Microsoft’s June 2025 Patch Tuesday: What You Need to Know!

Microsoft has rolled out its June 2025 Patch Tuesday updates, a crucial event for keeping your systems secure. This month brings a significant total of 66 vulnerabilities patched, including 10 critical severity flaws, and, notably, two zero-day vulnerabilities. One of these, CVE-2025-33053, is already being actively exploited in the wild, while the other, CVE-2025-33073, has been publicly disclosed. The patches cover a wide range of products, including Windows, Microsoft Office, .NET, Visual Studio, and more. This significant update also includes non-security updates for Windows 10 and Windows 11, enhancing system stability and performance.

Why Patch Tuesday Matters

Patch Tuesday is Microsoft’s monthly release of security updates designed to fix vulnerabilities in its software, including Windows operating systems, Office applications, server products like Exchange and SQL Server, and other components. These vulnerabilities can be exploited by malicious actors to gain unauthorized access to systems, steal data, disrupt operations, or spread malware. Applying these updates promptly is essential to mitigate these risks.

Patch Tuesday updates are cumulative updates that usually only include minor patches and security fixes. 

A Closer Look at the Zero-Day Vulnerabilities Patched in June 2025 Patch Tuesday

CVE-2025-33053 – WebDAV Remote Code Execution Vulnerability

This is the most serious flaw in this month’s update—and it’s already being actively exploited by attackers. It affects WebDAV, a feature that lets users remotely manage files on web servers. If someone clicks on a malicious link, a hacker could run harmful code on their system without needing to log in or authenticate. This kind of attack can lead to full system compromise, and Microsoft says it’s being used by advanced threat actors.

CVE-2025-33073 – Windows SMB Client Elevation of Privilege Vulnerability

This vulnerability hasn’t been used in real-world attacks yet, but since it’s been publicly disclosed, attackers now have a blueprint to start trying. It targets the Windows SMB Client, which handles file sharing over networks. An attacker could trick a device into connecting to a fake SMB server, and once connected, escalate their privileges to SYSTEM level, giving them full control over the machine.

Ten Critical Vulnerabilities Patched June 2025 Patch Tuesday

Beyond the zero-days, Microsoft has addressed ten critical vulnerabilities that may pose significant risks.

• CVE-2025-47966 | Power Automate Elevation of Privilege Vulnerability: This critical flaw in Power Automate could allow an unauthorized attacker to elevate privileges over a network by exposing sensitive information. Potentially allowing them to control workflows or automation systems.
• CVE-2025-33066 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability: This bug in Windows’ Routing and Remote Access Service could let an attacker run code remotely without logging in, using specially crafted network messages to overflow the memory buffer.
• CVE-2025-33064 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability: Similar to the above, but this one requires low-level user access. Once in, an attacker can still trigger remote code execution by manipulating memory.
• CVE-2025-47162, CVE-2025-47164, CVE-2025-47167, CVE-2025-47953 | Microsoft Office Remote Code Execution Vulnerabilities: These four critical vulnerabilities in various Microsoft Office products (including Excel, Word, and PowerPoint) could let hackers run malicious code just by getting a user to open or preview a file. Issues include buffer overflows, type confusion, and use-after-free vulnerabilities.
• CVE-2025-47172 | Microsoft SharePoint Server Remote Code Execution Vulnerability: Attackers with access to a corporate network could exploit a flaw in SharePoint Server to execute malicious code by injecting rogue SQL commands, posing a serious risk in enterprise environments.
• CVE-2025-33071 | Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability: A flaw in the Kerberos Key Distribution Center Proxy lets attackers execute code remotely without needing to authenticate, affecting certain server roles in Windows Server deployments.
• CVE-2025-33070 | Windows Netlogon Elevation of Privilege Vulnerability: This vulnerability lets an attacker bypass authentication in the Netlogon service, potentially gaining elevated access over the network, especially dangerous in Active Directory environments.
• CVE-2025-32710 | Windows Remote Desktop Services Remote Code Execution Vulnerability: A serious bug in Remote Desktop Gateway that could allow attackers to run code remotely by exploiting a memory issue (use-after-free). While hard to pull off, successful exploitation gives deep control over the system.
• CVE-2025-29828 | Windows Schannel Remote Code Execution Vulnerability: A critical flaw in Windows Schannel (TLS) could allow attackers to run code remotely by exploiting a memory leak during secure communications, possibly impacting web-based or encrypted connections.
• CVE-2025-47176 | Microsoft Outlook Remote Code Execution Vulnerability: Perhaps the most alarming among Office flaws—this Outlook bug requires no user interaction once the attacker has credentials. It allows automatic and persistent code execution, just by delivering a crafted message.

