Microsoft and Adobe's Security Updates Review for Patch Tuesday, July 2025
In the latest Patch Tuesday update, Microsoft addressed a significant number of security vulnerabilities across various products, including microsoft 365. A total of 140 vulnerabilities were addressed, including 14 critical and 115 important severity vulnerabilities.
Critical Vulnerabilities Addressed
One of the critical vulnerabilities addressed was CVE-2025-49701, a remote code execution (RCE) vulnerability in Microsoft SharePoint. Another critical RCE vulnerability, CVE-2025-49702, was found in Microsoft Office. Additionally, CVE-2025-49717 was an RCE vulnerability in microsoft 365 SQL Server.
Remote Code Execution Vulnerabilities
Several remote code execution vulnerabilities were also addressed in this update. These include CVE-2025-49724 in the Windows Connected Devices Platform Service, CVE-2025-48822 in Windows Hyper-V Discrete Device Assignment (DDA), and CVE-2025-49735 in the Windows KDC Proxy Service (KPSSVC).
Moreover, CVE-2025-49695, CVE-2025-49696, and CVE-2025-49697 were RCE vulnerabilities in Microsoft Office. CVE-2025-49719 was an information disclosure vulnerability in microsoft 365 SQL Server, while CVE-2025-49703 and CVE-2025-49698 were RCE vulnerabilities in Microsoft Word.
Elevation of Privilege Vulnerabilities
Several elevation of privilege vulnerabilities were also addressed. These include CVE-2025-47987, an elevation of privilege vulnerability in the Credential Security Support Provider Protocol (CredSSP), and CVE-2025-49744, an elevation of privilege vulnerability in the Windows Graphics Component.
Another elevation of privilege vulnerability, CVE-2025-48799, was found in the Windows Update Service. Additionally, CVE-2025-48800, CVE-2025-48804, and CVE-2025-48818 are security feature bypass vulnerabilities in BitLocker.
Other Vulnerabilities Addressed
Other vulnerabilities addressed in this update include CVE-2025-49704, an RCE vulnerability in Microsoft SharePoint, and CVE-2025-49718, an information disclosure vulnerability in microsoft 365 SQL Server.
Updates were also provided for vulnerabilities in Windows Kernel, Remote Desktop Client, Windows Visual Basic Scripting, Microsoft Intune, Windows Routing and Remote Access Service (RRAS), Windows Hyper-V, Windows Connected Devices Platform Service, Windows BitLocker, and more.
Adobe Security Updates
Adobe also released 13 security advisories to address 60 vulnerabilities in various Adobe products. A significant number of these vulnerabilities, 38, were given critical severity ratings.
Transient Scheduler Attack Vulnerabilities
Two Transient Scheduler Attack vulnerabilities were also addressed in this update. CVE-2025-36357 and CVE-2024-36350 were found in certain AMD processor models.
Zero-Day Vulnerability Addressed
One zero-day vulnerability that is being publicly disclosed was addressed in this month's Patch Tuesday.
It's important to note that no other organizations were reported to have fixed vulnerabilities as part of this Patch Tuesday.
Staying up-to-date with security updates is crucial for maintaining the security of your systems, including your social security information. Be sure to install these updates as soon as possible to protect your devices from potential threats.
Read also:
- Goodyear in 2025: Advancement in Total Mobility through the Launch of Kmax Gen-3 by Goodyear
- Electric SUV Showdown: Vinfast VF6 or MG Windsor EV - Your Choice Revealed
- United States Secures $632 Million to Fuel Electric Vehicle Revolution
- IM Motors reveals extended-range powertrain akin to installing an internal combustion engine in a Tesla Model Y
