Advisory

Microsoft releases July 2025 Patch fixing one critical zero-day, 129 other flaws

Take action: This month prioritize patching of Microsoft Office, SQL Server, SharePoint, and Windows domain controllers. Those are impacted by the critical issues. Don't forget to update your Windows PCs/Laptops, since we all use them on the internet and this list of flaws will be abused by hackers.

Learn More

Microsoft released the July 2025 Patch Tuesday security updates addressing a total of 130 vulnerabilities across its software ecosystem. The security update includes one publicly disclosed zero-day vulnerability in Microsoft SQL Server, and additional 14 critical-severity vulnerabilities.

Zero day vulnerability

  • CVE-2025-49719 (CVSS score 7.5) - Microsoft SQL Server Information Disclosure Vulnerability- Publicly disclosed zero-day. It's an information disclosure flaw in Microsoft SQL Server that allows remote, unauthenticated attackers to access uninitialized memory due to improper input validation. It affects multiple SQL Server versions spanning releases from 2016 through 2022. Microsoft has assessed exploitation as "Less Likely",  but security researchers warn that the public disclosure of technical details could lead to increased exploitation attempts over time.

Critical vulnerabilities

  • CVE-2025-47981 (CVSS score 9.8) - SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability.  Microsoft has marked this vulnerability as "More Likely" to be exploited within 30 days
  • CVE-2025-49704 (CVSS score 8.8) - Microsoft SharePoint Remote Code Execution Vulnerability
  • CVE-2025-48822  (CVSS score 8.6) - Windows Hyper-V Discrete Device Assignment (DDA) Remote Code Execution Vulnerability (CVSS score 8.6) - Critical
  • CVE-2025-49717 (CVSS score 8.5) - Microsoft SQL Server Remote Code Execution Vulnerability
  • CVE-2025-49695 (CVSS score 8.4) - Microsoft Office Remote Code Execution Vulnerability
  • CVE-2025-49696 (CVSS score 8.4) - Microsoft Office Remote Code Execution Vulnerability
  • CVE-2025-49697 (CVSS score 8.4) - Microsoft Office Remote Code Execution Vulnerability
  • CVE-2025-49735 (CVSS score 8.1) - Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability
  • CVE-2025-49698 (CVSS score 7.8) - Microsoft Word Remote Code Execution Vulnerability
  • CVE-2025-49702 (CVSS score 7.8) - Microsoft Office Remote Code Execution Vulnerability
  • CVE-2025-49703 (CVSS score 7.8) - Microsoft Word Remote Code Execution Vulnerability
  • CVE-2025-47980 (CVSS score 6.2) - Windows Imaging Component Information Disclosure Vulnerability
  • CVE-2025-36350  (CVSS score 5.6) - AMD: Transient Scheduler Attack in Store Queue
  • CVE-2025-36357  (CVSS score 5.6) - AMD: Transient Scheduler Attack in L1 Data Queue

Microsoft reports that that there are no known active exploits for any of the vulnerabilities addressed in this release. Given the critical severity and high exploitability ratings of several vulnerabilities, users are advised to apply updates immediately, especially for internet-facing, VPN-accessible, and domain-connected systems.

The vulnerability distribution includes:

  • 53 elevation of privilege vulnerabilities,
  • 41 remote code execution vulnerabilities,
  • 18 information disclosure vulnerabilities,
  • 8 security feature bypass vulnerabilities,
  • 6 denial of service vulnerabilities,
  • and 4 spoofing vulnerabilities.

 

