OnlyFm252
Patch Tuesday Archive

Patch Tuesday June 2025

Total CVEs

72

Critical

13

Important

56

Exploited

1

Publicly Disclosed

1

All CVEs this month 72

CVE Title Severity CVSS Product Exploited Disclosed
CVE-2025-29828 Windows Schannel Remote Code Execution Vulnerability Critical 8.1 Windows Cryptographic Services - -
CVE-2025-32710 Windows Remote Desktop Services Remote Code Execution Vulnerability Critical 8.1 Windows Remote Desktop Services - -
CVE-2025-32711 M365 Copilot Information Disclosure Vulnerability Critical 9.3 M365 Copilot - -
CVE-2025-32717 Microsoft Word Remote Code Execution Vulnerability Critical 8.4 Microsoft Office Word - -
CVE-2025-33070 Windows Netlogon Elevation of Privilege Vulnerability Critical 8.1 Windows Netlogon - -
CVE-2025-33071 Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability Critical 8.1 Windows KDC Proxy Service (KPSSVC) - -
CVE-2025-47162 Microsoft Office Remote Code Execution Vulnerability Critical 8.4 Microsoft Office - -
CVE-2025-47164 Microsoft Office Remote Code Execution Vulnerability Critical 8.4 Microsoft Office - -
CVE-2025-47167 Microsoft Office Remote Code Execution Vulnerability Critical 8.4 Microsoft Office - -
CVE-2025-47172 Microsoft SharePoint Server Remote Code Execution Vulnerability Critical 8.8 Microsoft Office SharePoint - -
CVE-2025-47953 Microsoft Office Remote Code Execution Vulnerability Critical 8.4 Microsoft Office - -
CVE-2025-47966 Power Automate Elevation of Privilege Vulnerability Critical 9.8 Power Automate - -
CVE-2025-49715 Dynamics 365 FastTrack Implementation Assets Information Disclosure Vulnerability Critical 7.5 Dynamics 365 FastTrack Implementation Assets - -
CVE-2025-24065 Windows Storage Management Provider Information Disclosure Vulnerability Important 5.5 Windows Storage Management Provider - -
CVE-2025-24068 Windows Storage Management Provider Information Disclosure Vulnerability Important 5.5 Windows Storage Management Provider - -
CVE-2025-24069 Windows Storage Management Provider Information Disclosure Vulnerability Important 5.5 Windows Storage Management Provider - -
CVE-2025-30399 .NET and Visual Studio Remote Code Execution Vulnerability Important 7.5 .NET and Visual Studio - -
CVE-2025-32712 Win32k Elevation of Privilege Vulnerability Important 7.8 Windows Win32K - GRFX - -
CVE-2025-32713 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important 7.8 Windows Common Log File System Driver - -
CVE-2025-32714 Windows Installer Elevation of Privilege Vulnerability Important 7.8 Windows Installer - -
CVE-2025-32715 Remote Desktop Protocol Client Information Disclosure Vulnerability Important 6.5 Remote Desktop Client - -
CVE-2025-32716 Windows Media Elevation of Privilege Vulnerability Important 7.8 Windows Media - -
CVE-2025-32718 Windows SMB Client Elevation of Privilege Vulnerability Important 7.8 Windows SMB - -
CVE-2025-32719 Windows Storage Management Provider Information Disclosure Vulnerability Important 5.5 Windows Storage Management Provider - -
CVE-2025-32720 Windows Storage Management Provider Information Disclosure Vulnerability Important 5.5 Windows Storage Management Provider - -
CVE-2025-32721 Windows Recovery Driver Elevation of Privilege Vulnerability Important 7.3 Windows Recovery Driver - -
CVE-2025-32722 Windows Storage Port Driver Information Disclosure Vulnerability Important 5.5 Windows Storage Port Driver - -
CVE-2025-32724 Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability Important 7.5 Windows Local Security Authority Subsystem Service (LSASS) - -
CVE-2025-32725 DHCP Server Service Denial of Service Vulnerability Important 7.5 Windows DHCP Server - -
CVE-2025-33050 DHCP Server Service Denial of Service Vulnerability Important 7.5 Windows DHCP Server - -
CVE-2025-33052 Windows DWM Core Library Information Disclosure Vulnerability Important 5.5 Windows DWM Core Library - -
CVE-2025-33053 Internet Shortcut Files Remote Code Execution Vulnerability Important 8.8 Internet Shortcut Files Yes -
CVE-2025-33055 Windows Storage Management Provider Information Disclosure Vulnerability Important 5.5 Windows Storage Management Provider - -
CVE-2025-33056 Windows Local Security Authority (LSA) Denial of Service Vulnerability Important 7.5 Microsoft Local Security Authority Server (lsasrv) - -
CVE-2025-33057 Windows Local Security Authority (LSA) Denial of Service Vulnerability Important 6.5 Windows Local Security Authority (LSA) - -
