Microsoft patchrated 68 vulnerability within the spherical on Tuesday in June. The highest profile of this month is CVE-2025-33053, which had already been exploited; Check Point Research discovered that it was utilized by Stealth Falcon, a bunch of superior risk actors, who had used it to spy on a protection firm in Turkey and different protection organizations within the Middle East.
Webdav Flaw actively exploited for focused espionage
CVE-2025-33053 spreads by a URL or a dangerous file delivered by way of social engineering. Check Point Research found in March and revealed the use by the vulnerability of a beforehand unknown methodology of operating the recordsdata on an online distribution server distributed authoring and versioning). Using Webdav, a deprecated HTTP extension, the attackers carried out a dangerous file by a PDF doc.
“Given the lively exploitation of this vulnerability, that is the replace that ought to be a precedence this month,” mentioned Tyler Regully, related director of Forta’s analysis and improvement of safety, in a single and -mail to Techrepublic. “It is vital to notice that there could also be extra updates to put in on the earlier variations of Windows.”
It is unlikely that this defect impacts organizations outdoors focused teams.
“It is uncommon to listen to a few zero day reported throughout the patch Tuesday as extensively exploited,” mentioned Satnam Narang, senior employees search engineer at Tenable, in an e-mail to Techrepublic. “In basic, we count on a lot of these zero days for use sparingly, with the intention of remaining unnoticed so long as attainable.”
Concept take a look at exploit for the Windows SMB shopper vulnerability present in nature
CVE-2025-33073 is a vulnerability within the Windows Smb shopper, a protocol used for sharing community recordsdata. It has a comparatively excessive CVE rating (8.8) as a result of the “project-project take a look at exploit code” undertaking “for launch an assault with it-has been made public. This vulnerability may permit privilege elevation assaults by a community by improper entry controls in Windows Smb.
“What makes this notably harmful is that no additional interactions for the consumer are wanted after the preliminary connection: one thing that the attackers can typically set off with out the consumer realizes it,” mentioned Alex Vovk, CEO and co-founder of action1, in an e-mail to Techrepublic. “Given the excessive degree of privilege and ease of exploitation, this defect represents a big threat for Windows environments.”
A collection of vulnerabilities of execution of distant code goals at Microsoft Office
Action1 noticed that 4 of the vulnerabilities may permit the execution of the distant code in Microsoft Office. CVE-2025-47167, CVE-2025-47164, CVE-2025-47162 and CVE-2025-47953 will be exploited by opening the annexes of the places of work within the emails, downloading paperwork from the online, visiting compromised web sites or just receiving an e-mail in Outlook.
“Organizations ought to cope with all 4 vulnerabilities with equal urgency as a result of their similar important assessments and CVSS scores,” mentioned Mike Walters, president and co-founder of action1, in an e-mail to Techrepublic.
At the second, there are not any patches for Microsoft 365 for Office towards these vulnerabilities. Microsoft mentioned: “Updates shall be launched as quickly as attainable”.
“With the patches for delayed Microsoft 365, it’s important to use short-term mitigations, reminiscent of disabled the Outlook preview pane and implement the rigorous attachment filtering, to scale back the chance till the official corrections are launched,” mentioned Walters.
