | Windows App Control for Business Security Feature Bypass Vulnerability |
| CVE-2025-47160 | Windows Shortcut Files Security Feature Bypass Vulnerability |
Spoofing (2 CVEs)
| Important severity | |
| CVE-2025-47956 | Windows Security App Spoofing Vulnerability |
| CVE-2025-47977 | Nuance Digital Engagement Platform Spoofing Vulnerability |
Appendix B: Exploitability and CVSS
This is a listing of the June CVEs judged by Microsoft to be both underneath exploitation within the wild or extra prone to be exploited within the wild throughout the first 30 days post-release. The record is additional organized by CVE. The three Office objects extra prone to be exploited within the subsequent 30 days (CVE-2025-47162, CVE-2025-47164, and CVE-2025-47167) are all exploitable through Preview Pane.
| Exploitation detected | |
| CVE-2025-33053 | Web Distributed Authoring and Versioning (WEBDAV) Remote Code Execution Vulnerability |
| Exploitation extra doubtless throughout the subsequent 30 days | |
| CVE-2025-32713 | Windows Common Log File System Driver Elevation of Privilege Vulnerability |
| CVE-2025-32714 | Windows Installer Elevation of Privilege Vulnerability |
| CVE-2025-32717 | Microsoft Word Remote Code Execution Vulnerability |
| CVE-2025-33070 | Windows Netlogon Elevation of Privilege Vulnerability |
| CVE-2025-33071 | Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability |
| CVE-2025-47162 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2025-47164 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2025-47167 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2025-47962 | Windows SDK Elevation of Privilege Vulnerability |
This is a listing of June’s CVEs with a Microsoft-assessed CVSS Base rating of 8.0 or larger. They are organized by rating and additional sorted by CVE. For extra data on how CVSS works, please see our collection on patch prioritization schema.
| CVSS Base | CVSS Temporal | CVE | Title |
| 8.8 | 8.2 | CVE-2025-33053 | Web Distributed Authoring and Versioning (WEBDAV) Remote Code Execution Vulnerability |
| 8.8 | 7.7 | CVE-2025-33064 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| 8.8 | 7.7 | CVE-2025-33066 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| 8.8 | 7.9 | CVE-2025-33073 | Windows SMB Client Elevation of Privilege Vulnerability |
| 8.8 | 7.7 | CVE-2025-47163 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
| 8.8 | 7.7 | CVE-2025-47166 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
| 8.8 | 7.7 | CVE-2025-47172 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
| 8.4 | 7.3 | CVE-2025-32717 | Microsoft Word Remote Code Execution Vulnerability |
| 8.4 | 7.3 | CVE-2025-33067 | Windows Task Scheduler Elevation of Privilege Vulnerability |
| 8.4 | 7.3 | CVE-2025-47162 | Microsoft Office Remote Code Execution Vulnerability |
| 8.4 | 7.3 | CVE-2025-47164 | Microsoft Office Remote Code Execution Vulnerability |
| 8.4 | 7.3 | CVE-2025-47167 | Microsoft Office Remote Code Execution Vulnerability |
| 8.4 | 7.3 | CVE-2025-47953 | Microsoft Office Remote Code Execution Vulnerability |
| 8.4 | 7.3 | CVE-2025-47957 | Microsoft Word Remote Code Execution Vulnerability |
| 8.1 | 7.1 | CVE-2025-29828 | Windows Schannel Remote Code Execution Vulnerability |
| 8.1 | 7.1 | CVE-2025-32710 | Windows Remote Desktop Services Remote Code Execution Vulnerability |
| 8.1 | 7.1 | CVE-2025-33070 | Windows Netlogon Elevation of Privilege Vulnerability |
| 8.1 | 7.1 | CVE-2025-33071 | Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability |
Appendix C: Products Affected
This is a listing of June’s patches sorted by product household, then sub-sorted by severity. Each record is additional organized by CVE. Patches which are shared amongst a number of product households are listed a number of instances, as soon as for every product household. Certain important points for which advisories have been issued are coated in Appendix D, and points affecting Windows Server are additional sorted in Appendix E. All CVE titles are correct as made obtainable by Microsoft; for additional data on why sure merchandise could seem in titles and never product households (or vice versa), please seek the advice of Microsoft.
