Service Notices
Microsoft Releases June 2025 Security Updates
Jun 13, 2025 GMT+08:00
I. Overview
Huawei Cloud noticed that Microsoft has released its June 2025 Security Updates. A total of 66 security vulnerabilities have been disclosed, among which 10 are marked as important vulnerabilities. Attackers can leverage these vulnerabilities to execute remote code, escalate privileges, and leak information. The affected applications include Microsoft Windows, Microsoft Office, Microsoft Visual Studio and .NET.
For details, visit the Microsoft official website:
https://msrc.microsoft.com/update-guide/releaseNote/2025-Jun
The following vulnerabilities require close scrutiny as their details have been disclosed or they have already been exploited by attackers:
Web Distributed Authoring and Versioning (WEBDAV) Remote Code Execution Vulnerability (CVE-2025-33053): This is a 0-day vulnerability. Remote attackers can trigger the vulnerability by enticing victims to open a crafted link. Successful exploitation of this vulnerability can cause arbitrary code execution on the target system. This vulnerability has been exploited in the wild, and the risk is high.
Windows SMB Client Elevation of Privilege Vulnerability (CVE-2025-33073): To exploit this vulnerability, an attacker could execute a specially crafted malicious script to coerce the victim machine to connect back to the attack system using SMB and authenticate. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. The vulnerability has been disclosed, and the risk is high.
9 vulnerabilities (such as CVE-2025-47167, CVE-2025-47164, and CVE-2025-47162) are marked as Exploitation More Likely. For details, see the official announcement. Please perform security self-check and security hardening in a timely manner to reduce attack risks.
II. Severity
Severity: important
(Severity: low, moderate, important, and critical)
III. Affected Products
Microsoft Windows, Microsoft Office, Visual Studio, and .NET.
IV. Vulnerability Details
CVE ID |
Vulnerability |
Severity |
Vulnerability Description |
CVE-2025-32717 |
Microsoft Word Remote Code Execution Vulnerability |
Important |
An unauthenticated attacker can trigger the vulnerability crafting a RTF file. Successful exploitation of this vulnerability can cause arbitrary code execution in the context of the target host. |
CVE-2025-47167 |
Microsoft Office Remote Code Execution Vulnerability |
Important |
A type confusion error exists within Microsoft Office when it attempts to access resources using incompatible types. This vulnerability enables unauthorized attackers to execute arbitrary code locally. |
CVE-2025-47164 CVE-2025-47953 |
Microsoft Office Remote Code Execution Vulnerability |
Important |
A use-after-free vulnerability exists in Microsoft Office. This vulnerability allows unauthorized attackers to execute code locally. |
CVE-2025-47172 |
Microsoft SharePoint Server Remote Code Execution Vulnerability |
Important |
In a network-based attack, an authenticated attacker, who has a minimum of Site Member permissions (PR:L), could execute code remotely on the SharePoint Server. |
CVE-2025-33070 |
Windows Netlogon Elevation of Privilege Vulnerability |
Important |
An attacker could trigger this vulnerability by sending a specially crafted authentication request to the domain controller. If the vulnerability is successfully exploited, the attacker can obtain domain administrator privileges. |
CVE-2025-33071 |
Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability |
Important |
A use-after-free vulnerability exists in Windows KDC Proxy Service (KPSSVC). This vulnerability allows unauthorized attackers to execute code over the network. |
CVE-2025-47162 |
Microsoft Office Remote Code Execution Vulnerability |
Important |
A heap-based buffer overflow vulnerability exists in Microsoft Office. This vulnerability allows unauthorized attackers to execute code locally. |
CVE-2025-32710 |
Windows Remote Desktop Services Remote Code Execution Vulnerability |
Important |
A race condition can be triggered by an attacker attempting to connect to a system configured with the Remote Desktop Gateway role, leading to a use-after-free vulnerability. Successful exploitation of this vulnerability can result in remote code execution on the target system. |
CVE-2025-29828 |
Windows Schannel Remote Code Execution Vulnerability |
Important |
An attacker can exploit this vulnerability by sending malicious fragmented ClientHello messages to a target server that accepts Transport Layer Security (TLS) connections. Successful exploitation of this vulnerability can cause remote code execution on the target server. |
(Note: Vulnerabilities listed above are important ones. For more information, refer to the official website of Microsoft.)
V. Security Recommendations
1. Use Windows Update or download patches from the following address to fix the vulnerabilities:
https://msrc.microsoft.com/update-guide
2. Back up data remotely to protect your data.
Note: Before fixing vulnerabilities, back up your files and conduct a thorough test.