Full list of patched vulnerabilities

TagCVE IDCVE TitleSeverity
AMD L1 Data QueueCVE-2025-36357AMD: CVE-2025-36357 Transient Scheduler Attack in L1 Data QueueCritical
AMD Store QueueCVE-2025-36350AMD: CVE-2024-36350 Transient Scheduler Attack in Store QueueCritical
Azure Monitor AgentCVE-2025-47988Azure Monitor Agent Remote Code Execution VulnerabilityImportant
Capability Access Management Service (camsvc)CVE-2025-49690Capability Access Management Service (camsvc) Elevation of Privilege VulnerabilityImportant
HID class driverCVE-2025-48816HID Class Driver Elevation of Privilege VulnerabilityImportant
Kernel Streaming WOW Thunk Service DriverCVE-2025-49675Kernel Streaming WOW Thunk Service Driver Elevation of Privilege VulnerabilityImportant
Microsoft Brokering File SystemCVE-2025-49677Microsoft Brokering File System Elevation of Privilege VulnerabilityImportant
Microsoft Brokering File SystemCVE-2025-49694Microsoft Brokering File System Elevation of Privilege VulnerabilityImportant
Microsoft Brokering File SystemCVE-2025-49693Microsoft Brokering File System Elevation of Privilege VulnerabilityImportant
Microsoft Configuration ManagerCVE-2025-47178Microsoft Configuration Manager Remote Code Execution VulnerabilityImportant
Microsoft Graphics ComponentCVE-2025-49732Windows Graphics Component Elevation of Privilege VulnerabilityImportant
Microsoft Graphics ComponentCVE-2025-49742Windows Graphics Component Remote Code Execution VulnerabilityImportant
Microsoft Graphics ComponentCVE-2025-49744Windows Graphics Component Elevation of Privilege VulnerabilityImportant
Microsoft Input Method Editor (IME)CVE-2025-49687Windows Input Method Editor (IME) Elevation of Privilege VulnerabilityImportant
Microsoft Input Method Editor (IME)CVE-2025-47991Windows Input Method Editor (IME) Elevation of Privilege VulnerabilityImportant
Microsoft Input Method Editor (IME)CVE-2025-47972Windows Input Method Editor (IME) Elevation of Privilege VulnerabilityImportant
Microsoft MPEG-2 Video ExtensionCVE-2025-48806Microsoft MPEG-2 Video Extension Remote Code Execution VulnerabilityImportant
Microsoft MPEG-2 Video ExtensionCVE-2025-48805Microsoft MPEG-2 Video Extension Remote Code Execution VulnerabilityImportant
Microsoft OfficeCVE-2025-47994Microsoft Office Elevation of Privilege VulnerabilityImportant
Microsoft OfficeCVE-2025-49697Microsoft Office Remote Code Execution VulnerabilityCritical
Microsoft OfficeCVE-2025-49695Microsoft Office Remote Code Execution VulnerabilityCritical
Microsoft OfficeCVE-2025-49696Microsoft Office Remote Code Execution VulnerabilityCritical
Microsoft OfficeCVE-2025-49699Microsoft Office Remote Code Execution VulnerabilityImportant
Microsoft OfficeCVE-2025-49702Microsoft Office Remote Code Execution VulnerabilityCritical
Microsoft Office ExcelCVE-2025-48812Microsoft Excel Information Disclosure VulnerabilityImportant
Microsoft Office ExcelCVE-2025-49711Microsoft Excel Remote Code Execution VulnerabilityImportant
Microsoft Office PowerPointCVE-2025-49705Microsoft PowerPoint Remote Code Execution VulnerabilityImportant
Microsoft Office SharePointCVE-2025-49701Microsoft SharePoint Remote Code Execution VulnerabilityImportant
Microsoft Office SharePointCVE-2025-49704Microsoft SharePoint Remote Code Execution VulnerabilityCritical
Microsoft Office SharePointCVE-2025-49706Microsoft SharePoint Server Spoofing VulnerabilityImportant
Microsoft Office WordCVE-2025-49703Microsoft Word Remote Code Execution VulnerabilityCritical
Microsoft Office WordCVE-2025-49698Microsoft Word Remote Code Execution VulnerabilityCritical
Microsoft Office WordCVE-2025-49700Microsoft Word Remote Code Execution VulnerabilityImportant
Microsoft PC ManagerCVE-2025-47993Microsoft PC Manager Elevation of Privilege VulnerabilityImportant
Microsoft PC ManagerCVE-2025-49738Microsoft PC Manager Elevation of Privilege VulnerabilityImportant