Windows (45 CVEs)
| Critical severity | |
| CVE-2025-29828 | Windows Schannel Remote Code Execution Vulnerability |
| CVE-2025-32710 | Windows Remote Desktop Services Remote Code Execution Vulnerability |
| CVE-2025-33070 | Windows Netlogon Elevation of Privilege Vulnerability |
| CVE-2025-33071 | Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability |
| Important severity | |
| CVE-2025-3052 | Cert CC: CVE-2025-3052 InsydeH2O Secure Boot Bypass |
| CVE-2025-24065 | Windows Storage Management Provider Information Disclosure Vulnerability |
| CVE-2025-24068 | Windows Storage Management Provider Information Disclosure Vulnerability |
| CVE-2025-24069 | Windows Storage Management Provider Information Disclosure Vulnerability |
| CVE-2025-32712 | Win32k Elevation of Privilege Vulnerability |
| CVE-2025-32713 | Windows Common Log File System Driver Elevation of Privilege Vulnerability |
| CVE-2025-32714 | Windows Installer Elevation of Privilege Vulnerability |
| CVE-2025-32715 | Remote Desktop Protocol Client Information Disclosure Vulnerability |
| CVE-2025-32716 | Windows Media Elevation of Privilege Vulnerability |
| CVE-2025-32718 | Windows SMB Client Elevation of Privilege Vulnerability |
| CVE-2025-32719 | Windows Storage Management Provider Information Disclosure Vulnerability |
| CVE-2025-32720 | Windows Storage Management Provider Information Disclosure Vulnerability |
| CVE-2025-32721 | Windows Recovery Driver Elevation of Privilege Vulnerability |
| CVE-2025-32722 | Windows Storage Port Driver Information Disclosure Vulnerability |
| CVE-2025-32724 | Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability |
| CVE-2025-32725 | DHCP Server Service Denial of Service Vulnerability |
| CVE-2025-33050 | DHCP Server Service Denial of Service Vulnerability |
| CVE-2025-33052 | Windows DWM Core Library Information Disclosure Vulnerability |
| CVE-2025-33053 | Web Distributed Authoring and Versioning (WEBDAV) Remote Code Execution Vulnerability |
| CVE-2025-33055 | Windows Storage Management Provider Information Disclosure Vulnerability |
| CVE-2025-33056 | Windows Local Security Authority (LSA) Denial of Service Vulnerability |
| CVE-2025-33057 | Windows Local Security Authority (LSA) Denial of Service Vulnerability |
| CVE-2025-33058 | Windows Storage Management Provider Information Disclosure Vulnerability |
| CVE-2025-33059 | Windows Storage Management Provider Information Disclosure Vulnerability |
| CVE-2025-33060 | Windows Storage Management Provider Information Disclosure Vulnerability |
| CVE-2025-33061 | Windows Storage Management Provider Information Disclosure Vulnerability |
| CVE-2025-33062 | Windows Storage Management Provider Information Disclosure Vulnerability |
| CVE-2025-33063 | Windows Storage Management Provider Information Disclosure Vulnerability |
| CVE-2025-33064 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| CVE-2025-33065 | Windows Storage Management Provider Information Disclosure Vulnerability |
| CVE-2025-33066 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| CVE-2025-33067 | Windows Task Scheduler Elevation of Privilege Vulnerability |
| CVE-2025-33068 | Windows Standards-Based Storage Management Service Denial of Service Vulnerability |
| CVE-2025-33069 | Windows App Control for Business Security Feature Bypass Vulnerability |
| CVE-2025-33073 | Windows SMB Client Elevation of Privilege Vulnerability |
| CVE-2025-33075 | Windows Installer Elevation of Privilege Vulnerability |
| CVE-2025-47160 | Windows Shortcut Files Security Feature Bypass Vulnerability |
| CVE-2025-47955 | Windows Remote Access Connection Manager Elevation of Privilege Vulnerability |
| CVE-2025-47956 | Windows Security App Spoofing Vulnerability |
| CVE-2025-47962 | Windows SDK Elevation of Privilege Vulnerability |
| CVE-2025-47969 | Windows Virtualization-Based Security (VBS) Information Disclosure Vulnerability |
365 (14 CVEs)
