.Microsoft on Tuesday released 67 patches affecting 12 product households. Ten of the addressed points, 5 involving 365 and Workplace and one involving SharePoint, are thought of by Microsoft to be of Critical severity, and 17 have a CVSS base rating of 8.0 or larger. One, an Necessary-severity RCE in Home windows associated to WEBDAV (CVE-2025-33053), is recognized to be below lively exploitation within the wild. A further Necessary-severity SMB concern has been publicly disclosed, however is just not presently recognized to be below exploit.
At patch time, 9 extra CVEs are extra more likely to be exploited within the subsequent 30 days by the corporate’s estimation, not together with the WEBDAV concern talked about above. Numerous of this month’s points are amenable to direct detection by Sophos protections, and we embody data on those in a desk under. This most actually consists of CVE-2025-33053, during which Sophos itself has taken a specific curiosity – and, apparently, vice versa.
Along with these patches, ten Adobe Reader fixes, 4 of them thought of to be of Essential severity, are included within the launch. These are listed in Appendix D under. That appendix additionally contains data on two Edge-related vulnerabilities and a Essential-severity Energy Automate concern that was addressed earlier this month, in addition to restricted data on a Essential-severity bug in Copilot for which an advisory was launched the next day (Wednesday). The periodically launched Servicing Stack updates are additionally obtainable.
We’re as all the time together with on the finish of this submit extra appendices itemizing all Microsoft’s patches sorted by severity, by predicted exploitability timeline and CVSS Base rating, and by product household; an appendix protecting the advisory-style updates; and a breakout of the patches affecting the assorted Home windows Server platforms nonetheless in assist.
By the numbers
- Whole CVEs: 67
- Publicly disclosed: 1
- Exploit detected: 1
- Severity
- Essential: 10
- Necessary: 57
- Influence
- Distant Code Execution: 26
- Data Disclosure: 17
- Elevation of Privilege: 13
- Denial of Service: 6
- Safety Function Bypass: 3
- Spoofing: 2
- CVSS base rating 9.0 or larger: 0*
- CVSS base rating 8.0 or later: 18
* One concern, affecting Energy Automate for Desktop however patched by Microsoft on June 5, has been assigned a 9.8 CVSS base rating. Because it was mitigated previous to launch, we’re treating that data as advisory-only and don’t embody it on this month’s statistics. Likewise, the Copilot advisory launched on June 11 has a CVSS base rating of 9.3, however doesn’t determine into these tallies or charts.
Determine 1: A proportionally heavier-than-usual ten Essential-severity patches had been launched in June, although unusually six of these happen in 365, Workplace, or SharePoint moderately than the extra customary Home windows. (Two Edge updates coated this month should not launched with full affect data and thus don’t seem on this chart; we’re additionally excluding the Energy Automate patch as mentioned above)
Merchandise
- Home windows: 45*
- 365: 15
- Workplace: 14
- SharePoint: 5
- Visible Studio: 2
- Phrase: 2
- .NET: 1
- Excel: 1
- Microsoft AutoUpdate for Macintosh: 1
- Nuance Digital Engagement Platform: 1
- Outlook: 1
- PowerPoint: 1
* One Home windows SDK patch (CVE-2025-47962) and one patch affecting the Home windows Safety App element (CVE-2025-47956) are included within the Home windows counts for reader comfort, although neither impacts particular variations of the shopper or server platforms.
As is our customized for this record, CVEs that apply to multiple product household are counted as soon as for every household they have an effect on. We word that CVE names don’t all the time mirror affected product households intently. Specifically, some CVEs names within the Workplace household could point out merchandise that don’t seem within the record of merchandise affected by the CVE, and vice versa.
Determine 2: Twelve product households determine in Might’s Patch Tuesday launch; the Nuance medical-product household returns to the charts for a second month, this time addressing a spoofing concern in its Digital Engagement Platform
Notable June updates
Along with the problems mentioned above, a number of particular objects benefit consideration.
CVE-2025-33053 — Net Distributed Authoring and Versioning (WebDAV) Distant Code Execution Vulnerability
The one patched concern presently recognized to be below exploit within the wild is an Necessary-severity flaw in Net Distributed Authoring and Versioning code, which has been underpinning a lot of the web for the reason that IE period. That’s the issue; this patch touches the MSHTML, EdgeHTML, and scripting platforms, that are all nonetheless supported. Because of this these Microsoft prospects presently taking Safety Solely updates want to put in the IE Cumulative updates to correctly guard in opposition to this vulnerability – one thing right here for everybody, in different phrases.
