Microsoft's June 2025 Patch Tuesday addressed 66 vulnerabilities, including two zero-day flaws. One actively exploited flaw, CVE-2025-33053, allowed remote code execution in Web Distributed Authoring and Versioning (WEBDAV). Another publicly disclosed flaw, CVE-2025-33073, enabled elevation of privileges in Windows SMB. These vulnerabilities could have significant implications if exploited, potentially leading to data breaches, system compromises, and financial losses.
TPRM report: https://scoringcyber.rankiteo.com/company/microsoft
"id": "mic902061025",
"linkid": "microsoft",
"type": "Vulnerability",
"date": "6/2025",
"severity": "100",
"impact": "",
"explanation": "Attack threatening the organization’s existence"{'affected_entities': [{'industry': 'Technology',
'location': 'Global',
'name': 'Microsoft',
'size': 'Large',
'type': 'Corporation'}],
'attack_vector': ['Remote Code Execution',
'Elevation of Privilege',
'Security Feature Bypass',
'Information Disclosure',
'Denial of Service',
'Spoofing'],
'date_publicly_disclosed': 'June 2025',
'description': "Microsoft's June 2025 Patch Tuesday includes security updates "
'for 66 flaws, including one actively exploited vulnerability '
'and another that was publicly disclosed.',
'references': [{'source': 'BleepingComputer'},
{'source': 'Check Point Research'},
{'source': 'DFN-CERT'},
{'source': 'RedTeam Pentesting'},
{'source': 'CrowdStrike'},
{'source': 'Synacktiv'},
{'source': 'SySS GmbH'},
{'source': 'Google Project Zero'}],
'title': 'Microsoft June 2025 Patch Tuesday',
'type': 'Vulnerability Patch',
'vulnerability_exploited': ['CVE-2025-33053', 'CVE-2025-33073']}