Microsoft Patch Tuesday, July 2025

    Published: 2025-07-08. Last Updated: 2025-07-08 18:24:33 UTC
    by Johannes Ullrich (Version: 1)
    0 comment(s)

    Today, Microsoft released patches for 130 Microsoft vulnerabilities and 9 additional vulnerabilities not part of Microsoft's portfolio but distributed by Microsoft. 14 of these are rated critical. Only one of the vulnerabilities was disclosed before being patched, and none of the vulnerabilities have so far been exploited.

    Noteworthy Vulnerabilities:

    CVE-2025-49695 and CVE-2025-49696: Both vulnerabilities affect Microsoft Office, are rated critical, and are considered "more likely" to be exploited by Microsoft. These issues do not require user interaction, so the user does not need to open a document. The exploit could be triggered via the preview pane. Macs are affected as well, but a patch is currently only available for Windows.

    CVE-2025-49719: This vulnerability has already been made public. It does allow for information disclosure on a Microsoft SQL Server. To patch, you must patch the OLE DB Driver. 

    CVE-2025-49717: Exploitation is considered less likely for this vulnerability. But if exploited, it would allow code execution via a Microsoft SQL Server. Take this as additional motivation not to expose SQL servers.

    CVE-2025-49704: I consider this vulnerability interesting as it appears to allow command/code injection in SharePoint. However, an attacker has to be authenticated to take advantage of this vulnerability.