The adversaries exploiting that vulnerability apparently discovered Sophos protections vexing. Endpoint safety scans new packages earlier than they run—however after launch, scanning drops off. Attackers exploit this by delivering packages with encrypted our bodies that evade static scanning and AI fashions. As soon as operating, the code decrypts itself, masses implants, and executes solely in reminiscence—by no means touching disk.
Sophos counters this with Dynamic Shellcode Safety, which limits how a lot executable reminiscence a course of can allocate. That restriction breaks stealthy in-memory assaults, forcing adversaries to revert to noisier, extra detectable strategies like distant injection—the place they’re a lot simpler to catch.
After that the attackers would have run into a number of extra Sophos layers of blacklist, antimalware signatures, and different defenses — nevertheless it’s fascinating to us to see ourselves mirrored in an adversary’s code as a very robust nut to crack. In any case, we advocate as all the time that defenders prioritize higher-profile patches comparable to this one.
CVE-2025-33073 – Home windows SMB Shopper Elevation of Privilege Vulnerability
It’s not recognized to be below lively exploitation but, and Microsoft signifies that they assume it’s much less more likely to be exploited throughout the subsequent 30 days, however this Necessary-severity EoP is the one June CVE recognized to have been publicly disclosed to this point. The problem comes all the way down to improper entry controls, and it impacts all supported Home windows shopper and server variations.
CVE-2025-47166 — Microsoft SharePoint Server Distant Code Execution Vulnerability
After debuting in Might, “zcgonvh’s cat Vanilla” makes a right away return look on the finder roster – that’s proper, the cat got here again the very subsequent Patch Tuesday.
CVE-2025-32711 — M365 Copilot Data Disclosure Vulnerability
Lastly, one CVE that was not launched within the Tuesday assortment, however merited the discharge of an advisory the next day: a Essential-severity, CVSS-base 9.3, information-disclosure error that made it potential for an unauthorized attacker to make use of command injection to reveal data from the AI instrument. The vulnerability was responsibly disclosed to Microsoft and the corporate acknowledged early Wednesday that the patch is already pushed to prospects.
Determine 3: As we wrap up the primary half of the 12 months, the proportion of Essential-severity RCEs over the previous six months is eye-catching
Determine 4: Evaluating first-half totals for 2024 and 2025, we see that the excessive variety of Essential-severity RCEs stands out much more strongly when in comparison with the 12 months earlier than – 40, in contrast with simply 9 for the primary half of the 12 months earlier than. A couple of different traits stand out as effectively, together with massive year-over-year will increase in data disclosure CVEs (44 in 1H24, 77 to this point in 2025) and denial of service points (34 in 1H24, 57 to this point in 2025)
Sophos protections
| CVE | Sophos Intercept X/Endpoint IPS | Sophos XGS Firewall |
| CVE-2025-32713 | Exp/2532713-A | Exp/2532713-A |
| CVE-2025-32714 | Exp/2532714-A | Exp/2532714-A |
| CVE-2025-33053 | sid:2311111 | sid:2311111 |
| CVE-2025-33070 | sid:2311128 | sid:2311128 |
| CVE-2025-47162 | sid:2311145 | sid:2311145 |
| CVE-2025-47164 | sid:2311146 | sid:2311146 |
| CVE-2025-47167 | sid:231113 | sid:231113 |
CVE-2025-33053 additionally has an relevant detection of word, Troj/UrlRun-B, along with the XSG signature famous above.
As you possibly can each month, should you don’t need to wait to your system to drag down Microsoft’s updates itself, you possibly can obtain them manually from the Home windows Replace Catalog web site. Run the winver.exe instrument to find out which construct of Home windows 10 or 11 you’re operating, then obtain the Cumulative Replace bundle to your particular system’s structure and construct quantity.
Appendix A: Vulnerability Influence and Severity
It is a record of June patches sorted by affect, then sub-sorted by severity. Every record is additional organized by CVE.
