Contact us
En
Русский English
Services Company Blog
En
Русский English
MS Patch Tuesday

Analysis of Microsoft Patch Tuesday updates - June 2025

Executive Summary

On Tuesday, June 10, 2025, Microsoft released its monthly security patch addressing 66 vulnerabilities across its products.

By severity:

  • Important — 56;
  • Critical — 10.

Exploited (Zero-Days) and Publicly Disclosed Vulnerabilities

Special attention should be paid to the following 2 vulnerabilities. Fixing them is the highest priority:

  • CVE-2025-33053 (CVSS 8.8; Important) — Web Distributed Authoring and Versioning (WEBDAV) Remote Code Execution Vulnerability (Remote Code Execution). A vulnerability in Microsoft Windows Web Distributed Authoring and Versioning (WEBDAV) allows a remote attacker to execute arbitrary code if a user visits a specially crafted WebDAV URL.
  • CVE-2025-33073 (CVSS 8.8; Important) — Windows SMB Client Elevation of Privilege Vulnerability (Elevation of Privilege). Improper access control in the Windows SMB client allows an authenticated attacker to elevate their privileges on the network to SYSTEM by executing a malicious script.

Microsoft’s June 2025 Patch Tuesday includes fixes for 66 vulnerabilities, fewer than in the extensive May release. Despite the lower overall number, the package includes 10 critical vulnerabilities that require urgent attention. Key trends observed this month:

  • Large number of remote code execution (RCE) vulnerabilities: A significant share of the fixes, including several critical ones, is aimed at addressing RCE flaws. The main focus was on Microsoft Office (Word, Excel, Outlook, PowerPoint) and Microsoft SharePoint Server, underscoring their role as key attack vectors in enterprise environments.
  • Multiple information disclosure vulnerabilities: A distinguishing feature this month is the large number of similar Information Disclosure issues in the Windows Storage Management Provider component. While they are rated as medium severity, their volume may indicate a systemic problem in this component.
  • Denial-of-service (DoS) vulnerabilities: Several important fixes were released for DoS issues in network services such as DHCP Server and Local Security Authority (LSA). Exploiting these vulnerabilities could disrupt the stability and availability of key network services.
  • Ongoing elevation-of-privilege (EoP) risk: As in previous months, elevation-of-privilege vulnerabilities remain a pressing issue. In June, EoP flaws were fixed in components such as Windows Task Scheduler and Windows Installer, indicating Microsoft’s continued work to harden the system core.

Full List of Vulnerabilities

Below is a table of all vulnerabilities fixed this month.

