Microsoft July 2025 Patch Tuesday Fixes 130+ Vulnerabilities, Including 1 Zero-Day Flaw - LinkedIn

Microsoft has released its July 2025 Patch Tuesday edition, addressing 100+ security vulnerabilities across the Windows ecosystem, including one publicly disclosed zero-day flaw in Microsoft SQL Server. Among the fixes, 14 are rated Critical, consisting of: 10 remote code execution (RCE) vulnerabilities 1 information disclosure 2 AMD side-channel attack flaws 1 additional critical flaw Breakdown of Vulnerabilities by Category: 4 Spoofing 6 Denial of Service 8 Security Feature Bypass 18 Information Disclosure 41 Remote Code Execution 53 Elevation of Privilege Highlight: Publicly Disclosed Zero-Day in SQL Server This month's only zero-day is CVE-2025-49719, an information disclosure vulnerability in Microsoft SQL Server. According to Microsoft, the flaw stems from improper input validation, allowing unauthenticated remote attackers to extract data from uninitialized memory across a network. Admins are advised to: Update to the latest SQL Server release Install the Microsoft OLE DB Driver 18 or 19 The vulnerability was reported by Vladimir Aleksic of Microsoft, though details of its public disclosure remain unspecified. Critical Fixes: Microsoft Office & SharePoint Microsoft also patched multiple critical RCE vulnerabilities in Microsoft Office, which can be triggered by simply opening a malicious document or previewing it in the pane. Note: Security updates for Office LTSC for Mac 2021 and 2024 are not yet available but will be released soon. Additionally, a critical RCE flaw in Microsoft SharePoint (CVE-2025-49704) has been resolved. This vulnerability allows remote exploitation via the internet, provided the attacker has valid platform credentials. Breakdown of The Critical Fixes: AMD L1 Data Queue CVE-2025-36357 Transient Scheduler Attack in L1 Data Queue - The vulnerability assigned to this CVE is in certain processor models offered by AMD. The mitigation for this vulnerability requires a Windows update. This CVE is being documented in the Security Update Guide to announce that the latest builds of Windows enable the mitigation and provide protection against the vulnerability. AMD Store Queue CVE-2025-36350 Transient Scheduler Attack in Store Queue - The vulnerability assigned to this CVE is in certain processor models offered by AMD. The mitigation for this vulnerability requires a Windows update. This CVE is being documented in the Security Update Guide to announce that the latest builds of Windows enable the mitigation and provide protection against the vulnerability. Microsoft Office CVE-2025-49697 Microsoft Office Remote Code Execution Vulnerability - Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. Microsoft Office CVE-2025-49695 Microsoft Office Remote Code Execution Vulnerability - Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. Microsoft Office CVE-2025-49696 Microsoft Office Remote Code Execution Vulnerability - Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally. Recommended by LinkedIn Patch or Perish: Inside Microsoft’s February 2026… Darshan Masalia 1 month ago Government of Canada issues ALERT on SQL Server and… John Hewie 7 years ago Patch Tuesday | July 2025 ConnectWise 8 months ago Microsoft Office CVE-2025-49702 Microsoft Office Remote Code Execution Vulnerability - Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally. Microsoft Office SharePoint CVE-2025-49704 Microsoft SharePoint Remote Code Execution Vulnerability - Improper control of generation of code ('code injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. Microsoft Office Word CVE-2025-49703 Microsoft Word Remote Code Execution Vulnerability - Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. Microsoft Office Word CVE-2025-49698 Microsoft Word Remote Code Execution Vulnerability - Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. Windows Hyper-VCVE-2025-48822 Windows Hyper-V Discrete Device Assignment (DDA) Remote Code Execution Vulnerability - Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally. SQL Server CVE-2025-49717 Microsoft SQL Server Remote Code Execution Vulnerability - Heap-based buffer overflow in SQL Server allows an authorized attacker to execute code over a network. Windows Imaging Component CVE-2025-47980 Exposure of sensitive information to an unauthorized actor in Windows Imaging Component allows an unauthorized attacker to disclose information locally. Windows KDC Proxy Service (KPSSVC) CVE-2025-49735 Remote Code Execution Vulnerability - Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network. Windows SPNEGO Extended Negotiation CVE-2025-47981 SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability - Heap-based buffer overflow in Windows SPNEGO Extended Negotiation allows an unauthorized attacker to execute code over a network. Conclusion Microsoft’s July 2025 Patch Tuesday delivers crucial updates addressing significant vulnerabilities. Users and administrators are encouraged to review and apply these updates promptly to enhance system security. REMINDER: Support for Windows 10 will end in October 2025! After October 14, 2025, Microsoft will no longer provide free software updates from Windows Update, technical assistance, or security fixes for Windows 10. Your PC will still work, but it is recommended you move to Windows 11 for continued security and updates. On July 10 from 12 PM ET to 12:20PM ET (yes, that’s only 20 minutes), tune in to SCYTHE’s Threat Thursday LIVE and explore how AI is being used to rapidly craft binaries for red team simulations. If you're serious about detection, speed, and staying ahead of attackers, this session is for you. The new Insider Risk Compliance Guide for UK financial firms break it all down; mandates, expectations, common gaps, and the steps you can take to close them. Get your FREE copy and stay ahead of regulatory change