Headline
June 2025 Patch Tuesday: Microsoft Fixes 66 Bugs, Including Active 0-Day
June 2025 Patch Tuesday fixes 66 bugs, including a zero-day in WebDAV. Update Windows, Office, and more now to block active threats.
Microsoft’s June Patch Tuesday update has landed, bringing security fixes for 66 vulnerabilities across its product line. Among the patched flaws is one that was already being exploited in real-world attacks, making this month’s updates particularly important for both enterprises and individual users.
****One Zero-Day Actively Exploited****
The standout fix addresses CVE-2025-33053, a vulnerability in the WebDAV component of Windows. This flaw could allow attackers to execute code remotely if exploited correctly. Since it was already being used in attacks before today’s patch release, it falls into the “zero-day” category.
The WebDAV vulnerability affects both Windows 10 and Windows 11, along with related server versions. While Microsoft has not disclosed the full details of the attacks, they have confirmed that the bug was found in use in the wild.
****10 Critical Issues Fixed****
In addition to the zero-day, Microsoft patched 10 vulnerabilities rated Critical, which generally means they allow remote code execution or elevation of privilege without much user interaction. These include four bugs in Microsoft Office, which continue to be a regular target for attackers looking to send malicious documents through email.
Other products receiving fixes include Microsoft Edge, Power Automate, .NET, and components of Windows itself. While none of the other issues were reported as actively exploited, several are marked as more likely to be targeted in the near term.
****Windows Update Details****
The updated packages are available now and include:
Windows 11: KB5060842 (22H2 and 23H2)
Windows 10: KB5060533 and KB5060999
Windows Server versions: Also updated, depending on the build in use.
Admins should check their update management systems to confirm rollout and assess any compatibility concerns that may arise from the latest patches.
****Why This Month Matters****
The quick exploitation of CVE-2025-33053 once again shows how fast attackers move when new vulnerabilities are disclosed. While zero days often make headlines, the other fixes should not be ignored. Several of this month’s bugs involve components often exposed to the internet or frequently used in enterprise environments.
Companies that delay patching are not just risking data theft but also the cost of recovery from ransomware, which often begins with bugs like the ones patched today.
Nick Carroll, cyber incident response manager at Nightwing, the intelligence solutions company divested from RTX, commented on the Patch Tuesday event, stating, _“_There are a couple of vulnerabilities for the Windows Common Log File System (CVE-2025-32701 and CVE-2025-32706) which are Priv Esc vulnerabilities. Those aren’t critical, which means some organizations won’t prioritize patching them as quickly as they probably should. And if you look at what tends to get a lot of attention, critical vulnerabilities catch all the buzz,” noted Nick.
_“_But we see real world attacks abusing that Windows Log File subsystem pretty regularly. In fact, Nightwing has defended against exploits in the Windows Common Log File System in real world attacks last month related to the recently patched CVE-2025-29824 where the threat actors were abusing Living-off-the-Land tactics in conjunction with the exploit,” he added.
****What to Do Now****
Apply all available June updates as soon as possible, especially for systems using WebDAV
Review your Office file handling policies, especially if users frequently receive documents from outside the organization
Monitor network traffic for signs of suspicious activity linked to WebDAV or other patched services
Test in staging environments before rolling out company-wide, especially in environments with older or customized software stacks
Microsoft’s full advisory can be found on its official security update guide. Patching quickly remains one of the simplest and most effective defences against many forms of cyberattacks.
Related news
Microsoft today released security updates to fix at least 67 vulnerabilities in its Windows operating systems and software. Redmond warns that one of the flaws is already under active attack, and that software blueprints showing how to exploit a pervasive Windows bug patched this month are now public.
