Microsoft just released its Patch Tuesday update for June, which addresses 66 security vulnerabilities across Windows and Microsoft systems. Two of the flaws are zero-days—one actively exploited, one publicly disclosed—along with 10 bugs that are rated as critical.
As Bleeping Computer outlines , this month’s patch fixes 13 elevation-of-privilege flaws, three security-feature-bypass flaws, 25 remote-code-execution flaws, 17 information-disclosure flaws, six denial-of-service flaws, and two spoofing flaws. Eight of the remote-code-execution vulnerabilities are labeled “critical” along with two elevation-of-privilege flaws.
Zero-day flaws patched in June 2025
June’s Patch Tuesday fixes two zero-days, which are security vulnerabilities that are either actively exploited in the wild or publicly disclosed before an official fix is released to users.
The active exploit (CVE-2025-33053) is a remote-code-execution flaw in Microsoft Windows Web Distributed Authoring and Versioning, which would allow threat actors to execute arbitrary code on the affected system in the event that a user clicks on a “specially crafted” WebDav URL. This vulnerability was discovered by Check Point Research and exploited by a group called “Stealth Falcon.”
The publicly disclosed zero-day (CVE-2025-33073) is a Windows SMB elevation-of-privilege flaw that would allow an attacker to gain SYSTEM privileges by executing a malicious script. Microsoft has not provided additional details, though it attributes the discovery to a handful of researchers representing different cybersecurity teams.
Five of the critical vulnerabilities patched this month are in Microsoft Office, including Excel and SharePoint. The remaining issues were spread across Power Automate, Windows Cryptographic Services, Windows KDC Proxy Service, Windows Netlogon, and Windows Remote Desktop Services.
What Microsoft users need to do now
In most cases, security updates for Microsoft and Windows will be downloaded and installed automatically on your device, but you can ensure you’ve received the latest one by going to Start > Settings > Windows Update and selecting Check for Windows updates.
Microsoft typically releases Patch Tuesday fixes on the second Tuesday of the month. Timely updates are essential to minimizing the risk that your device or system will be vulnerable to exploits.
