Microsoft’s June 2025 Patch Tuesday Addresses 65 CVEs (CVE-2025-33053)

On June 10, Microsoft released its June 2025 Patch Tuesday release which patched 65 CVEs with 9 rated as critical and 56 rated as important. This month’s updates include patches to address two zero-day vulnerabilities, with one being exploited in the wild.

CVE-2025-33053 is a remote code execution vulnerability in Web Distributed Authoring and Versioning (WebDAV). It was assigned a CVSSv3 score of 8.8 and is rated important. An attacker could exploit this vulnerability through social engineering, by convincing a target to open a malicious URL or file. Successful exploitation would give the attacker the ability to execute code on the victim’s network. According to Microsoft, it was exploited in the wild as a zero-day. According to researchers at Check Point Research, CVE-2025-33053 was exploited by an APT group known as Stealth Falcon.

CVE-2025-33073 is an elevation of privilege vulnerability affecting the Windows Server Message Block (SMB) client. It was assigned a CVSSv3 score of 8.8 and was publicly disclosed prior to a patch being made available. According to Microsoft, successful exploitation requires an attacker to execute a crafted script to force a target device to connect to an attacker-controlled machine using SMB credentials. If successful, the attacker could elevate their privileges to SYSTEM.

This month’s update includes patches for:

• .NET and Visual Studio
• App Control for Business (WDAC)
• Microsoft AutoUpdate (MAU)
• Microsoft Local Security Authority Server (lsasrv)
• Microsoft Office
• Microsoft Office Excel
• Microsoft Office Outlook
• Microsoft Office PowerPoint
• Microsoft Office SharePoint
• Microsoft Office Word
• Nuance Digital Engagement Platform
• Power Automate
• Remote Desktop Client
• Visual Studio
• WebDAV
• Windows Common Log File System Driver
• Windows Cryptographic Services
• Windows DHCP Server
• Windows DWM Core Library
• Windows Hello
• Windows Installer
• Windows KDC Proxy Service (KPSSVC)
• Windows Kernel
• Windows Local Security Authority (LSA)
• Windows Local Security Authority Subsystem Service (LSASS)
• Windows Media
• Windows Netlogon
• Windows Recovery Driver
• Windows Remote Access Connection Manager
• Windows Remote Desktop Services
• Windows Routing and Remote Access Service (RRAS)
• Windows SDK
• Windows SMB
• Windows Security App
• Windows Shell
• Windows Standards-Based Storage Management Service
• Windows Storage Management Provider
• Windows Storage Port Driver
• Windows Win32K GRFX

For more information, please visit our blog.