Warning: session_start(): open(/opt/alt/php82/var/lib/php/session/sess_uv57veul256ga4madkkio7kq9t, O_RDWR) failed: Disk quota exceeded (122) in /home/u968162543/domains/wikdaily.com/public_html/wp-content/plugins/social-auto-poster/social-auto-poster.php on line 508

Warning: session_start(): Failed to read session data: files (path: /opt/alt/php82/var/lib/php/session) in /home/u968162543/domains/wikdaily.com/public_html/wp-content/plugins/social-auto-poster/social-auto-poster.php on line 508
Microsoft June 2025 Patch Tuesday fixes exploited zero-day, 66 flaws - WikDaily
Home » Microsoft June 2025 Patch Tuesday fixes exploited zero-day, 66 flaws
Security

Microsoft June 2025 Patch Tuesday fixes exploited zero-day, 66 flaws

by Wikdaily
written by Wikdaily 0 comments
Patch Tuesday

Table of Contents

Today is Microsoft’s June 2025 Patch Tuesday, which includes security updates for 66 flaws, including one actively exploited vulnerability and another that was publicly disclosed.

This Patch Tuesday also fixes ten “Critical” vulnerabilities, eight being remote code execution vulnerabilities and two being elevation of privileges bugs.

The number of bugs in each vulnerability category is listed below:

  • 13 Elevation of Privilege Vulnerabilities

  • 3 Security Feature Bypass Vulnerabilities

  • 25 Remote Code Execution Vulnerabilities

  • 17 Information Disclosure Vulnerabilities

  • 6 Denial of Service Vulnerabilities

  • 2 Spoofing Vulnerabilities

This count does not include Mariner, Microsoft Edge, and Power Automate flaws fixed earlier this month.

To learn more about the non-security updates released today, you can review our dedicated articles on the Windows 11 KB5060842 and KB5060999 cumulative updates and the Windows 10 KB5060533 cumulative update.

Two zero-days

This month’s Patch Tuesday fixes one actively exploited zero-day and one publicly disclosed vulnerability. Microsoft classifies a zero-day flaw as publicly disclosed or actively exploited while no official fix is available.

The actively exploited zero-day vulnerability in today’s updates is:

CVE-2025-33053 – Web Distributed Authoring and Versioning (WEBDAV) Remote Code Execution Vulnerability

Microsoft fixed a remote code execution vulnerability discovered by Check Point Research

“A remote code execution vulnerability exists in Microsoft Windows Web Distributed Authoring and Versioning. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system,” reads a Check Point Research advisory.

Microsoft’s advisory further states that a user must click on a specially crafted WebDav URL for the flaw to be exploited.

A new report by Check Point Research explains that CVE-2025-33053 was exploited in zero-day attacks by an APT group named “Stealth Falcon”.

“In March 2025, Check Point Research identified an attempted cyberattack against a defense company in Turkey,” explained Check Point.

“The threat actors used a previously undisclosed technique to execute files hosted on a WebDAV server they controlled, by manipulating the working directory of a legitimate built-in Windows tool.”

“Following responsible disclosure, Microsoft assigned the vulnerability CVE-2025-33053 and released a patch on June 10, 2025, as part of their June Patch Tuesday updates.”

Microsoft attributes the discovery of this flaw to Alexandra Gofman and David Driker (Check Point Research).

The publicly disclosed zero-day is:

CVE-2025-33073 – Windows SMB Client Elevation of Privilege Vulnerability

Microsoft fixes a flaw in Windows SMB that allows attackers to gain SYSTEM privileges on vulnerable devices.

“Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network,” explains Microsoft.

“To exploit this vulnerability, an attacker could execute a specially crafted malicious script to coerce the victim machine to connect back to the attack system using SMB and authenticate. This could result in elevation of privilege,” further explains Microsoft.

Microsoft has not shared how the flaw was publicly disclosed. However, Born City reports that DFN-CERT (Computer Emergency Response Team of the German Research Network) began circulating warnings from RedTeam Pentesting about the flaw this week.

While an update is now available, the flaw can reportedly be mitigated by enforcing server-side SMB signing via Group Policy.

Microsoft attributes the discovery of this flaw to multiple researchers, including Keisuke Hirata with CrowdStrike, Synacktiv research with Synacktiv, Stefan Walter with SySS GmbH, RedTeam Pentesting GmbH, and James Forshaw of Google Project Zero.

Recent updates from other companies

Other vendors who released updates or advisories in June 2025 include:

  • Adobe released security updates for InCopy, Experience Manager, Commerce, InDesign, Substance 3D Sampler, Acrobat Reader, and Substance 3D Painter.

