Skip to main content

Microsoft Releases July 2025 Security Updates

Scheduled updates for Microsoft products, including security updates for 130 vulnerabilities, of which one has been reported as publicly disclosed

Threat ID:
CC-4679
Threat Severity:
Medium
Published:
9 July 2025 1:57 PM
Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Scheduled updates for Microsoft products, including security updates for 130 vulnerabilities, of which one has been reported as publicly disclosed

Affected platforms

The following platforms are known to be affected:

Microsoft Windows

Microsoft Windows Server

Microsoft Office

Microsoft SQL Server

The following platforms are also known to be affected:

66 other Microsoft platforms

Threat details

Windows 10 Approaching End-of-Support

From October 2025, Microsoft will no longer provide updates, including security patches, for Windows 10 systems.

To ensure the continued security and efficiency of NHS digital systems, as well as protect patient data, all NHS Trusts and Integrated Care Boards (ICBs) must transition to Windows 11.

For more details please visit the Windows 10 end of support October 2025 page.

Introduction

Microsoft has released security updates to address 130 vulnerabilities in 70 Microsoft products. 12 vulnerabilities are highlighted below, of which one is known to be publicly disclosed and the other 11 are considered critical by Microsoft.

Vulnerability details

Publicly disclosed vulnerability:

  • CVE-2025-49719 - Microsoft SQL Server Information Disclosure Vulnerability - CVSSv3 score: 7.5

11 vulnerabilities considered critical by Microsoft:

  • CVE-2025-47981 - SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution (RCE) Vulnerability - CVSSv3 Score: 9.8

  • CVE-2025-48822 - Windows Hyper-V Discrete Device Assignment (DDA) RCE Vulnerability - CVSSv3 Score: 8.6 

  • CVE-2025-49704 - Microsoft SharePoint RCE Vulnerability - CVSSv3 Score: 8.8

  • CVE-2025-49717 - Microsoft SQL Server RCE Vulnerability - CVSSv3 Score: 8.5

  • CVE-2025-49695 - Microsoft Office RCE Vulnerability - CVSSv3 Score: 8.4 

  • CVE-2025-49696 - Microsoft Office RCE Vulnerability - CVSSv3 Score: 8.4

  • CVE-2025-49697 - Microsoft Office RCE Vulnerability - CVSSv3 Score: 8.4 

  • CVE-2025-49735 - Windows KDC Proxy Service (KPSSVC) RCE Vulnerability - CVSSv3 Score: 8.1 

  • CVE-2025-49698 - Microsoft Word RCE Vulnerability - CVSSv3 Score: 7.8 

  • CVE-2025-49702 - Microsoft Office RCE Vulnerability - CVSSv3 Score: 7.8 

  • CVE-2025-49703 - Microsoft Word RCE Vulnerability - CVSSv3 Score: 7.8

Remediation advice

Affected organisations are encouraged to review Microsoft's July 2025 Security Updates and apply the relevant updates as soon as possible.

CVE Vulnerabilities

Status Published

CVE-2025-49719

Improper input validation in SQL Server allows an unauthorized attacker to disclose information over a network.
Status Published

CVE-2025-47981

Heap-based buffer overflow in Windows SPNEGO Extended Negotiation allows an unauthorized attacker to execute code over a network.
Status Published

CVE-2025-48822

Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.
Status Published

CVE-2025-49704

Improper control of generation of code ('code injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
Status Published

CVE-2025-49717

Heap-based buffer overflow in SQL Server allows an authorized attacker to execute code over a network.
Status Published

CVE-2025-49695

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Status Published

CVE-2025-49696

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.
Status Published

CVE-2025-49697

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
Status Published

CVE-2025-49735

Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network.
Status Published

CVE-2025-49698

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Status Published

CVE-2025-49702

Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
Status Published

CVE-2025-49703

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

Last edited: 9 July 2025 1:57 pm