Distant Code Execution (25 CVEs)
| Essential severity | |
| CVE-2025-29828 | Home windows Schannel Distant Code Execution Vulnerability |
| CVE-2025-32710 | Home windows Distant Desktop Companies Distant Code Execution Vulnerability |
| CVE-2025-32717 | Microsoft Phrase Distant Code Execution Vulnerability |
| CVE-2025-33071 | Home windows KDC Proxy Service (KPSSVC) Distant Code Execution Vulnerability |
| CVE-2025-47162 | Microsoft Workplace Distant Code Execution Vulnerability |
| CVE-2025-47164 | Microsoft Workplace Distant Code Execution Vulnerability |
| CVE-2025-47167 | Microsoft Workplace Distant Code Execution Vulnerability |
| CVE-2025-47172 | Microsoft SharePoint Server Distant Code Execution Vulnerability |
| CVE-2025-47953 | Microsoft Workplace Distant Code Execution Vulnerability |
| Necessary severity | |
| CVE-2025-30399 | .NET and Visible Studio Distant Code Execution Vulnerability |
| CVE-2025-33053 | Net Distributed Authoring and Versioning (WEBDAV) Distant Code Execution Vulnerability |
| CVE-2025-33064 | Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability |
| CVE-2025-33066 | Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability |
| CVE-2025-47163 | Microsoft SharePoint Server Distant Code Execution Vulnerability |
| CVE-2025-47165 | Microsoft Excel Distant Code Execution Vulnerability |
| CVE-2025-47166 | Microsoft SharePoint Server Distant Code Execution Vulnerability |
| CVE-2025-47168 | Microsoft Phrase Distant Code Execution Vulnerability |
| CVE-2025-47169 | Microsoft Phrase Distant Code Execution Vulnerability |
| CVE-2025-47170 | Microsoft Phrase Distant Code Execution Vulnerability |
| CVE-2025-47171 | Microsoft Outlook Distant Code Execution Vulnerability |
| CVE-2025-47173 | Microsoft Workplace Distant Code Execution Vulnerability |
| CVE-2025-47174 | Microsoft Excel Distant Code Execution Vulnerability |
| CVE-2025-47175 | Microsoft PowerPoint Distant Code Execution Vulnerability |
| CVE-2025-47176 | Microsoft Outlook Distant Code Execution Vulnerability |
| CVE-2025-47957 | Microsoft Phrase Distant Code Execution Vulnerability |
| CVE-2025-47959 | Visible Studio Distant Code Execution Vulnerability |
Data Disclosure (17 CVEs)
| Necessary severity | |
| CVE-2025-24065 | Home windows Storage Administration Supplier Data Disclosure Vulnerability |
| CVE-2025-24068 | Home windows Storage Administration Supplier Data Disclosure Vulnerability |
| CVE-2025-24069 | Home windows Storage Administration Supplier Data Disclosure Vulnerability |
| CVE-2025-32715 | Distant Desktop Protocol Shopper Data Disclosure Vulnerability |
| CVE-2025-32719 | Home windows Storage Administration Supplier Data Disclosure Vulnerability |
| CVE-2025-32720 | Home windows Storage Administration Supplier Data Disclosure Vulnerability |
| CVE-2025-32722 | Home windows Storage Port Driver Data Disclosure Vulnerability |
| CVE-2025-33052 | Home windows DWM Core Library Data Disclosure Vulnerability |
| CVE-2025-33055 | Home windows Storage Administration Supplier Data Disclosure Vulnerability |
| CVE-2025-33058 | Home windows Storage Administration Supplier Data Disclosure Vulnerability |
| CVE-2025-33059 | Home windows Storage Administration Supplier Data Disclosure Vulnerability |
| CVE-2025-33060 | Home windows Storage Administration Supplier Data Disclosure Vulnerability |
| CVE-2025-33061 | Home windows Storage Administration Supplier Data Disclosure Vulnerability |
| CVE-2025-33062 | Home windows Storage Administration Supplier Data Disclosure Vulnerability |
| CVE-2025-33063 | Home windows Storage Administration Supplier Data Disclosure Vulnerability |
| CVE-2025-33065 | Home windows Storage Administration Supplier Data Disclosure Vulnerability |
| CVE-2025-47969 | Home windows Virtualization-Primarily based Safety (VBS) Data Disclosure Vulnerability |
Elevation of Privilege (13 CVEs)
| Essential severity | |
| CVE-2025-33070 | Home windows Netlogon Elevation of Privilege Vulnerability |