Windows 10 and Windows 11 Updates

In addition to the security patches, Microsoft also rolls out various improvements and new features with its monthly updates.

For Windows 11 (especially version 24H2, where many new features are concentrated):

Build 26100.4343 (KB5060842) for version 24H2 introduces Security fixes for the zero-days listed above. Copilot gets smarter with new shortcuts and text actions, file sharing is easier with a new drag-and-drop tray, and restore points now last up to 60 days. There are also search and accessibility upgrades, better archive support, and cleaner system visuals.

Windows 10 Update

Build 19045.5965 (KB5060533) for version 22H2 includes Fixes for all the critical and zero-day vulnerabilities. Windows 10 users get the return of seconds on the taskbar clock, calendar enhancements, and key fixes for Hyper-V, Windows Hello, and memory issues.

Microsoft reminds users that Windows 10 support ends on October 14, 2025, and encourages upgrading to Windows 11 for continued updates and security.

Microsoft also confirmed that Microsoft 365 Apps will receive security updates on Windows 10 until October 2028, even after its EOL in October 2025.

Windows 7 and Windows 8.1 reached the End of support from Microsoft, which means the company no longer provides frequent updates or security patches for these operating systems. For more information please visit the Microsoft lifecycle page at https://learn.microsoft.com/en-us/lifecycle/end-of-support/end-of-support-2023

How to Obtain and Install the Updates

The primary method for obtaining and installing these updates is through Windows Update:

1. Windows Update: Go to Settings > Update & Security > Windows Update (or equivalent in older Windows versions) and check for updates.
2. WSUS/SCCM: Organizations using Windows Server Update Services (WSUS) or System Center Configuration Manager (SCCM) can deploy updates through their centralized management systems.
3. Microsoft Update Catalog: For specific updates or offline installations, you can download them directly from the Microsoft Update Catalog website.

Windows update offline installers:

• Windows 11 KB5060842 (Version 24H2) offline installer Direct Download Link 64-bit.
• Windows 11 KB5060999 (Version 23H2/22H2) offline installer Direct Download Link 64-bit.
• Windows 10 KB5060533 (For versions 22H2 and 21H1) Direct Download Links: 64-bit and 32-bit (x86).

Windows 10 KB5058392 (for version 1809) Offline Download Links

• KB5060531 64-bit | Download (701.5 MB)
• KB5060531 32-bit | Download (377.8 MB)

Important note:

• Focus on installing critical updates first, as they address the most severe vulnerabilities.
• Enable automatic updates to ensure that security patches are installed promptly.
• Before deploying updates to production systems, it’s recommended to test them in a non-production environment to identify any potential compatibility issues.
• Regularly check the Microsoft Security Update Guide for detailed information about released updates.

What time do Patch Tuesday patches come out?

• Microsoft schedules the release of security updates on “Patch Tuesday,” the second Tuesday of each month at 10:00 AM PST.

Is Patch Tuesday weekly or monthly?

• Patch Tuesday falls on the second Tuesday of each month. The upcoming Patch Tuesday is on July 08, 2025.

Why did the second Tuesday of every month called Patch Tuesday?

• The second Tuesday of the month is referred to as “Patch Tuesday” because Microsoft attempts to combine the largest updates into this maintenance window.

What is the latest update for Windows 11 June 2025?

• The latest Windows 11 KB5060842 for version 24H2 and KB5060533 is for Windows 10 version 22H/21H2.

What is the zero-day patch?

• The term “Zero-Day” is used when security teams are unaware of their software vulnerability, and they’ve had “0” days to work on a security patch or an update to fix the issue.