CVETitleTypeCVSSSeverityExploitedPublicly Disclosed
CVE-2025-33053Web Distributed Authoring and Versioning (WEBDAV) Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantYesNo
CVE-2025-33073Windows SMB Client Elevation of Privilege VulnerabilityElevation of Privilege8.8ImportantNoYes
CVE-2025-47966Power Automate Elevation of Privilege VulnerabilityElevation of Privilege9.8CriticalNoNo
CVE-2025-33064Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantNoNo
CVE-2025-33066Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantNoNo
CVE-2025-47163Microsoft SharePoint Server Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantNoNo
CVE-2025-47166Microsoft SharePoint Server Remote Code Execution VulnerabilityRemote Code Execution8.8ImportantNoNo
CVE-2025-47172Microsoft SharePoint Server Remote Code Execution VulnerabilityRemote Code Execution8.8CriticalNoNo
CVE-2025-33067Windows Task Scheduler Elevation of Privilege VulnerabilityElevation of Privilege8.4ImportantNoNo
CVE-2025-47162Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution8.4CriticalNoNo
CVE-2025-47164Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution8.4CriticalNoNo
CVE-2025-47167Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution8.4CriticalNoNo
CVE-2025-47953Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution8.4CriticalNoNo
CVE-2025-47957Microsoft Word Remote Code Execution VulnerabilityRemote Code Execution8.4ImportantNoNo
CVE-2025-29828Windows Schannel Remote Code Execution VulnerabilityRemote Code Execution8.1CriticalNoNo
CVE-2025-32710Windows Remote Desktop Services Remote Code Execution VulnerabilityRemote Code Execution8.1CriticalNoNo
CVE-2025-33070Windows Netlogon Elevation of Privilege VulnerabilityElevation of Privilege8.1CriticalNoNo
CVE-2025-33071Windows KDC Proxy Service (KPSSVC) Remote Code Execution VulnerabilityRemote Code Execution8.1CriticalNoNo
CVE-2025-32712Win32k Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2025-32713Windows Common Log File System Driver Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2025-32714Windows Installer Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2025-32716Windows Media Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2025-32718Windows SMB Client Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2025-33075Windows Installer Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2025-47165Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2025-47168Microsoft Word Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2025-47169Microsoft Word Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2025-47170Microsoft Word Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2025-47173Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2025-47174Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2025-47175Microsoft PowerPoint Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2025-47176Microsoft Outlook Remote Code Execution VulnerabilityRemote Code Execution7.8ImportantNoNo
CVE-2025-47955Windows Remote Access Connection Manager Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2025-47962Windows SDK Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2025-47968Microsoft AutoUpdate (MAU) Elevation of Privilege VulnerabilityElevation of Privilege7.8ImportantNoNo
CVE-2025-47977Nuance Digital Engagement Platform Spoofing VulnerabilitySpoofing7.6ImportantNoNo
CVE-2025-30399.NET and Visual Studio Remote Code Execution VulnerabilityRemote Code Execution7.5ImportantNoNo
CVE-2025-32724Local Security Authority Subsystem Service (LSASS) Denial of Service VulnerabilityDenial of Service7.5ImportantNoNo
CVE-2025-32725DHCP Server Service Denial of Service VulnerabilityDenial of Service7.5ImportantNoNo
CVE-2025-33050DHCP Server Service Denial of Service VulnerabilityDenial of Service7.5ImportantNoNo
CVE-2025-33056Windows Local Security Authority (LSA) Denial of Service VulnerabilityDenial of Service7.5ImportantNoNo
CVE-2025-33068Windows Standards-Based Storage Management Service Denial of Service VulnerabilityDenial of Service7.5ImportantNoNo
CVE-2025-32721Windows Recovery Driver Elevation of Privilege VulnerabilityElevation of Privilege7.3ImportantNoNo
CVE-2025-47959Visual Studio Remote Code Execution VulnerabilityRemote Code Execution7.1ImportantNoNo
CVE-2025-47171Microsoft Outlook Remote Code Execution VulnerabilityRemote Code Execution6.7ImportantNoNo
CVE-2025-32715Remote Desktop Protocol Client Information Disclosure VulnerabilityInformation Disclosure6.5ImportantNoNo
CVE-2025-33057Windows Local Security Authority (LSA) Denial of Service VulnerabilityDenial of Service6.5ImportantNoNo
CVE-2025-24065Windows Storage Management Provider Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2025-24068Windows Storage Management Provider Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2025-24069Windows Storage Management Provider Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2025-32719Windows Storage Management Provider Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2025-32720Windows Storage Management Provider Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2025-32722Windows Storage Port Driver Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2025-33052Windows DWM Core Library Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2025-33055Windows Storage Management Provider Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2025-33058Windows Storage Management Provider Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2025-33059Windows Storage Management Provider Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2025-33060Windows Storage Management Provider Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2025-33061Windows Storage Management Provider Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2025-33062Windows Storage Management Provider Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2025-33063Windows Storage Management Provider Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2025-33065Windows Storage Management Provider Information Disclosure VulnerabilityInformation Disclosure5.5ImportantNoNo
CVE-2025-47956Windows Security App Spoofing VulnerabilitySpoofing5.5ImportantNoNo
CVE-2025-47160Windows Shortcut Files Security Feature Bypass VulnerabilitySecurity Feature Bypass5.4ImportantNoNo
CVE-2025-33069Windows App Control for Business Security Feature Bypass VulnerabilitySecurity Feature Bypass5.1ImportantNoNo
CVE-2025-47969Windows Virtualization-Based Security (VBS) Information Disclosure VulnerabilityInformation Disclosure4.4ImportantNoNo

Conclusion

June’s update, though less extensive than May’s, requires close attention from IT administrators due to the presence of 10 critical vulnerabilities and two actively discussed issues (one exploited, one publicly disclosed). Priority should be given to installing updates for Microsoft Office and SharePoint Server, as vulnerabilities in these products are traditionally used to gain access to corporate networks. Organizations should assess the risks associated with vulnerabilities of the «Denial of Service» type and take measures to protect mission‑critical network services. Timely application of patches for CVE-2025-33053 and CVE-2025-33073 is absolutely necessary to prevent potential attacks. Overall, a proactive vulnerability management strategy and automation of update processes remain best practice for maintaining infrastructure security. Public disclosure of weaknesses inevitably leads to exploit development, so delaying patch installation creates an unjustified risk.

Paranoid Security How Attackers Abuse Signed Drivers to Take Over Infrastructure. Using BYOVD to Bypass PPL Protection Mechanisms in Windows. February 5
Vulnerability Research How Attackers Abuse Signed Drivers to Take Over Infrastructure. Using BYOVD to Bypass PPL Protection Mechanisms in Windows.
Paranoid Security Microsoft Patch Tuesday Analysis – January 2026 January 13
MS Patch Tuesday Microsoft Patch Tuesday Analysis – January 2026
Paranoid Security FortiOS 8.0 firmware analysis & rootfs decryption January 12
FortiOS 8.0 firmware analysis & rootfs decryption