| Necessary severity | |
| CVE-2025-32712 | Win32k Elevation of Privilege Vulnerability |
| CVE-2025-32713 | Home windows Frequent Log File System Driver Elevation of Privilege Vulnerability |
| CVE-2025-32714 | Home windows Installer Elevation of Privilege Vulnerability |
| CVE-2025-32716 | Home windows Media Elevation of Privilege Vulnerability |
| CVE-2025-32718 | Home windows SMB Shopper Elevation of Privilege Vulnerability |
| CVE-2025-32721 | Home windows Restoration Driver Elevation of Privilege Vulnerability |
| CVE-2025-33067 | Home windows Job Scheduler Elevation of Privilege Vulnerability |
| CVE-2025-33073 | Home windows SMB Shopper Elevation of Privilege Vulnerability |
| CVE-2025-33075 | Home windows Installer Elevation of Privilege Vulnerability |
| CVE-2025-47955 | Home windows Distant Entry Connection Supervisor Elevation of Privilege Vulnerability |
| CVE-2025-47962 | Home windows SDK Elevation of Privilege Vulnerability |
| CVE-2025-47968 | Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability |
Denial of Service (6 CVEs)
| Necessary severity | |
| CVE-2025-32724 | Native Safety Authority Subsystem Service (LSASS) Denial of Service Vulnerability |
| CVE-2025-32725 | DHCP Server Service Denial of Service Vulnerability |
| CVE-2025-33050 | DHCP Server Service Denial of Service Vulnerability |
| CVE-2025-33056 | Home windows Native Safety Authority (LSA) Denial of Service Vulnerability |
| CVE-2025-33057 | Home windows Native Safety Authority (LSA) Denial of Service Vulnerability |
| CVE-2025-33068 | Home windows Requirements-Primarily based Storage Administration Service Denial of Service Vulnerability |
| CVE-2025-32724 | Native Safety Authority Subsystem Service (LSASS) Denial of Service Vulnerability |
Safety Function Bypass (3 CVEs)
| Necessary severity | |
| CVE-2025-3052 | Cert CC: CVE-2025-3052 InsydeH2O Safe Boot Bypass |
| CVE-2025-33069 | Home windows App Management for Enterprise Safety Function Bypass Vulnerability |
| CVE-2025-47160 | Home windows Shortcut Recordsdata Safety Function Bypass Vulnerability |
Spoofing (2 CVEs)
| Necessary severity | |
| CVE-2025-47956 | Home windows Safety App Spoofing Vulnerability |
| CVE-2025-47977 | Nuance Digital Engagement Platform Spoofing Vulnerability |
Appendix B: Exploitability and CVSS
It is a record of the June CVEs judged by Microsoft to be both below exploitation within the wild or extra more likely to be exploited within the wild throughout the first 30 days post-release. The record is additional organized by CVE. The three Workplace objects extra more likely to be exploited within the subsequent 30 days (CVE-2025-47162, CVE-2025-47164, and CVE-2025-47167) are all exploitable by way of Preview Pane.
| Exploitation detected | |
| CVE-2025-33053 | Net Distributed Authoring and Versioning (WEBDAV) Distant Code Execution Vulnerability |
| Exploitation extra seemingly throughout the subsequent 30 days | |
| CVE-2025-32713 | Home windows Frequent Log File System Driver Elevation of Privilege Vulnerability |
| CVE-2025-32714 | Home windows Installer Elevation of Privilege Vulnerability |
| CVE-2025-32717 | Microsoft Phrase Distant Code Execution Vulnerability |
| CVE-2025-33070 | Home windows Netlogon Elevation of Privilege Vulnerability |
| CVE-2025-33071 | Home windows KDC Proxy Service (KPSSVC) Distant Code Execution Vulnerability |
| CVE-2025-47162 | Microsoft Workplace Distant Code Execution Vulnerability |
| CVE-2025-47164 | Microsoft Workplace Distant Code Execution Vulnerability |
| CVE-2025-47167 | Microsoft Workplace Distant Code Execution Vulnerability |
| CVE-2025-47962 | Home windows SDK Elevation of Privilege Vulnerability |
It is a record of June’s CVEs with a Microsoft-assessed CVSS Base rating of 8.0 or larger. They’re organized by rating and additional sorted by CVE. For extra data on how CVSS works, please see our collection on patch prioritization schema.