Microsoft TeamsCVE-2025-49731Microsoft Teams Elevation of Privilege VulnerabilityImportant
Microsoft TeamsCVE-2025-49737Microsoft Teams Elevation of Privilege VulnerabilityImportant
Microsoft Windows QoS schedulerCVE-2025-49730Microsoft Windows QoS Scheduler Driver Elevation of Privilege VulnerabilityImportant
Microsoft Windows Search ComponentCVE-2025-49685Windows Search Service Elevation of Privilege VulnerabilityImportant
Office Developer PlatformCVE-2025-49756Office Developer Platform Security Feature Bypass VulnerabilityImportant
Remote Desktop ClientCVE-2025-48817Remote Desktop Client Remote Code Execution VulnerabilityImportant
Remote Desktop ClientCVE-2025-33054Remote Desktop Spoofing VulnerabilityImportant
Role: Windows Hyper-VCVE-2025-48822Windows Hyper-V Discrete Device Assignment (DDA) Remote Code Execution VulnerabilityCritical
Role: Windows Hyper-VCVE-2025-47999Windows Hyper-V Denial of Service VulnerabilityImportant
Role: Windows Hyper-VCVE-2025-48002Windows Hyper-V Information Disclosure VulnerabilityImportant
Service FabricCVE-2025-21195Azure Service Fabric Runtime Elevation of Privilege VulnerabilityImportant
SQL ServerCVE-2025-49719Microsoft SQL Server Information Disclosure VulnerabilityImportant
SQL ServerCVE-2025-49718Microsoft SQL Server Information Disclosure VulnerabilityImportant
SQL ServerCVE-2025-49717Microsoft SQL Server Remote Code Execution VulnerabilityCritical
Storage Port DriverCVE-2025-49684Windows Storage Port Driver Information Disclosure VulnerabilityImportant
Universal Print Management ServiceCVE-2025-47986Universal Print Management Service Elevation of Privilege VulnerabilityImportant
Virtual Hard Disk (VHDX)CVE-2025-47971Microsoft Virtual Hard Disk Elevation of Privilege VulnerabilityImportant
Virtual Hard Disk (VHDX)CVE-2025-49689Microsoft Virtual Hard Disk Elevation of Privilege VulnerabilityImportant
Virtual Hard Disk (VHDX)CVE-2025-49683Microsoft Virtual Hard Disk Remote Code Execution VulnerabilityLow
Virtual Hard Disk (VHDX)CVE-2025-47973Microsoft Virtual Hard Disk Elevation of Privilege VulnerabilityImportant
Visual StudioCVE-2025-49739Visual Studio Elevation of Privilege VulnerabilityImportant
Visual StudioCVE-2025-27614MITRE: CVE-2025-27614 Gitk Arbitrary Code Execution VulnerabilityUnknown
Visual StudioCVE-2025-27613MITRE: CVE-2025-27613 Gitk Arguments VulnerabilityUnknown
Visual StudioCVE-2025-46334MITRE: CVE-2025-46334 Git Malicious Shell VulnerabilityUnknown
Visual StudioCVE-2025-46835MITRE: CVE-2025-46835 Git File Overwrite VulnerabilityUnknown
Visual StudioCVE-2025-48384MITRE: CVE-2025-48384 Git Symlink VulnerabilityUnknown
Visual StudioCVE-2025-48386MITRE: CVE-2025-48386 Git Credential Helper VulnerabilityUnknown
Visual StudioCVE-2025-48385MITRE: CVE-2025-48385 Git Protocol Injection VulnerabilityUnknown
Visual Studio Code - Python extensionCVE-2025-49714Visual Studio Code Python Extension Remote Code Execution VulnerabilityImportant
Windows Ancillary Function Driver for WinSockCVE-2025-49661Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityImportant
Windows AppX Deployment ServiceCVE-2025-48820Windows AppX Deployment Service Elevation of Privilege VulnerabilityImportant
Windows BitLockerCVE-2025-48818BitLocker Security Feature Bypass VulnerabilityImportant
Windows BitLockerCVE-2025-48001BitLocker Security Feature Bypass VulnerabilityImportant
Windows BitLockerCVE-2025-48804BitLocker Security Feature Bypass VulnerabilityImportant
Windows BitLockerCVE-2025-48003BitLocker Security Feature Bypass VulnerabilityImportant
Windows BitLockerCVE-2025-48800BitLocker Security Feature Bypass VulnerabilityImportant
Windows Connected Devices Platform ServiceCVE-2025-48000Windows Connected Devices Platform Service Elevation of Privilege VulnerabilityImportant
Windows Connected Devices Platform ServiceCVE-2025-49724Windows Connected Devices Platform Service Remote Code Execution VulnerabilityImportant