| Critical severity | |
| CVE-2025-32717 | Microsoft Word Remote Code Execution Vulnerability |
| CVE-2025-47162 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2025-47164 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2025-47167 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2025-47953 | Microsoft Office Remote Code Execution Vulnerability |
| Important severity | |
| CVE-2025-47165 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-47168 | Microsoft Word Remote Code Execution Vulnerability |
| CVE-2025-47169 | Microsoft Word Remote Code Execution Vulnerability |
| CVE-2025-47170 | Microsoft Word Remote Code Execution Vulnerability |
| CVE-2025-47171 | Microsoft Outlook Remote Code Execution Vulnerability |
| CVE-2025-47173 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2025-47174 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-47175 | Microsoft PowerLevel Remote Code Execution Vulnerability |
| CVE-2025-47176 | Microsoft Outlook Remote Code Execution Vulnerability |
| CVE-2025-47957 | Microsoft Word Remote Code Execution Vulnerability |
Office (14 CVEs)
| Critical severity | |
| CVE-2025-47162 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2025-47164 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2025-47167 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2025-47953 | Microsoft Office Remote Code Execution Vulnerability |
| Important severity | |
| CVE-2025-47165 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-47168 | Microsoft Word Remote Code Execution Vulnerability |
| CVE-2025-47169 | Microsoft Word Remote Code Execution Vulnerability |
| CVE-2025-47170 | Microsoft Word Remote Code Execution Vulnerability |
| CVE-2025-47171 | Microsoft Outlook Remote Code Execution Vulnerability |
| CVE-2025-47173 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2025-47174 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-47175 | Microsoft PowerLevel Remote Code Execution Vulnerability |
| CVE-2025-47176 | Microsoft Outlook Remote Code Execution Vulnerability |
| CVE-2025-47957 | Microsoft Word Remote Code Execution Vulnerability |
SharePoint (5 CVEs)
| Critical severity | |
| CVE-2025-47172 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
| Important severity | |
| CVE-2025-47163 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
| CVE-2025-47166 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
| CVE-2025-47168 | Microsoft Word Remote Code Execution Vulnerability |
| CVE-2025-47169 | Microsoft Word Remote Code Execution Vulnerability |
Visual Studio (2 CVEs)
| Important severity | |
| CVE-2025-30399 | .NET and Visual Studio Remote Code Execution Vulnerability |
| CVE-2025-47959 | Visual Studio Remote Code Execution Vulnerability |
Word (2 CVEs)
| Important severity | |
| CVE-2025-47168 | Microsoft Word Remote Code Execution Vulnerability |
| CVE-2025-47169 | Microsoft Word Remote Code Execution Vulnerability |
.NET (1 CVE)
| Important severity | |
| CVE-2025-30399 | .NET and Visual Studio Remote Code Execution Vulnerability |
Excel (1 CVE)
| Important severity | |
| CVE-2025-47165 | Microsoft Excel Remote Code Execution Vulnerability |
Microsoft AutoUpdate for Macintosh (1 CVE)
| Important severity | |
| CVE-2025-47968 | Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability |
Nuance Digital Engagement Platform (1 CVE)
| Important severity | |
| CVE-2025-47977 | Nuance Digital Engagement Platform Spoofing Vulnerability |
Outlook (1 CVE)
| Important severity | |
| CVE-2025-47171 | Microsoft Outlook Remote Code Execution Vulnerability |
PowerLevel (1 CVE)
| Important severity | |
| CVE-2025-47175 | Microsoft PowerLevel Remote Code Execution Vulnerability |
Appendix D: Advisories and Other Products
There are 10 Adobe Reader advisories in June’s launch, APSB25-57. Since there’s some selection in severity ranges on this month’s set, we’re together with that data as effectively.