| CVSS Base | CVSS Temporal | CVE | Title |
| 8.8 | 8.2 | CVE-2025-33053 | Net Distributed Authoring and Versioning (WEBDAV) Distant Code Execution Vulnerability |
| 8.8 | 7.7 | CVE-2025-33064 | Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability |
| 8.8 | 7.7 | CVE-2025-33066 | Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability |
| 8.8 | 7.9 | CVE-2025-33073 | Home windows SMB Shopper Elevation of Privilege Vulnerability |
| 8.8 | 7.7 | CVE-2025-47163 | Microsoft SharePoint Server Distant Code Execution Vulnerability |
| 8.8 | 7.7 | CVE-2025-47166 | Microsoft SharePoint Server Distant Code Execution Vulnerability |
| 8.8 | 7.7 | CVE-2025-47172 | Microsoft SharePoint Server Distant Code Execution Vulnerability |
| 8.4 | 7.3 | CVE-2025-32717 | Microsoft Phrase Distant Code Execution Vulnerability |
| 8.4 | 7.3 | CVE-2025-33067 | Home windows Job Scheduler Elevation of Privilege Vulnerability |
| 8.4 | 7.3 | CVE-2025-47162 | Microsoft Workplace Distant Code Execution Vulnerability |
| 8.4 | 7.3 | CVE-2025-47164 | Microsoft Workplace Distant Code Execution Vulnerability |
| 8.4 | 7.3 | CVE-2025-47167 | Microsoft Workplace Distant Code Execution Vulnerability |
| 8.4 | 7.3 | CVE-2025-47953 | Microsoft Workplace Distant Code Execution Vulnerability |
| 8.4 | 7.3 | CVE-2025-47957 | Microsoft Phrase Distant Code Execution Vulnerability |
| 8.1 | 7.1 | CVE-2025-29828 | Home windows Schannel Distant Code Execution Vulnerability |
| 8.1 | 7.1 | CVE-2025-32710 | Home windows Distant Desktop Companies Distant Code Execution Vulnerability |
| 8.1 | 7.1 | CVE-2025-33070 | Home windows Netlogon Elevation of Privilege Vulnerability |
| 8.1 | 7.1 | CVE-2025-33071 | Home windows KDC Proxy Service (KPSSVC) Distant Code Execution Vulnerability |
Appendix C: Merchandise Affected
It is a record of June’s patches sorted by product household, then sub-sorted by severity. Every record is additional organized by CVE. Patches which are shared amongst a number of product households are listed a number of occasions, as soon as for every product household. Sure important points for which advisories have been issued are coated in Appendix D, and points affecting Home windows Server are additional sorted in Appendix E. All CVE titles are correct as made obtainable by Microsoft; for additional data on why sure merchandise could seem in titles and never product households (or vice versa), please seek the advice of Microsoft.
