Microsoft's July 2025 Patch Tuesday has introduced a comprehensive suite of security updates, addressing 132 vulnerabilities across various products, with 14 classified as critical. Notably, none of these vulnerabilities have been reported as actively exploited in the wild.
Key Vulnerabilities Addressed:
- Windows KDC Proxy Service (KPSSVC) Remote Code Execution (CVE-2025-49735): This critical vulnerability, with a CVSS score of 8.1, allows unauthenticated attackers to execute arbitrary code by exploiting a cryptographic protocol flaw in the KPSSVC. It specifically affects Windows servers configured as Kerberos Key Distribution Center Proxy Protocol servers, excluding domain controllers. Microsoft assesses the attack complexity as high but considers exploitation more likely. (blog.talosintelligence.com)
- Microsoft SharePoint Server Remote Code Execution (CVE-2025-49704): With a CVSS score of 7.7, this vulnerability arises from improper control of code generation in SharePoint Server. An authenticated attacker with at least Site Member permissions can exploit this flaw to execute arbitrary code remotely. The attack complexity is low, and exploitation is deemed more likely. (blog.talosintelligence.com)
- Microsoft Office and Word Remote Code Execution (CVE-2025-49695, CVE-2025-49696, CVE-2025-49697, CVE-2025-49698, CVE-2025-49702, CVE-2025-49703): These critical vulnerabilities, primarily "use after free" and out-of-bounds read issues, affect Microsoft Office and Word. They can be exploited by attackers to execute arbitrary code. Microsoft notes that these vulnerabilities impact Windows client machines running Windows 10 version 1607 and above, due to specific Group Policy settings. The attack complexity is low, with exploitation considered more likely. (blog.talosintelligence.com)
- Microsoft SQL Server Remote Code Execution (CVE-2025-49717): This vulnerability, with a CVSS score of 8.5, involves a heap-based buffer overflow that could allow unauthorized attackers to execute code over a network. However, Microsoft assesses exploitation as unlikely. (blog.talosintelligence.com)
- Windows Imaging Component Information Disclosure (CVE-2025-47980): This critical vulnerability could enable attackers to read small portions of heap memory. The attack complexity is low, but exploitation is considered less likely. (blog.talosintelligence.com)
- Microsoft SharePoint Remote Code Execution (CVE-2025-49701): Classified as important, this vulnerability is assessed as more likely to be exploited. (blog.talosintelligence.com)
- Windows Connected Devices Platform Service Remote Code Execution (CVE-2025-49724): Also rated as important, with a higher likelihood of exploitation. (blog.talosintelligence.com)
Given the breadth and severity of these vulnerabilities, it is imperative for organizations and individual users to promptly apply the July 2025 security updates. Ensuring that all systems are updated will mitigate potential risks associated with these vulnerabilities.
For a comprehensive list of all addressed vulnerabilities and detailed information, refer to Microsoft's official update page. (blog.talosintelligence.com)
Staying vigilant and maintaining up-to-date systems are crucial steps in safeguarding against potential security threats.
Source: BornCity Microsoft Security Update Summary (July 8, 2025) | Born's Tech and Windows World