Microsoft’s June 2025 Patch Tuesday: 2 Zero-Days, 69 Vulnerabilities Patched!

Microsoft’s June 2025 Patch Tuesday rollout has addressed a substantial 69 vulnerabilities, including 10 critical and 57 important rated issues across Windows and enterprise services. Among these, two zero-day vulnerabilities drew special attention—one already exploited in the wild and the other publicly disclosed.

This month’s updates include patches for multiple flaws in .NET and Visual Studio, Windows Common Log File System Driver, Cryptographic Services, DHCP Server, Remote Desktop, Office, and more.

The most urgent fix targets CVE-2025-33053, an actively exploited Remote Code Execution (RCE) flaw in Web Distributed Authoring and Versioning (WebDAV). This vulnerability allows unauthenticated attackers to execute malicious code remotely by tricking users into opening specially crafted files.

“External control of file name or path in WebDAV allows an unauthorized attacker to execute code over a network,” Microsoft warned. CISA has added this flaw to its Known Exploited Vulnerabilities catalog and recommends patching before July 1, 2025.

The second zero-day, CVE-2025-33073, is an Elevation of Privilege (EoP) vulnerability in the Windows SMB Client, which can allow authenticated attackers to gain SYSTEM-level privileges due to improper access control.

Several critical RCE flaws stand out this month:

• CVE-2025-29828 – A flaw in Windows Schannel, where a missing memory release may allow an unauthenticated attacker to execute code over TLS using fragmented ClientHello messages.
• CVE-2025-32710 – A use-after-free vulnerability in Windows Remote Desktop Services, requiring attackers to “win a race condition” to gain remote code execution privileges.
• CVE-2025-47162, 47164, 47167, 47953 – Multiple heap overflow and type confusion vulnerabilities in Microsoft Office, exploitable by unauthenticated users to run arbitrary code.
• CVE-2025-33071 – A use-after-free vulnerability in the Windows KDC Proxy Service (KPSSVC), affecting Kerberos traffic relayed over HTTPS.
• CVE-2025-47172 – An RCE flaw in SharePoint Server, where improper input sanitization in SQL commands may let authenticated attackers gain full code execution.

With zero-days under active exploitation, IT administrators and security teams should act swiftly to review their patching status and apply all relevant updates across enterprise environments.

Related Posts:

• Government Hit by Multi-Malware Cyberattack via Cloudflare Service
• ZDI Details Copy2Pwn: Zero-Day CVE-2024-38213 Evades Windows Security Measures
• CISA & Microsoft Warn of 6 Actively Exploited Zero-Day Vulnerabilities
• Microsoft May 2025 Patch Tuesday Fixes 83 Vulnerabilities, Including 5 Exploited in the Wild