  • Cisco released patches for three vulnerabilities with public exploit code in its Identity Services Engine (ISE) and Customer Collaboration Platform (CCP) products.

  • Fortinet released security updates for an OS command (‘OS Command Injection’) vulnerability in FortiManager, FortiAnalyzer & FortiAnalyzer-BigData products.

  • Google’s June 2025 security updates for Android fix numerous vulnerabilities. Google also fixed an actively exploited Google Chrome zero-day flaw.

  • Hewlett Packard Enterprise (HPE) issued security updates to fix eight vulnerabilities impacting StoreOnce,

  • Ivanti released security updates to fix three high-severity hardcoded key vulnerabilities in Workspace Control (IWC).

  • Qualcomm released security updates for three zero-day vulnerabilities in the Adreno Graphics Processing Unit (GPU) driver that are exploited in targeted attacks.

  • Roundcube released security updates for a critical remote code execution (RCE) flaw with a public exploit that is now exploited in attacks.

  • SAP releases security updates for multiple products, including a critical missing authorization check in SAP NetWeaver Application Server for ABAP.

The June 2025 Patch Tuesday Security Updates

Below is the complete list of resolved vulnerabilities in the June 2025 Patch Tuesday updates.

To access the full description of each vulnerability and the systems it affects, you can view the full report here.