| Critical | CVE-2025-43573 | Use After Free (CWE-416) |
| Critical | CVE-2025-43574 | Use After Free (CWE-416) |
| Critical | CVE-2025-43575 | Out-of-bounds Write (CWE-787) |
| Critical | CVE-2025-43576 | Use After Free (CWE-416) |
| Important | CVE-2025-43550 | Use After Free (CWE-416) |
| Important | CVE-2025-43577 | Use After Free (CWE-416) |
| Important | CVE-2025-43578 | Out-of-bounds Read (CWE-125) |
| Important | CVE-2025-47112 | Out-of-bounds Read (CWE-125) |
| Moderate | CVE-2025-43579 | Information Exposure (CWE-200) |
| Moderate | CVE-2025-47111 | NULL Pointer Dereference (CWE-476) |
There are further Microsoft advisories and informational releases that deserve consideration. The Power Automate patch is fascinating – a Critical-severity EoP with a CVSS base rating of 9.8 – however the patch itself was issued practically per week in the past, and so the data introduced beneath is especially FYI. In further, Web elders are hereby reassured that the “Blink” concerned in CVE-2025-5068 pertains to the Chromium rendering engine, not the erstwhile markup tag greatest described as Satan’s eyelash.
| ADV990001 | Latest Servicing Stack Updates |
| CVE-2025-5068 | Chromium: CVE-2025-5068 Use after free in Blink |
| CVE-2025-5419 | Chromium: CVE-2025-5419 Out of bounds learn and write in V8 |
| CVE-2025-47966 | Power Automate Elevation of Privilege Vulnerability |
As famous above, on Wednesday Microsoft launched an advisory regarding CVE-2025-32711, “M365 Copilot Information Disclosure Vulnerability,” a Critical-severity information-disclosure bug in Copilot. Though technically not included in Patch Tuesday’s haul, we embrace acknowledgement of that launch as a courtesy to the reader.
Appendix E: Affected Windows Server variations
This is a desk of the CVEs within the June launch affecting 9 Windows Server variations, 2008 via 2025. The desk differentiates amongst main variations of the platform however doesn’t go into deeper element (eg., Server Core). Critical-severity points are marked in pink; an “x” signifies that the CVE doesn’t apply to that model. Administrators are inspired to make use of this appendix as a place to begin to establish their particular publicity, as every reader’s state of affairs, particularly because it considerations merchandise out of mainstream help, will fluctuate. For particular Knowledge Base numbers, please seek the advice of Microsoft.
| 2008 | 2008-R2 | 2012 | 2012-R2 | 2016 | 2019 | 2022 | 2022 23H2 | 2025 | |
| CVE-2025-24065 | × | × | × | × | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-24068 | × | × | × | × | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-24069 | × | × | × | × | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-29828 | × | × | × | × | × | × | ■ | ■ | ■ |
| CVE-2025-3052 | × | × | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-32710 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-32712 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-32713 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-32714 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-32715 | × | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-32716 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | × |
| CVE-2025-32718 | × | × | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-32719 | × | × | × | × | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-32720 | × | × | × | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-32721 | × | × | × | × | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-32722 | × | × | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-32724 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-32725 | × | × | × | × | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-33050 | × | × | × | × | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-33052 | × | × | × | × | × | ■ | ■ | ■ | ■ |
| CVE-2025-33053 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-33055 | × | × | × | × | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-33056 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-33057 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-33058 | × | × | × | × | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-33059 | × | × | × | × | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-33060 | × | × | × | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-33061 | × | × | × | × | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-33062 | × | × | × | × | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-33063 | × | × | × | × | × | ■ | ■ | ■ | ■ |
| CVE-2025-33064 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-33065 | × | × | × | × | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-33066 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-33067 | × | × | × | × | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-33068 | × | × | × | ■ | ■ | ■ | ■ | × | ■ |
| CVE-2025-33069 | × | × | × | × | × | × | × | × | ■ |
| CVE-2025-33070 | × | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-33071 | × | × | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-33073 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-33075 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-47160 | × | × | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-47955 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-47969 | × | × | × | × | × | × | × | × | ■ |