Windows Cred SSProvider ProtocolCVE-2025-47987Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege VulnerabilityImportant
Windows Cryptographic ServicesCVE-2025-48823Windows Cryptographic Services Information Disclosure VulnerabilityImportant
Windows Event TracingCVE-2025-47985Windows Event Tracing Elevation of Privilege VulnerabilityImportant
Windows Event TracingCVE-2025-49660Windows Event Tracing Elevation of Privilege VulnerabilityImportant
Windows Fast FAT DriverCVE-2025-49721Windows Fast FAT File System Driver Elevation of Privilege VulnerabilityImportant
Windows GDICVE-2025-47984Windows GDI Information Disclosure VulnerabilityImportant
Windows Imaging ComponentCVE-2025-47980Windows Imaging Component Information Disclosure VulnerabilityCritical
Windows KDC Proxy Service (KPSSVC)CVE-2025-49735Windows KDC Proxy Service (KPSSVC) Remote Code Execution VulnerabilityCritical
Windows KerberosCVE-2025-47978Windows Kerberos Denial of Service VulnerabilityImportant
Windows KernelCVE-2025-49666Windows Server Setup and Boot Event Collection Remote Code Execution VulnerabilityImportant
Windows KernelCVE-2025-26636Windows Kernel Information Disclosure VulnerabilityImportant
Windows KernelCVE-2025-48809Windows Secure Kernel Mode Information Disclosure VulnerabilityImportant
Windows KernelCVE-2025-48808Windows Kernel Information Disclosure VulnerabilityImportant
Windows MBT Transport driverCVE-2025-47996Windows MBT Transport Driver Elevation of Privilege VulnerabilityImportant
Windows MediaCVE-2025-49682Windows Media Elevation of Privilege VulnerabilityImportant
Windows MediaCVE-2025-49691Windows Miracast Wireless Display Remote Code Execution VulnerabilityImportant
Windows NetlogonCVE-2025-49716Windows Netlogon Denial of Service VulnerabilityImportant
Windows NotificationCVE-2025-49726Windows Notification Elevation of Privilege VulnerabilityImportant
Windows NotificationCVE-2025-49725Windows Notification Elevation of Privilege VulnerabilityImportant
Windows NTFSCVE-2025-49678NTFS Elevation of Privilege VulnerabilityImportant
Windows Performance RecorderCVE-2025-49680Windows Performance Recorder (WPR) Denial of Service VulnerabilityImportant
Windows Print Spooler ComponentsCVE-2025-49722Windows Print Spooler Denial of Service VulnerabilityImportant
Windows Remote Desktop Licensing ServiceCVE-2025-48814Remote Desktop Licensing Service Security Feature Bypass VulnerabilityImportant
Windows Routing and Remote Access Service (RRAS)CVE-2025-49688Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityImportant
Windows Routing and Remote Access Service (RRAS)CVE-2025-49676Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityImportant
Windows Routing and Remote Access Service (RRAS)CVE-2025-49672Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityImportant
Windows Routing and Remote Access Service (RRAS)CVE-2025-49670Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityImportant
Windows Routing and Remote Access Service (RRAS)CVE-2025-49671Windows Routing and Remote Access Service (RRAS) Information Disclosure VulnerabilityImportant
Windows Routing and Remote Access Service (RRAS)CVE-2025-49753Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityImportant
Windows Routing and Remote Access Service (RRAS)CVE-2025-49729Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityImportant
Windows Routing and Remote Access Service (RRAS)CVE-2025-49673Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityImportant
Windows Routing and Remote Access Service (RRAS)CVE-2025-49674Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityImportant
Windows Routing and Remote Access Service (RRAS)CVE-2025-49669Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityImportant
Windows Routing and Remote Access Service (RRAS)CVE-2025-49663Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityImportant
