Microsoft Patch Tuesday July 2025: Critical Updates Address 130 Vulnerabilities, Including Zero-Day Flaw

TL;DR

Microsoft’s July 2025 Patch Tuesday update addresses 130 vulnerabilities, including a zero-day flaw in Microsoft SQL Server. Key issues include remote code execution vulnerabilities in Windows and Office components, highlighting the need for immediate patching.

Main Content

Microsoft Releases July 2025 Patch Tuesday Security Updates

Microsoft has released its Patch Tuesday security updates for July 2025, addressing a total of 130 vulnerabilities across various products and components. These updates cover a wide range of software, including Windows and Windows Components, Office and Office Components, .NET and Visual Studio, Azure, Teams, Hyper-V, Windows BitLocker, Microsoft Edge (Chromium-based), and the Windows Cryptographic Service. Among these, 10 vulnerabilities are rated Critical, while the rest are rated Important in severity¹.

Zero-Day Vulnerability in Microsoft SQL Server

One of the most notable issues addressed is a zero-day vulnerability in Microsoft SQL Server, tracked as CVE-2025-49719. This flaw, with a CVSS score of 7.5, is an information disclosure vulnerability that allows remote, unauthenticated attackers to access uninitialized memory due to improper input validation. Microsoft recommends updating SQL Server and installing OLE DB Driver 18 or 19 to mitigate this issue. The vulnerability was discovered by Vladimir Aleksic from Microsoft².

Critical Remote Code Execution (RCE) Vulnerabilities

Several critical remote code execution (RCE) vulnerabilities were also addressed:

• CVE-2025-47981: This wormable RCE vulnerability in Windows SPNEGO NEGOEX has a CVSS score of 9.8. It allows remote attackers to execute code via a malicious message without any user interaction. The flaw involves a heap-based buffer overflow and runs with elevated privileges. Microsoft anticipates active exploitation within 30 days and advises immediate patching³.

• CVE-2025-49695: This Microsoft Office RCE vulnerability, with a CVSS score of 8.8, can be exploited via the Preview Pane. It is one of four similar bugs this month, marking the third consecutive month with critical Office flaws. Mac users remain vulnerable as patches for Office LTSC 2021 and 2024 are not yet available. Disabling the Preview Pane is recommended until Microsoft addresses these ongoing issues⁴.

Full List of Vulnerabilities

The complete list of vulnerabilities addressed by Microsoft in July 2025 can be found here⁵.

Conclusion

Microsoft’s July 2025 Patch Tuesday updates highlight the ongoing need for vigilant security practices. With critical vulnerabilities in widely used products like Windows and Office, users and administrators are urged to apply these patches promptly to protect against potential exploits. Staying informed about these updates and taking proactive measures is crucial for maintaining a secure digital environment.

Additional Resources

For further insights, check:

• Microsoft Security Response Center
• Zero Day Initiative Blog

References

1. “Microsoft Patch Tuesday July 2025”, Security Affairs, 2025. ↩︎

2. “CVE-2025-49719 Vulnerability Details”, Microsoft Security Response Center, 2025 ↩︎

3. “CVE-2025-47981 Vulnerability Details”, Microsoft Security Response Center, 2025 ↩︎

4. “CVE-2025-49695 Vulnerability Details”, Microsoft Security Response Center, 2025 ↩︎

5. “The July 2025 Security Update Review”, Zero Day Initiative, 2025. ↩︎