Home windows (45 CVEs)
| Essential severity | |
| CVE-2025-29828 | Home windows Schannel Distant Code Execution Vulnerability |
| CVE-2025-32710 | Home windows Distant Desktop Companies Distant Code Execution Vulnerability |
| CVE-2025-33070 | Home windows Netlogon Elevation of Privilege Vulnerability |
| CVE-2025-33071 | Home windows KDC Proxy Service (KPSSVC) Distant Code Execution Vulnerability |
| Necessary severity | |
| CVE-2025-3052 | Cert CC: CVE-2025-3052 InsydeH2O Safe Boot Bypass |
| CVE-2025-24065 | Home windows Storage Administration Supplier Data Disclosure Vulnerability |
| CVE-2025-24068 | Home windows Storage Administration Supplier Data Disclosure Vulnerability |
| CVE-2025-24069 | Home windows Storage Administration Supplier Data Disclosure Vulnerability |
| CVE-2025-32712 | Win32k Elevation of Privilege Vulnerability |
| CVE-2025-32713 | Home windows Frequent Log File System Driver Elevation of Privilege Vulnerability |
| CVE-2025-32714 | Home windows Installer Elevation of Privilege Vulnerability |
| CVE-2025-32715 | Distant Desktop Protocol Shopper Data Disclosure Vulnerability |
| CVE-2025-32716 | Home windows Media Elevation of Privilege Vulnerability |
| CVE-2025-32718 | Home windows SMB Shopper Elevation of Privilege Vulnerability |
| CVE-2025-32719 | Home windows Storage Administration Supplier Data Disclosure Vulnerability |
| CVE-2025-32720 | Home windows Storage Administration Supplier Data Disclosure Vulnerability |
| CVE-2025-32721 | Home windows Restoration Driver Elevation of Privilege Vulnerability |
| CVE-2025-32722 | Home windows Storage Port Driver Data Disclosure Vulnerability |
| CVE-2025-32724 | Native Safety Authority Subsystem Service (LSASS) Denial of Service Vulnerability |
| CVE-2025-32725 | DHCP Server Service Denial of Service Vulnerability |
| CVE-2025-33050 | DHCP Server Service Denial of Service Vulnerability |
| CVE-2025-33052 | Home windows DWM Core Library Data Disclosure Vulnerability |
| CVE-2025-33053 | Net Distributed Authoring and Versioning (WEBDAV) Distant Code Execution Vulnerability |
| CVE-2025-33055 | Home windows Storage Administration Supplier Data Disclosure Vulnerability |
| CVE-2025-33056 | Home windows Native Safety Authority (LSA) Denial of Service Vulnerability |
| CVE-2025-33057 | Home windows Native Safety Authority (LSA) Denial of Service Vulnerability |
| CVE-2025-33058 | Home windows Storage Administration Supplier Data Disclosure Vulnerability |
| CVE-2025-33059 | Home windows Storage Administration Supplier Data Disclosure Vulnerability |
| CVE-2025-33060 | Home windows Storage Administration Supplier Data Disclosure Vulnerability |
| CVE-2025-33061 | Home windows Storage Administration Supplier Data Disclosure Vulnerability |
| CVE-2025-33062 | Home windows Storage Administration Supplier Data Disclosure Vulnerability |
| CVE-2025-33063 | Home windows Storage Administration Supplier Data Disclosure Vulnerability |
| CVE-2025-33064 | Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability |
| CVE-2025-33065 | Home windows Storage Administration Supplier Data Disclosure Vulnerability |
| CVE-2025-33066 | Home windows Routing and Distant Entry Service (RRAS) Distant Code Execution Vulnerability |
| CVE-2025-33067 | Home windows Job Scheduler Elevation of Privilege Vulnerability |
| CVE-2025-33068 | Home windows Requirements-Primarily based Storage Administration Service Denial of Service Vulnerability |
| CVE-2025-33069 | Home windows App Management for Enterprise Safety Function Bypass Vulnerability |
| CVE-2025-33073 | Home windows SMB Shopper Elevation of Privilege Vulnerability |
| CVE-2025-33075 | Home windows Installer Elevation of Privilege Vulnerability |
| CVE-2025-47160 | Home windows Shortcut Recordsdata Safety Function Bypass Vulnerability |
| CVE-2025-47955 | Home windows Distant Entry Connection Supervisor Elevation of Privilege Vulnerability |
| CVE-2025-47956 | Home windows Safety App Spoofing Vulnerability |
| CVE-2025-47962 | Home windows SDK Elevation of Privilege Vulnerability |
| CVE-2025-47969 | Home windows Virtualization-Primarily based Safety (VBS) Data Disclosure Vulnerability |
365 (14 CVEs)
| Essential severity | |
