Microsoft has rolled out the Patch Tuesday updates for July 2025, making certain the updates. This month’s replace bundle is fairly enormous, addressing 137 completely different vulnerabilities throughout completely different merchandise. Customers with eligible gadgets ought to guarantee conserving their methods up-to-date with the newest fixes to stop potential threats.
One Zero-Day, Fourteen Important Vulnerabilities Addressed
Essentially the most noteworthy safety fixes with the July 2025 Patch Tuesday from Microsoft deal with ten important severity vulnerabilities. Of those, 9 vulnerabilities would permit distant code execution following an exploitation try, whereas one would end in data disclosure. Under is a fast breakdown of a few of these points.
- CVE-2025-49695, CVE-2025-49696, CVE-2025-49697 (important severity; CVSS 8.4): These embody a use-after-free flaw, an out-of-bounds learn, and a heap-based buffer overflow, respectively, in Microsoft Workplace. All three affected the Microsoft Workplace Preview Pane, permitting an unauthorized attacker to execute code.
- CVE-2025-49702 (important severity; CVSS 7.8): A kind confusion vulnerability in Microsoft Workplace resulting in distant code execution. An unauthorized attacker might exploit the flaw through the Preview Pane by tricking the goal person into opening a maliciously crafted file.
- CVE-2025-47981 (important severity; CVSS 9.8): A heap-based buffer overflow affecting the Home windows SPNEGO Prolonged Negotiation. An unauthorized adversary might exploit the flaw by sending a malicious message to the goal server, gaining distant code execution over the goal community.
- CVE-2025-47980 (important severity; CVSS 6.2): an data disclosure vulnerability in Home windows Imaging Element. An unauthorized attacker might exploit this flaw to “entry small parts of heap reminiscence”.
In addition to these, Microsoft additionally addressed a zero-day vulnerability with this replace bundle. Recognized as CVE-2025-49719 (vital severity; CVSS 7.5), the vulnerability existed resulting from improper enter validation in SQL Server, resulting in data disclosure to an unauthorized adversary. Microsoft confirmed detecting lively exploitation makes an attempt for this flaw and urges customers to replace their SQL servers to the patched variations.
Different Noteworthy Fixes In July Patch Tuesday From Microsoft
Alongside these fixes, Microsoft additionally addressed 119 different vital severity vulnerabilities, making this month’s replace bundle essential for Microsoft customers’ gadgets. These embody 5 denial of service vulnerabilities, 53 privilege escalation points, 15 data disclosure, 33 distant code execution vulnerabilities, 8 safety characteristic bypass points, 4 spoofing vulnerabilities, and 1 tampering situation.
Of those, 24 vulnerabilities achieved a excessive CVSS rating of 8.8. A few of these are shortly listed under.
- CVE-2025-47998, CVE-2025-48824, CVE-2025-49657, CVE-2025-49663, CVE-2025-49668, CVE-2025-49669, CVE-2025-49670, CVE-2025-49672, CVE-2025-49673, CVE-2025-49674, CVE-2025-49676, CVE-2025-49729, CVE-2025-49753: All these vulnerabilities existed within the Home windows Routing and Distant Entry Service (RRAS). Microsoft described all these vulnerabilities as heap-based buffer overflow that might let an unauthorized attacker execute code over the goal community.
- CVE-2025-49681: An out-of-bounds learn vulnerability in Home windows RRAS, which might permit data disclosure to an unauthorized adversary if the sufferer person is tricked into connecting to a malicious server.
- CVE-2025-49688: A double-free vulnerability in Home windows RRAS permits distant code execution. An unauthorized attacker might exploit the flaw by tricking the sufferer person into connecting to a malicious server arrange by the attacker.
- CVE-2025-49740: A safety characteristic bypass in Home windows SmartScreen that may let an attacker escape Mark-of-the-Net (MoTW) safety checks by tricking the sufferer into opening a maliciously crafted file.
- CVE-2025-49723: A tampering situation within the Home windows StateRepository API that existed resulting from lacking authorization. A certified attacker with low privileges might exploit the flaw to achieve elevated privileges, execute code, or entry sources. Nonetheless, the result of those elevated privileges, as Microsoft defined, would solely permit deleting SYSTEM recordsdata, with out permitting file viewing and modification.
Hold Your Programs Up to date!
Whereas Microsoft ensures computerized roll-out of all safety updates to eligible gadgets, customers ought to nonetheless verify their methods manually for any updates pending set up. Significantly, enterprise customers and organizations ought to guarantee updating all gadgets on their networks to keep away from potential threats resulting from outdated methods and unpatched vulnerabilities.
Tell us your ideas within the feedback.
