Full Report
9Critical56Important0Moderate0LowMicrosoft addresses 65 CVEs, including two zero-day vulnerabilities, with one being exploited in the wild.Microsoft addresses 65 CVEs in its June 2025 Patch Tuesday release, with nine rated critical, and 56 rated as important. Our counts omitted one vulnerability reported by CERT CC.This month’s update includes patches for:.NET and Visual StudioApp Control for Business (WDAC)Microsoft AutoUpdate (MAU)Microsoft Local Security Authority Server (lsasrv)Microsoft OfficeMicrosoft Office ExcelMicrosoft Office OutlookMicrosoft Office PowerPointMicrosoft Office SharePointMicrosoft Office WordNuance Digital Engagement PlatformPower AutomateRemote Desktop ClientVisual StudioWebDAVWindows Common Log File System DriverWindows Cryptographic ServicesWindows DHCP ServerWindows DWM Core LibraryWindows HelloWindows InstallerWindows KDC Proxy Service (KPSSVC)Windows KernelWindows Local Security Authority (LSA)Windows Local Security Authority Subsystem Service (LSASS)Windows MediaWindows NetlogonWindows Recovery DriverWindows Remote Access Connection ManagerWindows Remote Desktop ServicesWindows Routing and Remote Access Service (RRAS)Windows SDKWindows SMBWindows Security AppWindows ShellWindows Standards-Based Storage Management ServiceWindows Storage Management ProviderWindows Storage Port DriverWindows Win32K GRFXRemote code execution (RCE) vulnerabilities accounted for 38.5% of the vulnerabilities patched this month, followed by information disclosure vulnerabilities at 26.2%.ImportantCVE-2025-33053 | Web Distributed Authoring and Versioning (WebDAV) Remote Code Execution VulnerabilityCVE-2025-33053 is a RCE in Web Distributed Authoring and Versioning (WebDAV). It was assigned a CVSSv3 score of 8.8 and is rated important. An attacker could exploit this vulnerability through social engineering, by convincing a target to open a malicious URL or file. Successful exploitation would give the attacker the ability to execute code on the victim’s network.According to Microsoft, it was exploited in the wild as a zero-day. It was reported by researchers at Check Point Research, who have released a blog post discussing the discovery of this zero-day. According to the researchers, CVE-2025-33053 was exploited by Stealth Falcon, an APT group that has been observed using zero-day exploits in espionage attacks.ImportantCVE-2025-33073 | Windows SMB Client Elevation of Privilege VulnerabilityCVE-2025-33073 is an EoP vulnerability affecting the Windows Server Message Block (SMB) client. It was assigned a CVSSv3 score of 8.8 and was publicly disclosed prior to a patch being made available. According to Microsoft, successful exploitation requires an attacker to execute a crafted script to force a target device to connect to an attacker-controlled machine using SMB credentials. If successful, the attacker could elevate their privileges to SYSTEM.CriticalCVE-2025-33070 | Windows Netlogon Elevation of Privilege VulnerabilityCVE-2025-33070 is an EoP vulnerability in Windows Netlogon. It was assigned a CVSSv3 score of 8.1 and is rated as critical. An attacker could exploit this vulnerability to gain domain administrator privileges. According to Microsoft, a successful attack requires the attacker to take additional actions in order to prepare a target for exploitation. Despite these requirements, Microsoft has assessed this vulnerability as “Exploitation More Likely” according to Microsoft’s Exploitability Index.CriticalCVE-2025-47162, CVE-2025-47164, CVE-2025-47167 and CVE-2025-47953 | Microsoft Office Remote Code Execution VulnerabilityCVE-2025-47162, CVE-2025-47164, CVE-2025-47167 and CVE-2025-47953 are RCE vulnerabilities affecting Microsoft Office. Each of these critical vulnerabilities were assigned CVSSv3 scores of 8.4 and all except CVE-2025-47953 were assessed as “Exploitation More Likely.” Microsoft notes that Preview Pane is an attack vector for exploitation of these vulnerabilities.In addition, CVE-2025-47173, another RCE in Microsoft Office was patched this month. It received a CVSSv3 score of 7.8, was rated as important and assessed as “Exploitation Unlikely.” Unlike the other Office vulnerabilities, the preview pane is not an attack vector for CVE-2025-47173.CriticalCVE-2025-33071 | Windows KDC Proxy Service (KPSSVC) Remote Code Execution VulnerabilityCVE-2025-33071 is a RCE vulnerability affecting Windows Kerberos Key Distribution Center (KDC) proxy service, an