| CVE-2025-32717 | Microsoft Phrase Distant Code Execution Vulnerability |
| CVE-2025-47162 | Microsoft Workplace Distant Code Execution Vulnerability |
| CVE-2025-47164 | Microsoft Workplace Distant Code Execution Vulnerability |
| CVE-2025-47167 | Microsoft Workplace Distant Code Execution Vulnerability |
| CVE-2025-47953 | Microsoft Workplace Distant Code Execution Vulnerability |
| Necessary severity | |
| CVE-2025-47165 | Microsoft Excel Distant Code Execution Vulnerability |
| CVE-2025-47168 | Microsoft Phrase Distant Code Execution Vulnerability |
| CVE-2025-47169 | Microsoft Phrase Distant Code Execution Vulnerability |
| CVE-2025-47170 | Microsoft Phrase Distant Code Execution Vulnerability |
| CVE-2025-47171 | Microsoft Outlook Distant Code Execution Vulnerability |
| CVE-2025-47173 | Microsoft Workplace Distant Code Execution Vulnerability |
| CVE-2025-47174 | Microsoft Excel Distant Code Execution Vulnerability |
| CVE-2025-47175 | Microsoft PowerPoint Distant Code Execution Vulnerability |
| CVE-2025-47176 | Microsoft Outlook Distant Code Execution Vulnerability |
| CVE-2025-47957 | Microsoft Phrase Distant Code Execution Vulnerability |
Workplace (14 CVEs)
| Essential severity | |
| CVE-2025-47162 | Microsoft Workplace Distant Code Execution Vulnerability |
| CVE-2025-47164 | Microsoft Workplace Distant Code Execution Vulnerability |
| CVE-2025-47167 | Microsoft Workplace Distant Code Execution Vulnerability |
| CVE-2025-47953 | Microsoft Workplace Distant Code Execution Vulnerability |
| Necessary severity | |
| CVE-2025-47165 | Microsoft Excel Distant Code Execution Vulnerability |
| CVE-2025-47168 | Microsoft Phrase Distant Code Execution Vulnerability |
| CVE-2025-47169 | Microsoft Phrase Distant Code Execution Vulnerability |
| CVE-2025-47170 | Microsoft Phrase Distant Code Execution Vulnerability |
| CVE-2025-47171 | Microsoft Outlook Distant Code Execution Vulnerability |
| CVE-2025-47173 | Microsoft Workplace Distant Code Execution Vulnerability |
| CVE-2025-47174 | Microsoft Excel Distant Code Execution Vulnerability |
| CVE-2025-47175 | Microsoft PowerPoint Distant Code Execution Vulnerability |
| CVE-2025-47176 | Microsoft Outlook Distant Code Execution Vulnerability |
| CVE-2025-47957 | Microsoft Phrase Distant Code Execution Vulnerability |
SharePoint (5 CVEs)
| Essential severity | |
| CVE-2025-47172 | Microsoft SharePoint Server Distant Code Execution Vulnerability |
| Necessary severity | |
| CVE-2025-47163 | Microsoft SharePoint Server Distant Code Execution Vulnerability |
| CVE-2025-47166 | Microsoft SharePoint Server Distant Code Execution Vulnerability |
| CVE-2025-47168 | Microsoft Phrase Distant Code Execution Vulnerability |
| CVE-2025-47169 | Microsoft Phrase Distant Code Execution Vulnerability |
Visible Studio (2 CVEs)
| Necessary severity | |
| CVE-2025-30399 | .NET and Visible Studio Distant Code Execution Vulnerability |
| CVE-2025-47959 | Visible Studio Distant Code Execution Vulnerability |
Phrase (2 CVEs)
| Necessary severity | |
| CVE-2025-47168 | Microsoft Phrase Distant Code Execution Vulnerability |
| CVE-2025-47169 | Microsoft Phrase Distant Code Execution Vulnerability |
.NET (1 CVE)
| Necessary severity | |
| CVE-2025-30399 | .NET and Visible Studio Distant Code Execution Vulnerability |
Excel (1 CVE)
| Necessary severity | |
| CVE-2025-47165 | Microsoft Excel Distant Code Execution Vulnerability |
Microsoft AutoUpdate for Macintosh (1 CVE)
| Necessary severity | |
| CVE-2025-47968 | Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability |
Nuance Digital Engagement Platform (1 CVE)
| Necessary severity | |
| CVE-2025-47977 | Nuance Digital Engagement Platform Spoofing Vulnerability |
Outlook (1 CVE)
| Necessary severity | |
| CVE-2025-47171 | Microsoft Outlook Distant Code Execution Vulnerability |
PowerPoint (1 CVE)
| Necessary severity | |
| CVE-2025-47175 | Microsoft PowerPoint Distant Code Execution Vulnerability |
Appendix D: Advisories and Different Merchandise
There are 10 Adobe Reader advisories in June’s launch, APSB25-57. Since there’s some selection in severity ranges on this month’s set, we’re together with that data as effectively.
