Microsoft releases June 2025 Patch, fixing actively exploited flaw and 65 additional vulnerabilities

Microsoft has released its June 2025 Patch Tuesday security updates, patching a total of 66 vulnerabilities across its product ecosystem. This update includes patches for one actively exploited zero-day vulnerability and one publicly disclosed zero-day flaw, and nine other critical severity vulnerabilities. 

Actively Exploited Zero-Day Vulnerability

• CVE-2025-33053 - Web Distributed Authoring and Versioning (WebDAV) Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected systems when users click on specially crafted WebDAV URLs. Check Point Research confirmed that CVE-2025-33053 was exploited in zero-day attacks by the Stealth Falcon APT group in March 2025 during an attempted cyberattack against a defense company in Turkey. The attack technique involved using malicious .url files to exploit the vulnerability by manipulating the working directory of legitimate built-in Windows tools to execute files hosted on attacker-controlled WebDAV servers.

Publicly Disclosed Zero-Day Vulnerability

• CVE-2025-33073 - Windows SMB Client Elevation of Privilege Vulnerability. The vulnerability is caused by improper access control in Windows SMB, allowing an authorized attacker to elevate privileges over a network. To exploit this vulnerability, an attacker could execute a specially crafted malicious script to coerce the victim machine to connect back to the attack system using SMB and authenticate, potentially resulting in elevation of privilege. Reports indicate that DFN-CERT (Computer Emergency Response Team of the German Research Network) began circulating warnings from RedTeam Pentesting about the flaw before Microsoft's patch release.

Critical Vulnerabilities

• CVE-2025-33071 - Windows KDC Proxy Service Remote Code Execution Vulnerability
• CVE-2025-29828 - Windows Schannel Remote Code Execution Vulnerability
• CVE-2025-32710 - Windows Remote Desktop Services Remote Code Execution Vulnerability
• CVE-2025-33070 - Windows Netlogon Elevation of Privilege Vulnerability
• CVE-2025-47164 - Microsoft Office Remote Code Execution Vulnerability
• CVE-2025-47167 - Microsoft Office Remote Code Execution Vulnerability
• CVE-2025-47162 - Microsoft Office Remote Code Execution Vulnerability
• CVE-2025-47172 - Microsoft SharePoint Server Remote Code Execution Vulnerability
• CVE-2025-47953 - Microsoft Office Remote Code Execution Vulnerability

The June 2025 Patch Tuesday addresses vulnerabilities across multiple severity levels and categories:

• 13 elevation of privilege vulnerabilities,
• 3 security feature bypass vulnerabilities,
• 25 remote code execution vulnerabilities,
• 17 information disclosure vulnerabilities,
• 6 denial of service vulnerabilities,
• 2 spoofing vulnerabilities.

Full list of fixes