authentication mechanism used for KDC servers over HTTPS. It received a CVSSv3 score of 8.1 and is rated as critical. An unauthenticated attacker could exploit this vulnerability utilizing a crafted application to exploit a cryptographic protocol vulnerability in order to execute arbitrary code. According to the advisory, this only impacts Windows Servers that have been “configured as a [MS-KKDCP]: Kerberos Key Distribution Center (KDC) Proxy Protocol server.” While the advisory does mention that exploitation requires the attacker to win a race condition, this vulnerability was still assessed as “Exploitation More Likely.”ImportantCVE-2025-32713 | Windows Common Log File System Driver Elevation of Privilege VulnerabilityCVE-2025-32713 is an EoP vulnerability in the Windows Common Log File System (CLFS) Driver. It was assigned a CVSSv3 score of 7.8 and is rated as important. CVE-2025-32713 was assessed as “Exploitation More Likely.” Successful exploitation would allow an attacker to elevate their privileges to SYSTEM.Prior to this month's release, Microsoft has patched five other EoP vulnerabilities in the Windows CLFS driver in 2025, three of which were exploited as zero-days. This includes CVE-2025-29824 from the April 2025 Patch Tuesday release and both CVE-2025-32701 and CVE-2025-32706, which were patched in the May 2025 Patch Tuesday release.Tenable SolutionsA list of all the plugins released for Microsoft’s June 2025 Patch Tuesday update can be found here. As always, we recommend patching systems as soon as possible and regularly scanning your environment to identify those systems yet to be patched.For more specific guidance on best practices for vulnerability assessments, please refer to our blog post on How to Perform Efficient Vulnerability Assessments with Tenable.Get more informationMicrosoft's June 2025 Security UpdatesTenable plugins for Microsoft June 2025 Patch Tuesday Security UpdatesJoin Tenable's Research Special Operations (RSO) Team on the Tenable Community.Learn more about Tenable One, the Exposure Management Platform for the modern attack surface.
Analysis Summary
This article summarizes Microsoft's June 2025 Patch Tuesday update, which addresses 65 CVEs. However, the provided text **only gives context about the release grouping** and does not detail any specific technical information, severity, affected products, or remediation steps for CVE-2025-33053 or any other specific vulnerability mentioned.
Based *only* on the provided context, the summary for CVE-2025-33053 is highly limited.
# Vulnerability: Microsoft June 2025 Patch Tuesday Updates Addressed
## CVE Details
- CVE ID: **(Not explicitly detailed in the provided text)**
- CVSS Score: **(Not available in the provided text)**
- CWE: **(Not available in the provided text)**
## Affected Systems
- Products: **Microsoft products (General scope implied by Patch Tuesday)**
- Versions: **(Not available in the provided text)**
- Configurations: **(Not available in the provided text)**
## Vulnerability Description
The provided article confirms the existence of vulnerabilities addressed in Microsoft’s June 2025 Patch Tuesday release (which includes CVE-2025-33053), but offers **no technical details** on the specific vulnerability itself.
## Exploitation
- Status: **(Not available in the provided text)**
- Complexity: **(Not available in the provided text)**
- Attack Vector: **(Not available in the provided text)**
## Impact
- Confidentiality: **(Not available in the provided text)**
- Integrity: **(Not available in the provided text)**
- Availability: **(Not available in the provided text)**
## Remediation
### Patches
- Microsoft has released patches as part of the June 2025 Security Updates. Install the relevant June 2025 security updates.
- Tenable plugins for these updates are available (link provided in references).
### Workarounds
- **(Not available in the provided text)**
## Detection
- **Detection Methods:** Regularly scan the environment to identify unpatched systems.
- Tenable recommends reviewing the specific plugins corresponding to the June 2025 updates for detailed checks.
## References
- Microsoft's June 2025 Security Updates: msrc.microsoft.com/update-guide/en-us/releaseNote/2025-jun
- Tenable plugins for Microsoft June 2025 Patch Tuesday Security Updates: tenable.com/plugins/search?q=%22June+2025%22+AND+script_family%3A%28%22Windows+%3A+Microsoft+Bulletins%22+OR+%22Windows%22%29&sort=&page=1