CVE-2025-33058 Windows Storage Management Provider Information Disclosure Vulnerability Important 5.5 Windows Storage Management Provider - -
CVE-2025-33059 Windows Storage Management Provider Information Disclosure Vulnerability Important 5.5 Windows Storage Management Provider - -
CVE-2025-33060 Windows Storage Management Provider Information Disclosure Vulnerability Important 5.5 Windows Storage Management Provider - -
CVE-2025-33061 Windows Storage Management Provider Information Disclosure Vulnerability Important 5.5 Windows Storage Management Provider - -
CVE-2025-33062 Windows Storage Management Provider Information Disclosure Vulnerability Important 5.5 Windows Storage Management Provider - -
CVE-2025-33063 Windows Storage Management Provider Information Disclosure Vulnerability Important 5.5 Windows Storage Management Provider - -
CVE-2025-33064 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Important 8.8 Windows Routing and Remote Access Service (RRAS) - -
CVE-2025-33065 Windows Storage Management Provider Information Disclosure Vulnerability Important 5.5 Windows Storage Management Provider - -
CVE-2025-33066 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Important 8.8 Windows Routing and Remote Access Service (RRAS) - -
CVE-2025-33067 Windows Task Scheduler Elevation of Privilege Vulnerability Important 8.4 Windows Kernel - -
CVE-2025-33068 Windows Standards-Based Storage Management Service Denial of Service Vulnerability Important 7.5 Windows Standards-Based Storage Management Service - -
CVE-2025-33069 Windows App Control for Business Security Feature Bypass Vulnerability Important 5.1 App Control for Business (WDAC) - -
CVE-2025-33073 Windows SMB Client Elevation of Privilege Vulnerability Important 8.8 Windows SMB - Yes
CVE-2025-33075 Windows Installer Elevation of Privilege Vulnerability Important 7.8 Windows Installer - -
CVE-2025-47160 Windows Shortcut Files Security Feature Bypass Vulnerability Important 5.4 Windows Shell - -
CVE-2025-47163 Microsoft SharePoint Server Remote Code Execution Vulnerability Important 8.8 Microsoft Office SharePoint - -
CVE-2025-47165 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 Microsoft Office Excel - -
CVE-2025-47166 Microsoft SharePoint Server Remote Code Execution Vulnerability Important 8.8 Microsoft Office SharePoint - -
CVE-2025-47168 Microsoft Word Remote Code Execution Vulnerability Important 7.8 Microsoft Office Word - -
CVE-2025-47169 Microsoft Word Remote Code Execution Vulnerability Important 7.8 Microsoft Office Word - -
CVE-2025-47170 Microsoft Word Remote Code Execution Vulnerability Important 7.8 Microsoft Office Word - -
CVE-2025-47171 Microsoft Outlook Remote Code Execution Vulnerability Important 6.7 Microsoft Office Outlook - -
CVE-2025-47173 Microsoft Office Remote Code Execution Vulnerability Important 7.8 Microsoft Office - -
CVE-2025-47174 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 Microsoft Office Excel - -
CVE-2025-47175 Microsoft PowerPoint Remote Code Execution Vulnerability Important 7.8 Microsoft Office PowerPoint - -
CVE-2025-47176 Microsoft Outlook Remote Code Execution Vulnerability Important 7.8 Microsoft Office Outlook - -
CVE-2025-47955 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability Important 7.8 Windows Remote Access Connection Manager - -
CVE-2025-47956 Windows Security App Spoofing Vulnerability Important 5.5 Windows Security App - -
CVE-2025-47957 Microsoft Word Remote Code Execution Vulnerability Important 8.4 Microsoft Office Word - -
CVE-2025-47959 Visual Studio Remote Code Execution Vulnerability Important 7.1 Visual Studio - -
CVE-2025-47962 Windows SDK Elevation of Privilege Vulnerability Important 7.8 Windows SDK - -
CVE-2025-47968 Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability Important 7.8 Microsoft AutoUpdate (MAU) - -
CVE-2025-47969 Windows Virtualization-Based Security (VBS) Information Disclosure Vulnerability Important 4.4 Windows Hello - -
CVE-2025-47977 Nuance Digital Engagement Platform Spoofing Vulnerability Important 8.2 Nuance Digital Engagement Platform - -
CVE-2025-47182 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Moderate 5.6 Microsoft Edge (Chromium-based) - -
CVE-2025-47963 Microsoft Edge (Chromium-based) Spoofing Vulnerability Low 6.3 Microsoft Edge (Chromium-based) - -
CVE-2025-47964 Microsoft Edge (Chromium-based) Spoofing Vulnerability Low 5.4 Microsoft Edge (Chromium-based) - -

