.jpeg)
Microsoft released a new update, download this version to avoid hackers
Microsoft fixed 67 security flaws in the June 2025 Patch Tuesday, including 11 critical and 56 important. One of the two zero-day flaws, CVE-2025-33053 (WebDAV), was used by hackers. This flaw also affects the Windows SMB client. Users are advised to download the latest stable release (version 137.0.3296.62).
Microsoft released patches for numerous security vulnerabilities in the June 2025 Patch Tuesday update, 11 of which were rated as critical and 56 as important. Microsoft patched two zero-days, one of which was being exploited before the patch. Microsoft previously patched a number of security vulnerabilities in Microsoft Edge, a zero-day exploit affecting Google Chrome among them.
According to Microsoft's release notes, the June 2025 security updates contain fixes for 67 security flaws affecting a number of products and services. The firm has fixed 14 flaws that could have led to privilege escalation, 26 remote code execution flaws, and 17 other issues that could have led to information disclosure.
The biggest security flaw detected by Microsoft is CVE-2025-33053, which affects an HTTP extension called Web Distributed Authoring and Versioning (WebDAV). According to Microsoft, this zero-day security flaw has a CVSS score of 8.8 and was actively exploited to trick users into clicking on malicious URLs.
Check Point researchers David Driker and Alexandra Gofman uncovered the flaw, and the company says a threat actor known as FruityArmor or Stealth Falcon used the CVE-2025-33053 vulnerability. This security flaw allowed hackers to remotely execute code on the target's computer by changing the working directory.
Microsoft also patched another zero-day vulnerability in the Windows SMB (Samba) client that a malicious user might use to gain privileged (or system) access to equipment on the same local network. According to Microsoft, the issue was due to incorrect access control in the Windows SMB client.
Earlier this month, the company rolled out several security fixes for the Microsoft Edge browser that were previously released by the Chromium project. One of these vulnerabilities, CVE-2025-5419, is a zero-day security flaw that was exploited before Google patched it. Users who are on the latest stable release (version 137.0.3296.62) are protected from these security flaws.
For Latest News update Subscribe to Sangri Today's Broadcast channels on Google News | Telegram | WhatsApp
