Microsoft Fixes 67 Security Flaws With June 2025 Security Update, Including Two Zero-Day Vulnerabilities

Microsoft has fixed a zero-day remote code execution vulnerability that was actively exploited.

Advertisement
Written by David Delima | Updated: 11 June 2025 16:33 IST
Highlights
  • Microsoft has fixed two zero-day security flaws affecting its products
  • One of the flaws was activelty exploited, according to the company
  • Microsoft fixed a second zero-day impacting the Windows SMB client
Microsoft Fixes 67 Security Flaws With June 2025 Security Update, Including Two Zero-Day Vulnerabilities

One of the security flaws patched by Microsoft was actively exploited before it was discovered

Photo Credit: Microsoft

Microsoft has rolled out fixes for several security flaws as part of the June 2025 Patch Tuesday release, including 11 vulnerabilities with a "critical" rating, and 56 others rated as "important". Two of the flaws patched by Microsoft are categorised as zero-day flaws, one of which was actively exploited before the company rolled out a fix. The Redmond company previously fixed multiple security flaws affecting Microsoft Edge, including a zero-day exploit that also affects the Google Chrome browser.

Microsoft Patches Previously Exploited WebDAV Zero-Day Flaw

According to Microsoft's release notes, the June 2025 security updates contain fixes for 67 security flaws impacting various products and services. The firm has fixed 14 flaws that could have led to an escalation of privilege, 26 remote code execution vulnerabilities, and 17 other issues that could have led to information disclosure.

The most notable security flaw detected by Microsoft is the CVE-2025-33053, which impacts an HTTP extension called Web Distributed Authoring and Versioning (WebDAV). Microsoft says that this zero-day security flaw has a CVSS score of 8.8, and that it has been actively exploited, by tricking users into clicking on a malicious URL.

This flaw was detected by Check Point researchers David Driker and Alexandra Gofman, and the cybersecurity firm says a known threat actor known as FruityArmor or Stealth Falcon was using the CVE-2025-33053 vulnerability. The security flaw allowed the hackers to remotely execute code on a target's computer, but making changes to the victim's working directory.

Advertisement

Microsoft has also patched another zero-day security flaw that affects the Windows SMB (Samba) client, and could allow a malicious user to gain elevated (or system) privileges on devices that are connected to the same local network. The issue was caused due to improper access control in the Windows SMB client, according to Microsoft.

Earlier this month, the company rolled out multiple security fixes for the Microsoft Edge browser, which were previously released by the Chromium project. One of these flaws, identified as CVE-2025-5419, is a zero-day security flaw that was exploited before it was patched by Google. Users who are running on the latest stable release (version 137.0.3296.62) should be protected against these security flaws.

 
Post your comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

BigBasket to Launch 10-Minute Food Delivery Across India by March 2026, Executive Says
Advertisement

Related Stories

Lenovo Chromebook Plus With MediaTek Kompanio Ultra 910, Google AI Features and Dolby Atmos Launched
24 June 2025
Why Now Is the Time to Upgrade: The End of Windows 10 and the Start of a Safer, Smarter Future
24 June 2025
Google Earth Gets Upgraded With Historical Street View Imagery, AI-Driven Insights to Arrive Soon
24 June 2025
Xiaomi Mix Flip 2 Design Teased; to Feature Snapdragon 8 Elite SoC, 5,165mAh Battery
24 June 2025
CD Projekt Red Delays Cyberpunk 2077 Update 2.3, Says Patch Will Similar in Scope to Previous One
24 June 2025
Popular on Gadgets
Latest Gadgets
Popular Mobile Brands
#Trending Stories
  1. Poco F7 5G With 7,550mAh Battery Launched in India: See Price
  2. OnePlus Nord 5 Camera Details Revealed Ahead of India Launch
  3. Amazon Prime Day 2025 Sale Dates Announced: Check Upcoming Discounts
  4. JBL Tune Beam 2 Review: Punchy Sound Meets Powerful ANC
  5. Realme GT 8 Pro Said to Get an Anti-Glare 2K Resolution Display
  6. MindsEye Developer Confirms It Has Started Layoff Process
  7. Samsung Galaxy Z Fold 7 and Galaxy Z Flip 7 Prices Leaked Ahead of Launch
  8. Vivo T4 Lite 5G With 6,000mAh Battery Launched in India: See Price
#Latest Stories
  1. Lenovo Chromebook Plus With MediaTek Kompanio Ultra 910, Google AI Features and Dolby Atmos Launched
  2. Google Earth Gets Upgraded With Historical Street View Imagery, AI-Driven Insights to Arrive Soon
  3. Xiaomi Mix Flip 2 Design Teased; to Feature Snapdragon 8 Elite SoC, 5,165mAh Battery
  4. CD Projekt Red Delays Cyberpunk 2077 Update 2.3, Says Patch Will Similar in Scope to Previous One
  5. Oppo Pad SE India Launch Timeline Tipped; Could Launch Alongside Reno 14 Series
  6. UK May Compel Google to Change Search Rankings, Offer Alternatives
  7. Samsung Opens Pre-Reservations for Upcoming Galaxy Z Foldables in India
  8. Asus ROG Strix G16, TUF Gaming F16 Refreshed with Nvidia GeForce RTX 5050 GPUs: Price, Specifications
  9. Poco F7 5G With Snapdragon 8s Gen 4 SoC, 7,550mAh Battery Launched in India: Price, Specifications
  10. Google Expands AI Mode in Search to India, Adds Support for Voice and Image Inputs
Gadgets 360 is available in
Follow Us
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.