Skip to content

Microsoft patches 66 flaws for Patch Tuesday, 2 under active exploitation

  • by
  • 3 min read

Microsoft has patched 66 flaws in its latest Patch Tuesday update. The update fixes ten critical flaws, including two that are under active exploitation, and one that was a zero-day until 1000 Pacific Time, June 10, 2025.

Redmond has gone out of its way to patch CVE-2025-33053 in out-of-support software like Windows Server 2008 and several underlying components in the now obsolete Internet Explorer. The flaw itself has been exploited since at least March 2025 by Stealth Falcon, a hacking group known for exploiting zero-days across the Middle East.

CVE-2025-33053 is rated 8.8 on the CVSS scale and affects the Web Distributed Authoring and Versioning (WebDAV) remote file sharing extension. It only requires one click — a malicious link sent by the hacker to run code remotely on the targeted machine. The flaw was found by Check Point researchers during its use against a Turkish defense company to insert malware and enable a keylogger.

This is an image of cyber security hacked breach

The second actively exploited flaw is CVE-2025-5419, which affects the Chromium V8 JavaScript engine. Google patched the issue recently, and Microsoft is now adding it to its fixes to patch Edge, which uses the Chromium engine.

Another dangerous flaw is CVE-2025-33073, a privilege escalation bug in the Windows SMB client. Although there’s no evidence of the bug being exploited yet, it has been publicly disclosed with proof-of-concept code. It’s rated 8.8 on the CVSS scale and if exploited, lets an attacker gain admin privileges on the targeted system.

The remaining critical flaws are as follows:

  • CVE-2025-29828: Memory leak bug in Windows S channel.
  • CVE-2025-320710: Allows unauthorised access to the target machine. Affects Windows Remote Desktop Gateway.
  • CVE-2025-33071: Privilege escalation flaw in Windows Netlogon.
  • CVE-2025-33071: Cryptographic protocol vulnerability affecting the Windows KDC Proxy Service.
  • CVE-2025-47162: Heap-based buffer overflow bug in Office allowing remote code execution.
  • CVE-2025-47164: Use-after-free vulnerability in Office that allows malicious code execution with local access.
  • CVE-2025-47167: Type confusion bug in Office allowing local code execution.
  • CVE-2025-47953: Use-after-free vulnerability in Office that allows malicious code execution with local access.
  • CVE-2025-47172: Allows an authenticated network attacker to run malicious code remotely. Affects SharePoint.
  • CVE-2025-47966: High risk potential privilege escalation flaw with a CVSS score of 9.8. Affects Microsoft Power Automate.

Microsoft’s advisory documents the other patches; however, the aforementioned bugs are the most important ones to patch. These updates cover Office and the Storage Management Provide module.

In the News: Scammers are using AI to collect fake college financial aid checks

Yadullah Abidi

Yadullah Abidi

Yadullah is a Computer Science graduate who writes/edits/shoots/codes all things cybersecurity, gaming, and tech hardware. When he's not, he streams himself racing virtual cars. He's been writing and reporting on tech and cybersecurity with websites like Candid.Technology and MakeUseOf since 2018. You can contact him here: yadullahabidi@pm.me.

Related Reads

This is an image of ransomware 32988sd

Retail giant breach affects 2.2 million customers

This is an image of aeroplane airplane

Alaska Airlines subsidiary hit by cyber attack

This is an image of dark web hacker security

French police nab 4 for alleged involvement in underground hacking forum

Illustration: jmiks | shutterstock

Ransomware attack on health facility leads to patient’s death

This is an image of hacked security privacy

Hackers are stealing VPN logins with fake versions of SonicWall’s VPN

This is an image of brother printer featured 811

Millions of Brother printers found vulnerable to hacks

>