Headline
June Microsoft Patch Tuesday
June Microsoft Patch Tuesday. A total of 81 vulnerabilities, roughly the same as in May. Among them, 15 vulnerabilities were added between the May and June MSPT. There are 3 vulnerabilities with signs of exploitation in the wild: 🔻 RCE – WEBDAV (CVE-2025-33053). The vulnerability is related to Internet Explorer mode in Microsoft Edge and […]
June Microsoft Patch Tuesday. A total of 81 vulnerabilities, roughly the same as in May. Among them, 15 vulnerabilities were added between the May and June MSPT. There are 3 vulnerabilities with signs of exploitation in the wild:
🔻 RCE – WEBDAV (CVE-2025-33053). The vulnerability is related to Internet Explorer mode in Microsoft Edge and other applications. Exploited via malicious URL click.
🔻 SFB – Chromium (CVE-2025-4664)
🔻 Memory Corruption – Chromium (CVE-2025-5419)
There’s a PoC for one of the vulnerabilities on GitHub, but I doubt it actually works:
🔸 EoP – Microsoft Edge (CVE-2025-47181)
Other notable ones include:
🔹 RCE – Microsoft Office (CVE-2025-47162, CVE-2025-47164, CVE-2025-47167, CVE-2025-47953), KPSSVC (CVE-2025-33071), SharePoint (CVE-2025-47172), Outlook (CVE-2025-47171)
🔹 EoP – SMB Client (CVE-2025-33073), CLFS (CVE-2025-32713), Netlogon (CVE-2025-33070)
🗒 Full Vulristics report
На русском
Hi! My name is Alexander and I am a Vulnerability Management specialist. You can read more about me here. Currently, the best way to follow me is my Telegram channel @avleonovcom. I update it more often than this site. If you haven’t used Telegram yet, give it a try. It’s great. You can discuss my posts or ask questions at @avleonovchat.
А всех русскоязычных я приглашаю в ещё один телеграмм канал @avleonovrus, первым делом теперь пишу туда.
Related news
Microsoft today released security updates to fix at least 67 vulnerabilities in its Windows operating systems and software. Redmond warns that one of the flaws is already under active attack, and that software blueprints showing how to exploit a pervasive Windows bug patched this month are now public.
Microsoft today released security updates to fix at least 67 vulnerabilities in its Windows operating systems and software. Redmond warns that one of the flaws is already under active attack, and that software blueprints showing how to exploit a pervasive Windows bug patched this month are now public.
Microsoft today released security updates to fix at least 67 vulnerabilities in its Windows operating systems and software. Redmond warns that one of the flaws is already under active attack, and that software blueprints showing how to exploit a pervasive Windows bug patched this month are now public.
Microsoft today released security updates to fix at least 67 vulnerabilities in its Windows operating systems and software. Redmond warns that one of the flaws is already under active attack, and that software blueprints showing how to exploit a pervasive Windows bug patched this month are now public.
June 2025 Patch Tuesday fixes 66 bugs, including a zero-day in WebDAV. Update Windows, Office, and more now to block active threats.
Microsoft has released its monthly security update for June 2025, which includes 66 vulnerabilities affecting a range of products, including 10 that Microsoft marked as “critical.”
Microsoft has released its monthly security update for June 2025, which includes 66 vulnerabilities affecting a range of products, including 10 that Microsoft marked as “critical.”
Microsoft has released its monthly security update for June 2025, which includes 66 vulnerabilities affecting a range of products, including 10 that Microsoft marked as “critical.”
Microsoft has released its monthly security update for June 2025, which includes 66 vulnerabilities affecting a range of products, including 10 that Microsoft marked as “critical.”
Microsoft has released its monthly security update for June 2025, which includes 66 vulnerabilities affecting a range of products, including 10 that Microsoft marked as “critical.”
Microsoft has released its monthly security update for June 2025, which includes 66 vulnerabilities affecting a range of products, including 10 that Microsoft marked as “critical.”
Microsoft has released its monthly security update for June 2025, which includes 66 vulnerabilities affecting a range of products, including 10 that Microsoft marked as “critical.”
Microsoft has released its monthly security update for June 2025, which includes 66 vulnerabilities affecting a range of products, including 10 that Microsoft marked as “critical.”
In this week's newsletter, Martin emphasizes that awareness, basic cyber hygiene and preparation are essential for everyone, and highlights Talos' discovery of the new PathWiper malware.
Google has released an important update for Chrome, patching one actively exploited zero-day and two other security flaws
May Linux Patch Wednesday. This time: 1091 vulnerabilities. Of those, 716 are in the Linux Kernel. 🤯 5 vulnerabilities are exploited in the wild: 🔻 RCE – PHP CSS Parser (CVE-2020-13756). In AttackerKB, an exploit exists.🔻 DoS – Apache ActiveMQ (CVE-2025-27533). In AttackerKB, an exploit exists.🔻 SFB – Chromium (CVE-2025-4664). In CISA KEV.🔻 PathTrav – […]
A Chrome zero-day bug, CVE-2025-4664, exposes login tokens on Windows and Linux. Google has issued a fix, users should update immediately.