    Description
    CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
    AMD: CVE-2024-36350 Transient Scheduler Attack in Store Queue
    CVE-2025-36350 No No - Less Likely Critical 5.6 4.9
    AMD: CVE-2025-36357 Transient Scheduler Attack in L1 Data Queue
    CVE-2025-36357 No No - Less Likely Critical 5.6 4.9
    Azure Monitor Agent Remote Code Execution Vulnerability
    CVE-2025-47988 No No - Less Likely Important 7.5 6.5
    Azure Service Fabric Runtime Elevation of Privilege Vulnerability
    CVE-2025-21195 No No - Less Likely Important 6.0 5.2
    BitLocker Security Feature Bypass Vulnerability
    CVE-2025-48001 No No - More Likely Important 6.8 5.9
    CVE-2025-48003 No No - Less Likely Important 6.8 5.9
    CVE-2025-48800 No No - More Likely Important 6.8 5.9
    CVE-2025-48818 No No - More Likely Important 6.8 5.9
    CVE-2025-48804 No No - More Likely Important 6.8 5.9
    Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability
    CVE-2025-49690 No No - Less Likely Important 7.4 6.4
    Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability
    CVE-2025-47987 No No - More Likely Important 7.8 6.8
    HID Class Driver Elevation of Privilege Vulnerability
    CVE-2025-48816 No No - Unlikely Important 7.8 6.8
    Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
    CVE-2025-49675 No No - Less Likely Important 7.8 6.8
    MITRE: CVE-2025-27613 Gitk Arguments Vulnerability
    CVE-2025-27613 No No - - -    
    MITRE: CVE-2025-27614 Gitk Arbitrary Code Execution Vulnerability
    CVE-2025-27614 No No - - -    
    MITRE: CVE-2025-46334 Git Malicious Shell Vulnerability
    CVE-2025-46334 No No - - -    
    MITRE: CVE-2025-46835 Git File Overwrite Vulnerability
    CVE-2025-46835 No No - - -    
    MITRE: CVE-2025-48384 Git Symlink Vulnerability
    CVE-2025-48384 No No - - -    
    MITRE: CVE-2025-48385 Git Protocol Injection Vulnerability
    CVE-2025-48385 No No - - -    
    MITRE: CVE-2025-48386 Git Credential Helper Vulnerability
    CVE-2025-48386 No No - - -    
    Microsoft Brokering File System Elevation of Privilege Vulnerability
    CVE-2025-49677 No No - Less Likely Important 7.0 6.1
    CVE-2025-49694 No No - Less Likely Important 7.8 6.8
    CVE-2025-49693 No No - Less Likely Important 7.8 6.8
    Microsoft Configuration Manager Remote Code Execution Vulnerability
    CVE-2025-47178 No No - Unlikely Important 8.0 7.0
    Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
    CVE-2025-49741 No No Less Likely Less Likely Important 7.4 6.4
    Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
    CVE-2025-49713 No No - Unlikely Important 8.8 7.7
    Microsoft Excel Information Disclosure Vulnerability
    CVE-2025-48812 No No - Unlikely Important 5.5 4.8
    Microsoft Excel Remote Code Execution Vulnerability
    CVE-2025-49711 No No - Less Likely Important 7.8 6.8
    Microsoft MPEG-2 Video Extension Remote Code Execution Vulnerability
    CVE-2025-48805 No No - Less Likely Important 7.8 6.8
    CVE-2025-48806 No No - Less Likely Important 7.8 6.8
    Microsoft Office Elevation of Privilege Vulnerability
    CVE-2025-47994 No No - Less Likely Important 7.8 6.8
    Microsoft Office Remote Code Execution Vulnerability
    CVE-2025-49695 No No - More Likely Critical 8.4 7.3
    CVE-2025-49696 No No - More Likely Critical 8.4 7.3
    CVE-2025-49697 No No - Less Likely Critical 8.4 7.3
    CVE-2025-49699 No No - Less Likely Important 7.0 6.1
    CVE-2025-49702 No No - Less Likely Critical 7.8 6.8
    Microsoft PC Manager Elevation of Privilege Vulnerability
    CVE-2025-47993 No No - Less Likely Important 7.8 6.8
    CVE-2025-49738 No No - Less Likely Important 7.8 6.8
    Microsoft PowerPoint Remote Code Execution Vulnerability
    CVE-2025-49705 No No - Less Likely Important 7.8 6.8
    Microsoft SQL Server Information Disclosure Vulnerability
    CVE-2025-49719 Yes No - Less Likely Important 7.5 6.5
    CVE-2025-49718 No No - More Likely Important 7.5 6.5
    Microsoft SQL Server Remote Code Execution Vulnerability
    CVE-2025-49717 No No - Unlikely Critical 8.5 7.4
    Microsoft SharePoint Remote Code Execution Vulnerability
    CVE-2025-49701 No No - More Likely Important 8.8 7.7
    CVE-2025-49704 No No - More Likely Critical 8.8 7.7
    Microsoft SharePoint Server Spoofing Vulnerability
    CVE-2025-49706 No No - Less Likely Important 6.3 5.5
    Microsoft Teams Elevation of Privilege Vulnerability
    CVE-2025-49731 No No - Less Likely Important 3.1 2.7
    CVE-2025-49737 No No - Less Likely Important 7.0 6.1
    Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability
    CVE-2025-47971 No No - Less Likely Important 7.8 6.8