June Microsoft Patch Tuesday. A total of 81 vulnerabilities, roughly the same as in May. Among them, 15 vulnerabilities were added between the May and June MSPT. There are 3 vulnerabilities with signs of exploitation in the wild: 🔻 RCE – WEBDAV (CVE-2025-33053). The vulnerability is related to Internet Explorer mode in Microsoft Edge and […]
About Elevation of Privilege – Windows Common Log File System Driver (CVE-2025-32701, CVE-2025-32706) vulnerabilities. When Microsoft disclosed these vulnerabilities in the May Patch Tuesday, attackers were already exploiting them in the wild. The Common Log File System (CLFS) is a general-purpose logging service that can be used by software clients running in user-mode or kernel-mode. […]
May “In the Trend of VM” (#15): vulnerabilities in Microsoft Windows and the Erlang/OTP framework. A traditional monthly vulnerability roundup. 🙂 🗞 Post on Habr (rus)🗒 Digest on the PT website (rus) A total of 4 trending vulnerabilities: 🔻 Elevation of Privilege – Windows Common Log File System Driver (CVE-2025-29824)🔻 Elevation of Privilege – Windows […]
Microsoft on Tuesday released software updates to fix at least 70 vulnerabilities in Windows and related products, including five zero-day flaws that are already seeing active exploitation. Adding to the sense of urgency with this month's patch batch from Redmond are fixes for two other weaknesses that now have public proof-of-concept exploits available.
Microsoft on Tuesday released software updates to fix at least 70 vulnerabilities in Windows and related products, including five zero-day flaws that are already seeing active exploitation. Adding to the sense of urgency with this month's patch batch from Redmond are fixes for two other weaknesses that now have public proof-of-concept exploits available.
May Microsoft Patch Tuesday. A total of 93 vulnerabilities – about 1.5 times fewer than in April. Of these, 22 were added between the April and May MSPT. There are 5 vulnerabilities show signs of in-the-wild exploitation: 🔻 EoP – Microsoft DWM Core Library (CVE-2025-30400)🔻 EoP – Windows CLFS Driver (CVE-2025-32701, CVE-2025-32706)🔻 EoP – Windows […]
May Microsoft Patch Tuesday. A total of 93 vulnerabilities – about 1.5 times fewer than in April. Of these, 22 were added between the April and May MSPT. There are 5 vulnerabilities show signs of in-the-wild exploitation: 🔻 EoP – Microsoft DWM Core Library (CVE-2025-30400)🔻 EoP – Windows CLFS Driver (CVE-2025-32701, CVE-2025-32706)🔻 EoP – Windows […]
Microsoft has released its monthly security update for May of 2025 which includes 78 vulnerabilities affecting a range of products, including 11 that Microsoft marked as “critical”. Microsoft noted five vulnerabilities that have been observed to be exploited in the wild. CVE-2025-30397 is a remote code
Microsoft has released its monthly security update for May of 2025 which includes 78 vulnerabilities affecting a range of products, including 11 that Microsoft marked as “critical”. Microsoft noted five vulnerabilities that have been observed to be exploited in the wild. CVE-2025-30397 is a remote code
About Elevation of Privilege – Windows Common Log File System Driver (CVE-2025-29824) vulnerability. The vulnerability from the April Microsoft Patch Tuesday allows an attacker operating under a regular user account to escalate their privileges to SYSTEM level.🔻 According to Microsoft, the vulnerability was exploited in attacks against organizations in the U.S., Venezuela, Spain, and Saudi […]
April Microsoft Patch Tuesday. A total of 153 vulnerabilities, 2 times more than in March. Of these, 32 were added between the March and April MSPTs. Three vulnerabilities show signs of exploitation in the wild: 🔻 EoP – Windows Common Log File System Driver (CVE-2025-29824). An attacker can gain SYSTEM privileges. No technical details yet.🔻 […]
Microsoft today released updates to plug at least 121 security holes in its Windows operating systems and software, including one vulnerability that is already being exploited in the wild. Eleven of those flaws earned Microsoft's most-dire "critical" rating, meaning malware or malcontents could exploit them with little to no interaction from Windows users.