| Essential | CVE-2025-43573 | Use After Free (CWE-416) |
| Essential | CVE-2025-43574 | Use After Free (CWE-416) |
| Essential | CVE-2025-43575 | Out-of-bounds Write (CWE-787) |
| Essential | CVE-2025-43576 | Use After Free (CWE-416) |
| Necessary | CVE-2025-43550 | Use After Free (CWE-416) |
| Necessary | CVE-2025-43577 | Use After Free (CWE-416) |
| Necessary | CVE-2025-43578 | Out-of-bounds Learn (CWE-125) |
| Necessary | CVE-2025-47112 | Out-of-bounds Learn (CWE-125) |
| Reasonable | CVE-2025-43579 | Data Publicity (CWE-200) |
| Reasonable | CVE-2025-47111 | NULL Pointer Dereference (CWE-476) |
There are extra Microsoft advisories and informational releases that deserve consideration. The Energy Automate patch is fascinating – a Essential-severity EoP with a CVSS base rating of 9.8 – however the patch itself was issued practically every week in the past, and so the knowledge introduced under is especially FYI. In extra, Net elders are hereby reassured that the “Blink” concerned in CVE-2025-5068 pertains to the Chromium rendering engine, not the erstwhile markup tag finest described as Devil’s eyelash.
| ADV990001 | Newest Servicing Stack Updates |
| CVE-2025-5068 | Chromium: CVE-2025-5068 Use after free in Blink |
| CVE-2025-5419 | Chromium: CVE-2025-5419 Out of bounds learn and write in V8 |
| CVE-2025-47966 | Energy Automate Elevation of Privilege Vulnerability |
As famous above, on Wednesday Microsoft launched an advisory regarding CVE-2025-32711, “M365 Copilot Data Disclosure Vulnerability,” a Essential-severity information-disclosure bug in Copilot. Although technically not included in Patch Tuesday’s haul, we embody acknowledgement of that launch as a courtesy to the reader.
Appendix E: Affected Home windows Server variations
It is a desk of the CVEs within the June launch affecting 9 Home windows Server variations, 2008 by way of 2025. The desk differentiates amongst main variations of the platform however doesn’t go into deeper element (eg., Server Core). Essential-severity points are marked in pink; an “x” signifies that the CVE doesn’t apply to that model. Directors are inspired to make use of this appendix as a place to begin to determine their particular publicity, as every reader’s state of affairs, particularly because it considerations merchandise out of mainstream assist, will range. For particular Information Base numbers, please seek the advice of Microsoft.
| 2008 | 2008-R2 | 2012 | 2012-R2 | 2016 | 2019 | 2022 | 2022 23H2 | 2025 | |
| CVE-2025-24065 | × | × | × | × | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-24068 | × | × | × | × | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-24069 | × | × | × | × | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-29828 | × | × | × | × | × | × | ■ | ■ | ■ |
| CVE-2025-3052 | × | × | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-32710 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-32712 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-32713 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-32714 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-32715 | × | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-32716 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | × |
| CVE-2025-32718 | × | × | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-32719 | × | × | × | × | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-32720 | × | × | × | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-32721 | × | × | × | × | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-32722 | × | × | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-32724 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-32725 | × | × | × | × | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-33050 | × | × | × | × | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-33052 | × | × | × | × | × | ■ | ■ | ■ | ■ |
| CVE-2025-33053 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-33055 | × | × | × | × | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-33056 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-33057 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-33058 | × | × | × | × | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-33059 | × | × | × | × | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-33060 | × | × | × | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-33061 | × | × | × | × | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-33062 | × | × | × | × | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-33063 | × | × | × | × | × | ■ | ■ | ■ | ■ |
| CVE-2025-33064 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-33065 | × | × | × | × | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-33066 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-33067 | × | × | × | × | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-33068 | × | × | × | ■ | ■ | ■ | ■ | × | ■ |
| CVE-2025-33069 | × | × | × | × | × | × | × | × | ■ |
| CVE-2025-33070 | × | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-33071 | × | × | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-33073 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-33075 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-47160 | × | × | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-47955 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-47969 | × | × | × | × | × | × | × | × | ■ |
