July 2025’s Patch Tuesday was the busiest for Microsoft since January, with 130 CVEs patched, including multiple high-risk vulnerabilities. Key flaws include remote code execution issues in Windows, Office, and SharePoint, which could be exploited by attackers to gain unauthorized access. #CVE-2025-47981 #HeapBufferOverflow
Keypoints
- Microsoft released a record number of CVE patches in July 2025, totaling 130 vulnerabilities fixed.
- The most critical flaw is a remote code execution vulnerability in Windows 10, CVE-2025-47981, rated 9.8.
- Multiple high-severity vulnerabilities affecting Microsoft Office and SharePoint could allow remote code execution or privilege escalation.
- Additional significant vulnerabilities include flaws in Windows Connected Devices Platform, KDC Proxy Service, and Credential Security Support Provider Protocol.
- Other IT vendors also issued patches on Patch Tuesday, emphasizing the importance of timely updates across systems.
Read More: https://thecyberexpress.com/microsoft-patch-tuesday-july-2025/