Security Update News
Update Information
| Title | June Microsoft Patch Tuesday |
|---|---|
| Update ID | AVLEONOV:FB45B035D9EAAC7B614A7140A6FE7A67 |
| Type | avleonov |
| Published | 2025-06-10T21:49:07 |
| Last Updated | 2025-06-10T21:49:07 |
Security Impact
| CVSS Score | 8.8 |
|---|---|
| Severity | HIGH |
| Attack Vector | NETWORK |
Affected CVEs
- CVE-2025-32713
- CVE-2025-33053
- CVE-2025-33070
- CVE-2025-33071
- CVE-2025-33073
- CVE-2025-4664
- CVE-2025-47162
- CVE-2025-47164
- CVE-2025-47167
- CVE-2025-47171
- CVE-2025-47172
- CVE-2025-47181
- CVE-2025-47953
- CVE-2025-5419
Update Details
**June Microsoft Patch Tuesday.** A total of 81 vulnerabilities, roughly the same as in May. Among them, 15 vulnerabilities were added between the May and June MSPT. There are 3 vulnerabilities with signs of exploitation in the wild:
 **RCE** – WEBDAV (CVE-2025-33053). The vulnerability is related to Internet Explorer mode in Microsoft Edge and other applications. Exploited via malicious URL click.
 **SFB** – Chromium (CVE-2025-4664)
 **Memory Corruption** – Chromium (CVE-2025-5419)
There’s a PoC for one of the vulnerabilities on GitHub, but I doubt it actually works:
 **EoP** – Microsoft Edge (CVE-2025-47181)
Other notable ones include:
 **RCE** – Microsoft Office (CVE-2025-47162, CVE-2025-47164, CVE-2025-47167, CVE-2025-47953), KPSSVC (CVE-2025-33071), SharePoint (CVE-2025-47172), Outlook (CVE-2025-47171)
 **EoP** – SMB Client (CVE-2025-33073), CLFS (CVE-2025-32713), Netlogon (CVE-2025-33070)
 Full Vulristics report
ΠΠ° ΡΡΡΡΠΊΠΎΠΌ