    CVE-2025-49689 No No - Less Likely Important 7.8 6.8
    CVE-2025-47973 No No - Unlikely Important 7.8 6.8
    Microsoft Virtual Hard Disk Remote Code Execution Vulnerability
    CVE-2025-49683 No No - Unlikely Important 7.8 6.8
    Microsoft Windows QoS Scheduler Driver Elevation of Privilege Vulnerability
    CVE-2025-49730 No No - Less Likely Important 7.8 6.8
    Microsoft Word Remote Code Execution Vulnerability
    CVE-2025-49700 No No - Unlikely Important 7.8 6.8
    CVE-2025-49703 No No - Less Likely Critical 7.8 6.8
    CVE-2025-49698 No No - Less Likely Critical 7.8 6.8
    NTFS Elevation of Privilege Vulnerability
    CVE-2025-49678 No No - Unlikely Important 7.0 6.1
    Office Developer Platform Security Feature Bypass Vulnerability
    CVE-2025-49756 No No - Less Likely Important 3.3 2.9
    Remote Desktop Client Remote Code Execution Vulnerability
    CVE-2025-48817 No No - Less Likely Important 8.8 7.7
    Remote Desktop Licensing Service Security Feature Bypass Vulnerability
    CVE-2025-48814 No No - Less Likely Important 7.5 6.5
    Remote Desktop Spoofing Vulnerability
    CVE-2025-33054 No No - Less Likely Important 8.1 7.1
    SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability
    CVE-2025-47981 No No - More Likely Critical 9.8 8.5
    Universal Print Management Service Elevation of Privilege Vulnerability
    CVE-2025-47986 No No - Unlikely Important 8.8 7.7
    Visual Studio Code Python Extension Remote Code Execution Vulnerability
    CVE-2025-49714 No No - Less Likely Important 7.8 6.8
    Visual Studio Elevation of Privilege Vulnerability
    CVE-2025-49739 No No - Less Likely Important 8.8 7.7
    Win32k Elevation of Privilege Vulnerability
    CVE-2025-49727 No No - More Likely Important 7.0 6.1
    CVE-2025-49733 No No - Less Likely Important 7.8 6.8
    Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
    CVE-2025-49661 No No - Less Likely Important 7.8 6.8
    Windows AppX Deployment Service Elevation of Privilege Vulnerability
    CVE-2025-48820 No No - Less Likely Important 7.8 6.8
    Windows Connected Devices Platform Service Elevation of Privilege Vulnerability
    CVE-2025-48000 No No - Less Likely Important 7.8 6.8
    Windows Connected Devices Platform Service Remote Code Execution Vulnerability
    CVE-2025-49724 No No - More Likely Important 8.8 7.7
    Windows Cryptographic Services Information Disclosure Vulnerability
    CVE-2025-48823 No No - Less Likely Important 5.9 5.2
    Windows Event Tracing Elevation of Privilege Vulnerability
    CVE-2025-47985 No No - Less Likely Important 7.8 6.8
    CVE-2025-49660 No No - Less Likely Important 7.8 6.8
    Windows Fast FAT File System Driver Elevation of Privilege Vulnerability
    CVE-2025-49721 No No - Less Likely Important 7.8 6.8
    Windows GDI Information Disclosure Vulnerability
    CVE-2025-47984 No No - Less Likely Important 7.5 6.5
    Windows Graphics Component Elevation of Privilege Vulnerability
    CVE-2025-49732 No No - Less Likely Important 7.8 6.8
    CVE-2025-49744 No No - More Likely Important 7.0 6.1
    Windows Graphics Component Remote Code Execution Vulnerability
    CVE-2025-49742 No No - Less Likely Important 7.8 6.8
    Windows Hyper-V Denial of Service Vulnerability
    CVE-2025-47999 No No - Less Likely Important 6.8 5.9
    Windows Hyper-V Discrete Device Assignment (DDA) Remote Code Execution Vulnerability
    CVE-2025-48822 No No - Less Likely Critical 8.6 7.5
    Windows Hyper-V Information Disclosure Vulnerability
    CVE-2025-48002 No No - Less Likely Important 5.7 5.0
    Windows Imaging Component Information Disclosure Vulnerability
    CVE-2025-47980 No No - Less Likely Critical 6.2 5.4
    Windows Input Method Editor (IME) Elevation of Privilege Vulnerability
    CVE-2025-47972 No No - Unlikely Important 8.0 7.0
    CVE-2025-49687 No No - Less Likely Important 8.8 7.7
    CVE-2025-47991 No No - Unlikely Important 7.8 6.8
    Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability
    CVE-2025-49735 No No - More Likely Critical 8.1 7.1
    Windows Kerberos Denial of Service Vulnerability
    CVE-2025-47978 No No - More Likely Important 6.5 5.7
    Windows Kernel Information Disclosure Vulnerability
    CVE-2025-26636 No No - Less Likely Important 5.5 4.8
    CVE-2025-48808 No No - Unlikely Important 5.5 4.8
    Windows MBT Transport Driver Elevation of Privilege Vulnerability
    CVE-2025-47996 No No - Unlikely Important 7.8 6.8
    Windows Media Elevation of Privilege Vulnerability
    CVE-2025-49682 No No - Less Likely Important 7.3 6.4
    Windows Miracast Wireless Display Remote Code Execution Vulnerability
    CVE-2025-49691 No No - Less Likely Important 8.0 7.0