    Threat Categories 6

    Threat Category CVEs Critical
    Remote Code Execution 26 9
    Information Disclosure 19 2
    Elevation of Privilege 14 2
    Denial of Service 6 -
    Spoofing 4 -
    Security Feature Bypass 3 -

    Affected Products 42

    Product CVEs Exploited
    Windows Storage Management Provider 13 -
    Microsoft Office Word 5 -
    Microsoft Office 5 -
    Microsoft Office SharePoint 3 -
    Microsoft Edge (Chromium-based) 3 -
    Windows Installer 2 -
    Windows SMB 2 -
    Windows DHCP Server 2 -
    Windows Routing and Remote Access Service (RRAS) 2 -
    Microsoft Office Excel 2 -
    Microsoft Office Outlook 2 -
    Windows Cryptographic Services 1 -
    Windows Remote Desktop Services 1 -
    M365 Copilot 1 -
    Windows Netlogon 1 -
    Windows KDC Proxy Service (KPSSVC) 1 -
    Power Automate 1 -
    Dynamics 365 FastTrack Implementation Assets 1 -
    .NET and Visual Studio 1 -
    Windows Win32K - GRFX 1 -
    Windows Common Log File System Driver 1 -
    Remote Desktop Client 1 -
    Windows Media 1 -
    Windows Recovery Driver 1 -
    Windows Storage Port Driver 1 -
    Windows Local Security Authority Subsystem Service (LSASS) 1 -
    Windows DWM Core Library 1 -
    Internet Shortcut Files 1 1
    Microsoft Local Security Authority Server (lsasrv) 1 -
    Windows Local Security Authority (LSA) 1 -
    Windows Kernel 1 -
    Windows Standards-Based Storage Management Service 1 -
    App Control for Business (WDAC) 1 -
    Windows Shell 1 -
    Microsoft Office PowerPoint 1 -
    Windows Remote Access Connection Manager 1 -
    Windows Security App 1 -
    Visual Studio 1 -
    Windows SDK 1 -
    Microsoft AutoUpdate (MAU) 1 -
    Windows Hello 1 -
    Nuance Digital Engagement Platform 1 -