CyberSecurity news
FlagThis
@cyberscoop.com
//
Microsoft has issued its July 2025 Patch Tuesday updates, a crucial monthly release that addresses a significant number of vulnerabilities across its product lines. This release tackles a total of 130 CVEs, with 10 of them classified as critical. Notably, while no vulnerabilities were reported as actively exploited in the wild at the time of the release, one flaw in Microsoft SQL Server (CVE-2025-49719) has been publicly disclosed. This information disclosure vulnerability, rated as important with a CVSS score of 7.5, means that technical details are available, potentially increasing the risk of future exploitation. Organizations should prioritize patching this vulnerability, particularly as it affects SQL Server versions 2016 through 2022 and does not require authentication to exploit, potentially exposing sensitive data like credentials.
Among the critical vulnerabilities addressed, a particularly concerning one is a remote code execution (RCE) flaw in Windows SPNEGO Extended Negotiation (NEGOEX), designated CVE-2025-47981. This vulnerability carries a high CVSS score of 9.8 and is described as a heap-based buffer overflow, allowing an unauthenticated attacker to execute code remotely on a target system with low attack complexity and no user interaction. The nature of this flaw makes it a prime target for attackers seeking initial access or lateral movement within networks. Microsoft has also highlighted critical RCE vulnerabilities in Microsoft Office, with several rated as "more likely" to be exploited, including some that can be triggered via the preview pane without requiring a user to open a document, posing a significant risk to users' security.
The July Patch Tuesday also includes fixes for vulnerabilities in Microsoft SharePoint, with an RCE flaw that requires authenticated access but could allow an attacker to execute code on the server. Additionally, vulnerabilities impacting Windows Hyper-V and other system components have been addressed. With a total of 130 CVEs patched, including numerous critical flaws, it is imperative for all organizations to review and apply these updates promptly to protect their systems and data from potential exploitation. The proactive patching of these vulnerabilities is essential for maintaining a strong security posture against the ever-evolving threat landscape.
ImgSrc: cyberscoop.com
References :
Among the critical vulnerabilities addressed, a particularly concerning one is a remote code execution (RCE) flaw in Windows SPNEGO Extended Negotiation (NEGOEX), designated CVE-2025-47981. This vulnerability carries a high CVSS score of 9.8 and is described as a heap-based buffer overflow, allowing an unauthenticated attacker to execute code remotely on a target system with low attack complexity and no user interaction. The nature of this flaw makes it a prime target for attackers seeking initial access or lateral movement within networks. Microsoft has also highlighted critical RCE vulnerabilities in Microsoft Office, with several rated as "more likely" to be exploited, including some that can be triggered via the preview pane without requiring a user to open a document, posing a significant risk to users' security.
The July Patch Tuesday also includes fixes for vulnerabilities in Microsoft SharePoint, with an RCE flaw that requires authenticated access but could allow an attacker to execute code on the server. Additionally, vulnerabilities impacting Windows Hyper-V and other system components have been addressed. With a total of 130 CVEs patched, including numerous critical flaws, it is imperative for all organizations to review and apply these updates promptly to protect their systems and data from potential exploitation. The proactive patching of these vulnerabilities is essential for maintaining a strong security posture against the ever-evolving threat landscape.
ImgSrc: cyberscoop.com
Share:
References :
- Tenable Blog: Microsoft’s July 2025 Patch Tuesday Addresses 128 CVEs (CVE-2025-49719)
- Cisco Talos Blog: Microsoft Patch Tuesday for July 2025 — Snort rules and prominent vulnerabilities
- isc.sans.edu: Microsoft Patch Tuesday, July 2025, (Tue, Jul 8th)
- cyberscoop.com: Microsoft Patch Tuesday addresses 130 vulnerabilities, none actively exploited
- krebsonsecurity.com: Microsoft Patch Tuesday, July 2025 Edition
- thecyberexpress.com: Microsoft Patch Tuesday July 2025: 130 Vulnerabilities Fixed, 17 High-Risk
- blog.talosintelligence.com: Microsoft Patch Tuesday for July 2025 — Snort rules and prominent vulnerabilities
- Arctic Wolf: Reports on Microsoft's July 2025 security update addressing 130 vulnerabilities.
- The Register - Security: Microsoft enjoys first Patch Tuesday of 2025 with no active exploits
- Action1: Patch Tuesday July 2025
- securityaffairs.com: Microsoft Patch Tuesday security updates for July 2025 fixed a zero-day
- The Hacker News: Microsoft Patches 130 Vulnerabilities, Including Critical Flaws in SPNEGO and SQL Server
- arcticwolf.com: Microsoft Patch Tuesday: July 2025
- Arctic Wolf: Microsoft's July 2025 security update, addressing 130 newly disclosed vulnerabilities.
- arcticwolf.com: Microsoft Patch Tuesday: July 2025
- Sophos News: July Patch Tuesday offers 127 fixes
- SOC Prime Blog: CVE-2025-47981: Critical Heap-Based Buffer Overflow Vulnerability in Windows SPNEGO Extended Negotiation Leads to RCE
- socprime.com: CVE-2025-47981: Critical Heap-Based Buffer Overflow Vulnerability in Windows SPNEGO Extended Negotiation Leads to RCE
- Threats | CyberScoop: Microsoft Patch Tuesday addresses 130 vulnerabilities, none actively exploited
Classification:
- HashTags: #PatchTuesday #Vulnerability #Cybersecurity
- Company: Microsoft
- Target: Windows Users
- Product: Microsoft
- Feature: patch
- Malware: CVE-2025-49719, CVE-2025-47981, CVE-2025-49701, CVE-2025-49704, CVE-2025-49735
- Type: Vulnerability
- Severity: Critical