    Windows Netlogon Denial of Service Vulnerability
    CVE-2025-49716 No No - Unlikely Important 5.9 5.2
    Windows Notification Elevation of Privilege Vulnerability
    CVE-2025-49726 No No - Less Likely Important 7.8 6.8
    CVE-2025-49725 No No - Less Likely Important 7.8 6.8
    Windows Performance Recorder (WPR) Denial of Service Vulnerability
    CVE-2025-49680 No No - Less Likely Important 7.3 6.4
    Windows Print Spooler Denial of Service Vulnerability
    CVE-2025-49722 No No - Less Likely Important 5.7 5.0
    Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
    CVE-2025-49671 No No - Unlikely Important 6.5 5.7
    CVE-2025-49681 No No - Unlikely Important 6.5 5.7
    Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
    CVE-2025-48824 No No - Unlikely Important 8.8 7.7
    CVE-2025-49657 No No - Unlikely Important 8.8 7.7
    CVE-2025-49670 No No - Unlikely Important 8.8 7.7
    CVE-2025-49672 No No - Unlikely Important 8.8 7.7
    CVE-2025-49674 No No - Unlikely Important 8.8 7.7
    CVE-2025-49676 No No - Unlikely Important 8.8 7.7
    CVE-2025-49688 No No - Unlikely Important 8.8 7.7
    CVE-2025-49753 No No - Unlikely Important 8.8 7.7
    CVE-2025-47998 No No - Unlikely Important 8.8 7.7
    CVE-2025-49663 No No - Unlikely Important 8.8 7.7
    CVE-2025-49668 No No - Unlikely Important 8.8 7.7
    CVE-2025-49669 No No - Unlikely Important 8.8 7.7
    CVE-2025-49673 No No - Unlikely Important 8.8 7.7
    CVE-2025-49729 No No - Unlikely Important 8.8 7.7
    Windows SMB Server Spoofing Vulnerability
    CVE-2025-48802 No No - Less Likely Important 6.5 5.7
    Windows Search Service Elevation of Privilege Vulnerability
    CVE-2025-49685 No No - Less Likely Important 7.0 6.1
    Windows Secure Kernel Mode Information Disclosure Vulnerability
    CVE-2025-48809 No No - Less Likely Important 5.5 4.8
    CVE-2025-48810 No No - Less Likely Important 5.5 4.8
    Windows Server Setup and Boot Event Collection Remote Code Execution Vulnerability
    CVE-2025-49666 No No - Unlikely Important 7.2 6.3
    Windows Shell Elevation of Privilege Vulnerability
    CVE-2025-49679 No No - Less Likely Important 7.8 6.8
    Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability
    CVE-2025-47976 No No - Less Likely Important 7.8 6.8
    CVE-2025-47975 No No - Less Likely Important 7.0 6.1
    CVE-2025-48815 No No - Less Likely Important 7.8 6.8
    Windows SmartScreen Security Feature Bypass Vulnerability
    CVE-2025-49740 No No - Less Likely Important 8.8 7.7
    Windows StateRepository API Server file Tampering Vulnerability
    CVE-2025-49723 No No - Less Likely Important 8.8 7.7
    Windows Storage Port Driver Information Disclosure Vulnerability
    CVE-2025-49684 No No - Less Likely Important 5.5 4.8
    Windows Storage Spoofing Vulnerability
    CVE-2025-49760 No No - Less Likely Moderate 3.5 3.1
    Windows Storage VSP Driver Elevation of Privilege Vulnerability
    CVE-2025-47982 No No - Less Likely Important 7.8 6.8
    Windows TCP/IP Driver Elevation of Privilege Vulnerability
    CVE-2025-49686 No No - Less Likely Important 7.8 6.8
    Windows Transport Driver Interface (TDI) Translation Driver Elevation of Privilege Vulnerability
    CVE-2025-49659 No No - Less Likely Important 7.8 6.8
    Windows Transport Driver Interface (TDI) Translation Driver Information Disclosure Vulnerability
    CVE-2025-49658 No No - Less Likely Important 5.5 4.8
    Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability
    CVE-2025-48819 No No - Less Likely Important 7.1 6.2
    CVE-2025-48821 No No - Less Likely Important 7.1 6.2
    Windows Update Service Elevation of Privilege Vulnerability
    CVE-2025-48799 No No - More Likely Important 7.8 6.8
    Windows User-Mode Driver Framework Host Information Disclosure Vulnerability
    CVE-2025-49664 No No - Less Likely Important 5.5 4.8
    Windows Virtualization-Based Security (VBS) Elevation of Privilege Vulnerability
    CVE-2025-47159 No No - Less Likely Important 7.8 6.8
    CVE-2025-48803 No No - Less Likely Important 6.7 5.8
    Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
    CVE-2025-48811 No No - Less Likely Important 6.7 5.8
    Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
    CVE-2025-49667 No No - Less Likely Important 7.8 6.8
    Workspace Broker Elevation of Privilege Vulnerability
    CVE-2025-49665 No No - Less Likely Important 7.8 6.8

     

    ---
    Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu
    Twitter|

    Keywords: microsoft patches
    0 comment(s)
    ISC Stormcast For Tuesday, July 8th, 2025 https://isc.sans.edu/podcastdetail/9516

      Comments

      Login here to join the discussion.


      Diary Archives