Tag
CVE ID
CVE Title
Severity
.NET and Visual Studio
CVE-2025-30399
.NET and Visual Studio Remote Code Execution Vulnerability
Important
App Control for Business (WDAC)
CVE-2025-33069
Windows App Control for Business Security Feature Bypass Vulnerability
Important
Microsoft AutoUpdate (MAU)
CVE-2025-47968
Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability
Important
Microsoft Local Security Authority Server (lsasrv)
CVE-2025-33056
Windows Local Security Authority (LSA) Denial of Service Vulnerability
Important
Microsoft Office
CVE-2025-47164
Microsoft Office Remote Code Execution Vulnerability
Critical
Microsoft Office
CVE-2025-47167
Microsoft Office Remote Code Execution Vulnerability
Critical
Microsoft Office
CVE-2025-47162
Microsoft Office Remote Code Execution Vulnerability
Critical
Microsoft Office
CVE-2025-47173
Microsoft Office Remote Code Execution Vulnerability
Important
Microsoft Office
CVE-2025-47953
Microsoft Office Remote Code Execution Vulnerability
Critical
Microsoft Office Excel
CVE-2025-47165
Microsoft Excel Remote Code Execution Vulnerability
Important
Microsoft Office Excel
CVE-2025-47174
Microsoft Excel Remote Code Execution Vulnerability
Important
Microsoft Office Outlook
CVE-2025-47171
Microsoft Outlook Remote Code Execution Vulnerability
Important
Microsoft Office Outlook
CVE-2025-47176
Microsoft Outlook Remote Code Execution Vulnerability
Important
Microsoft Office PowerPoint
CVE-2025-47175
Microsoft PowerPoint Remote Code Execution Vulnerability
Important
Microsoft Office SharePoint
CVE-2025-47172
Microsoft SharePoint Server Remote Code Execution Vulnerability
Critical
Microsoft Office SharePoint
CVE-2025-47166
Microsoft SharePoint Server Remote Code Execution Vulnerability
Important
Microsoft Office SharePoint
CVE-2025-47163
Microsoft SharePoint Server Remote Code Execution Vulnerability
Important
Microsoft Office Word
CVE-2025-47170
Microsoft Word Remote Code Execution Vulnerability
Important
Microsoft Office Word
CVE-2025-47957
Microsoft Word Remote Code Execution Vulnerability
Important
Microsoft Office Word
CVE-2025-47169
Microsoft Word Remote Code Execution Vulnerability
Important
Microsoft Office Word
CVE-2025-47168
Microsoft Word Remote Code Execution Vulnerability
Important
Nuance Digital Engagement Platform
CVE-2025-47977
Nuance Digital Engagement Platform Spoofing Vulnerability
Important
Remote Desktop Client
CVE-2025-32715
Remote Desktop Protocol Client Information Disclosure Vulnerability
Important
Visual Studio
CVE-2025-47959
Visual Studio Remote Code Execution Vulnerability
Important
WebDAV
CVE-2025-33053
Web Distributed Authoring and Versioning (WEBDAV) Remote Code Execution Vulnerability
Important
Windows Common Log File System Driver
CVE-2025-32713
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Important
Windows Cryptographic Services
CVE-2025-29828
Windows Schannel Remote Code Execution Vulnerability
Critical
Windows DHCP Server
CVE-2025-33050
DHCP Server Service Denial of Service Vulnerability
Important
Windows DHCP Server
CVE-2025-32725
DHCP Server Service Denial of Service Vulnerability
Important
Windows DWM Core Library
CVE-2025-33052
Windows DWM Core Library Information Disclosure Vulnerability
Important
Windows Hello
CVE-2025-47969
Windows Virtualization-Based Security (VBS) Information Disclosure Vulnerability
Important
Windows Installer
CVE-2025-33075
Windows Installer Elevation of Privilege Vulnerability
Important
Windows Installer
CVE-2025-32714
Windows Installer Elevation of Privilege Vulnerability
Important
Windows KDC Proxy Service (KPSSVC)
CVE-2025-33071
Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability
Critical
Windows Kernel
CVE-2025-33067
Windows Task Scheduler Elevation of Privilege Vulnerability
Important
Windows Local Security Authority (LSA)
CVE-2025-33057
Windows Local Security Authority (LSA) Denial of Service Vulnerability
Important
Windows Local Security Authority Subsystem Service (LSASS)
CVE-2025-32724
Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability
Important
Windows Media
CVE-2025-32716
Windows Media Elevation of Privilege Vulnerability
Important
Windows Netlogon
CVE-2025-33070
Windows Netlogon Elevation of Privilege Vulnerability
Critical
Windows Recovery Driver
CVE-2025-32721
Windows Recovery Driver Elevation of Privilege Vulnerability
Important
Windows Remote Access Connection Manager
CVE-2025-47955
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
Important
Windows Remote Desktop Services
CVE-2025-32710
Windows Remote Desktop Services Remote Code Execution Vulnerability
Critical
Windows Routing and Remote Access Service (RRAS)
CVE-2025-33064
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Important
Windows Routing and Remote Access Service (RRAS)
CVE-2025-33066
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Important
Windows SDK
CVE-2025-47962
Windows SDK Elevation of Privilege Vulnerability
Important
Windows Secure Boot
CVE-2025-3052
Cert CC: CVE-2025-3052 InsydeH2O Secure Boot Bypass
Important
Windows Security App
CVE-2025-47956
Windows Security App Spoofing Vulnerability
Important
Windows Shell
CVE-2025-47160
Windows Shortcut Files Security Feature Bypass Vulnerability
Important
Windows SMB
CVE-2025-33073
Windows SMB Client Elevation of Privilege Vulnerability
Important
Windows SMB
CVE-2025-32718
Windows SMB Client Elevation of Privilege Vulnerability
Important
Windows Standards-Based Storage Management Service
CVE-2025-33068
Windows Standards-Based Storage Management Service Denial of Service Vulnerability
Important
Windows Storage Management Provider
CVE-2025-32719
Windows Storage Management Provider Information Disclosure Vulnerability
Important
Windows Storage Management Provider
CVE-2025-24065
Windows Storage Management Provider Information Disclosure Vulnerability
Important
Windows Storage Management Provider
CVE-2025-24068
Windows Storage Management Provider Information Disclosure Vulnerability
Important
Windows Storage Management Provider
CVE-2025-33055
Windows Storage Management Provider Information Disclosure Vulnerability
Important
Windows Storage Management Provider
CVE-2025-24069
Windows Storage Management Provider Information Disclosure Vulnerability
Important
Windows Storage Management Provider
CVE-2025-33060
Windows Storage Management Provider Information Disclosure Vulnerability
Important
Windows Storage Management Provider
CVE-2025-33059
Windows Storage Management Provider Information Disclosure Vulnerability
Important
Windows Storage Management Provider
CVE-2025-33062
Windows Storage Management Provider Information Disclosure Vulnerability
Important
Windows Storage Management Provider
CVE-2025-33061
Windows Storage Management Provider Information Disclosure Vulnerability
Important
Windows Storage Management Provider
CVE-2025-33058
Windows Storage Management Provider Information Disclosure Vulnerability
Important
Windows Storage Management Provider
CVE-2025-32720
Windows Storage Management Provider Information Disclosure Vulnerability
Important
Windows Storage Management Provider
CVE-2025-33065
Windows Storage Management Provider Information Disclosure Vulnerability
Important
Windows Storage Management Provider
CVE-2025-33063
Windows Storage Management Provider Information Disclosure Vulnerability
Important
Windows Storage Port Driver
CVE-2025-32722
Windows Storage Port Driver Information Disclosure Vulnerability
Important
Windows Win32K – GRFX
CVE-2025-32712
Win32k Elevation of Privilege Vulnerability
Important

Patching used to mean complex scripts, long hours, and endless fire drills. Not anymore.