Windows Routing and Remote Access Service (RRAS)CVE-2025-49668Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityImportant
Windows Routing and Remote Access Service (RRAS)CVE-2025-49681Windows Routing and Remote Access Service (RRAS) Information Disclosure VulnerabilityImportant
Windows Routing and Remote Access Service (RRAS)CVE-2025-49657Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityImportant
Windows Routing and Remote Access Service (RRAS)CVE-2025-47998Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityImportant
Windows Routing and Remote Access Service (RRAS)CVE-2025-48824Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityImportant
Windows Secure Kernel ModeCVE-2025-48810Windows Secure Kernel Mode Information Disclosure VulnerabilityImportant
Windows ShellCVE-2025-49679Windows Shell Elevation of Privilege VulnerabilityImportant
Windows SmartScreenCVE-2025-49740Windows SmartScreen Security Feature Bypass VulnerabilityImportant
Windows SMBCVE-2025-48802Windows SMB Server Spoofing VulnerabilityImportant
Windows SPNEGO Extended NegotiationCVE-2025-47981SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution VulnerabilityCritical
Windows SSDP ServiceCVE-2025-47976Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege VulnerabilityImportant
Windows SSDP ServiceCVE-2025-47975Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege VulnerabilityImportant
Windows SSDP ServiceCVE-2025-48815Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege VulnerabilityImportant
Windows StateRepository APICVE-2025-49723Windows StateRepository API Server file Tampering VulnerabilityImportant
Windows StorageCVE-2025-49760Windows Storage Spoofing VulnerabilityModerate
Windows Storage VSP DriverCVE-2025-47982Windows Storage VSP Driver Elevation of Privilege VulnerabilityImportant
Windows TCP/IPCVE-2025-49686Windows TCP/IP Driver Elevation of Privilege VulnerabilityImportant
Windows TDX.sysCVE-2025-49658Windows Transport Driver Interface (TDI) Translation Driver Information Disclosure VulnerabilityImportant
Windows TDX.sysCVE-2025-49659Windows Transport Driver Interface (TDI) Translation Driver Elevation of Privilege VulnerabilityImportant
Windows Universal Plug and Play (UPnP) Device HostCVE-2025-48821Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege VulnerabilityImportant
Windows Universal Plug and Play (UPnP) Device HostCVE-2025-48819Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege VulnerabilityImportant
Windows Update ServiceCVE-2025-48799Windows Update Service Elevation of Privilege VulnerabilityImportant
Windows User-Mode Driver Framework HostCVE-2025-49664Windows User-Mode Driver Framework Host Information Disclosure VulnerabilityImportant
Windows Virtualization-Based Security (VBS) EnclaveCVE-2025-47159Windows Virtualization-Based Security (VBS) Elevation of Privilege VulnerabilityImportant
Windows Virtualization-Based Security (VBS) EnclaveCVE-2025-48811Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege VulnerabilityImportant
Windows Virtualization-Based Security (VBS) EnclaveCVE-2025-48803Windows Virtualization-Based Security (VBS) Elevation of Privilege VulnerabilityImportant
Windows Win32K - GRFXCVE-2025-49727Win32k Elevation of Privilege VulnerabilityImportant
Windows Win32K - ICOMPCVE-2025-49733Win32k Elevation of Privilege VulnerabilityImportant
Windows Win32K - ICOMPCVE-2025-49667Windows Win32 Kernel Subsystem Elevation of Privilege VulnerabilityImportant
Workspace BrokerCVE-2025-49665Workspace Broker Elevation of Privilege VulnerabilityImportant
Microsoft releases July 2025 Patch fixing one critical zero-day, 129 other flaws
Read More
Microsoft silently mitigates Windows LNK Zero-Day flaw exploited …
Apple releases emergency update iOS 18.3.1 and iPadOS …
TP-Link releases fix for critical flaw in Archer …
Adobe releases April 2025 patches for multiple products
Google releases April 2025 Android security update, patching …