In this new guide, Tines breaks down how modern IT orgs are leveling up with automation. Patch faster, reduce overhead, and focus on strategic work — no complex scripts required.

Get the free guide

You Might Also Like

You may also like

APT36 hackers abuse Linux .desktop files to install malware in new attacks

Disgruntled developer gets four-year sentence for revenge attack on employer’s network

Linux Malware Delivered via Malicious RAR Filenames Evades Antivirus Detection

Fake Mac fixes trick users into installing new Shamos infostealer

Chinese Hackers Murky, Genesis, and Glacial Panda Escalate Cloud and Telecom Espionage

August Windows updates cause severe streaming issues

Leave a Comment

Save my name, email, and website in this browser for the next time I comment.

Welcome to WikDaily, your trusted source for the latest news, trends, and insights across the globe. We are a dynamic blog-style news platform committed to delivering fast, accurate, and engaging content across a variety of topics—from breaking headlines to deep dives into tech, business, entertainment, travel, sports, and more.

Facebook Instagram X-twitter

Useful Links

Edtior's Picks

APT36 hackers abuse Linux .desktop files to install malware in new attacks
Addison Rae Meets Vincent Van Gogh in a Sunflower Dress From The Archives
Crop Tour Projects Record Corn Yields, USDA Data Shows Mixed Conditions

Latest Articles

APT36 hackers abuse Linux .desktop files to install malware in new attacks
Addison Rae Meets Vincent Van Gogh in a Sunflower Dress From The Archives
Crop Tour Projects Record Corn Yields, USDA Data Shows Mixed Conditions
The Rise Of The Consumer Visionary Merchant

wikdaily 2025. Designed and Developed by Pro


Fatal error: Uncaught ErrorException: md5_file(/home/u968162543/domains/wikdaily.com/public_html/wp-content/litespeed/css/1cd8124acea6ba96f7151912d3cd483b.css.tmp): Failed to open stream: No such file or directory in /home/u968162543/domains/wikdaily.com/public_html/wp-content/plugins/litespeed-cache/src/optimizer.cls.php:149 Stack trace: #0 [internal function]: litespeed_exception_handler() #1 /home/u968162543/domains/wikdaily.com/public_html/wp-content/plugins/litespeed-cache/src/optimizer.cls.php(149): md5_file() #2 /home/u968162543/domains/wikdaily.com/public_html/wp-content/plugins/litespeed-cache/src/optimize.cls.php(837): LiteSpeed\Optimizer->serve() #3 /home/u968162543/domains/wikdaily.com/public_html/wp-content/plugins/litespeed-cache/src/optimize.cls.php(333): LiteSpeed\Optimize->_build_hash_url() #4 /home/u968162543/domains/wikdaily.com/public_html/wp-content/plugins/litespeed-cache/src/optimize.cls.php(264): LiteSpeed\Optimize->_optimize() #5 /home/u968162543/domains/wikdaily.com/public_html/wp-content/plugins/litespeed-cache/src/optimize.cls.php(225): LiteSpeed\Optimize->_finalize() #6 /home/u968162543/domains/wikdaily.com/public_html/wp-includes/class-wp-hook.php(324): LiteSpeed\Optimize->finalize() #7 /home/u968162543/domains/wikdaily.com/public_html/wp-includes/plugin.php(205): WP_Hook->apply_filters() #8 /home/u968162543/domains/wikdaily.com/public_html/wp-content/plugins/litespeed-cache/src/core.cls.php(459): apply_filters() #9 [internal function]: LiteSpeed\Core->send_headers_force() #10 /home/u968162543/domains/wikdaily.com/public_html/wp-includes/functions.php(5471): ob_end_flush() #11 /home/u968162543/domains/wikdaily.com/public_html/wp-includes/class-wp-hook.php(324): wp_ob_end_flush_all() #12 /home/u968162543/domains/wikdaily.com/public_html/wp-includes/class-wp-hook.php(348): WP_Hook->apply_filters() #13 /home/u968162543/domains/wikdaily.com/public_html/wp-includes/plugin.php(517): WP_Hook->do_action() #14 /home/u968162543/domains/wikdaily.com/public_html/wp-includes/load.php(1304): do_action() #15 [internal function]: shutdown_action_hook() #16 {main} thrown in /home/u968162543/domains/wikdaily.com/public_html/wp-content/plugins/litespeed-cache/src/optimizer.cls.php on line 149