Microsoft provided up a reasonably mild Patch Tuesday launch this month, with 68 patches to Microsoft Home windows and Microsoft Workplace. There have been no updates for Change or SQL server and simply two minor patches for Microsoft Edge. That stated, two zero-day vulnerabilities (CVE-2025-33073 and CVE-2025-33053) have led to a “Patch Now” suggestion for each Home windows and Workplace. (Builders can observe their regular launch cadence with updates to Microsoft .NET and Visible Studio.)
To assist navigate these adjustments, the staff from Readiness has supplied ahelpful infographic detailing the dangers concerned when deploying the newest updates. (Extra details about current Patch Tuesday releases is out there right here.)
Recognized points
Microsoft launched a restricted variety of identified points for June, with a product-focused situation and a really minor show concern:
- Microsoft Excel: This a uncommon product degree entry within the “identified points” class — an advisory that “sq. brackets” or [] should not supported in Excel filenames. An error is generated, advising the consumer to take away the offending characters.
- Home windows 10: There are experiences of blurry or unclear CJK (Chinese language, Japanese, Korean) textual content when displayed at 96 DPI (100% scaling) in Chromium-based browsers akin to Microsoft Edge and Google Chrome. This can be a restricted useful resource situation, because the font decision in Home windows 10 doesn’t totally match the high-level decision of the Noto font. Microsoft recommends altering the show scaling to 125% or 150% to enhance readability.
Main revisions and mitigations
Microsoft might need gained an award for the shortest time between releasing an replace and a revision with:
- CVE-2025-33073: Home windows SMB Shopper Elevation of Privilege. Microsoft labored to deal with a vulnerability the place improper entry management in Home windows SMB permits an attacker to raise privileges over a community. This patch was revised on the identical day as its preliminary launch (and has been revised once more for documentation functions).
Home windows lifecycle and enforcement updates
Microsoft didn’t launch any enforcement updates for June.
Every month, the Readiness staff analyzes Microsoft’s newest updates and offers technically sound, actionable testing plans. Whereas June’s launch consists of no said useful adjustments, many foundational parts throughout authentication, storage, networking, and consumer expertise have been up to date.
For this testing information, we grouped Microsoft’s updates by Home windows characteristic after which accompanied the part with prescriptive check actions and rationale to assist prioritize enterprise efforts.
Core OS and UI compatibility
Microsoft up to date a number of core kernel drivers affecting Home windows as a complete. This can be a low-level system change and carries a excessive danger of compatibility and system points. As well as, core Microsoft print libraries have been included within the replace, requiring extra print testing along with the next suggestions:
- Run print operations from 32-bit functions on 64-bit Home windows environments.
- Use completely different print drivers and configurations (e.g., native, networked).
- Observe printing from older productiveness apps and digital environments.
Distant desktop and community connectivity
This replace might influence the reliability of distant entry whereas damaged DHCP-to-DNS integration can block system onboarding, and NAT misbehavior disrupts VPNs or site-to-site routing configurations. We suggest the next exams be carried out:
- Create and reconnect Distant Desktop (RDP) periods underneath various community situations.
- Affirm that DHCP-assigned IP addresses are appropriately registered with DNS in AD-integrated environments.
- Check modifying NAT and routing settings in RRAS configurations and be certain that adjustments persist throughout reboots.
Filesystem, SMB and storage
Updates to the core Home windows storage libraries have an effect on almost each command associated to Microsoft Storage Areas. A minor misalignment right here may end up in degraded clusters, orphaned volumes, or knowledge loss in a failover state of affairs. These are high-priority parts in trendy knowledge middle and hybrid cloud infrastructure, with the next storage-related testing suggestions:
- Entry file shares utilizing server names, FQDNs, and IP addresses.
- Allow and validate encrypted and compressed file-share operations between purchasers and servers.
- Run exams that create, open, and browse from system log recordsdata utilizing varied file and storage configurations.
- Validate core cluster storage administration duties, together with creating and managing storage swimming pools, tiers, and volumes.
- Check disk addition/elimination, failover behaviors, and resiliency settings.
- Run system-level storage diagnostics throughout lively and passive nodes within the cluster.
Home windows installer and restoration
Microsoft delivered one other replace to the Home windows Installer (MSI) software infrastructure. Damaged or regressed Installer bundle MSI dealing with disrupts app deployment pipelines whereas placing core enterprise functions in danger. We advise the next exams for the newest adjustments to MSI Installer, Home windows Restoration and Microsoft’s Virtualization Based mostly Safety (VBS):
- Carry out set up, restore, and uninstallation of MSI Installer packages utilizing normal enterprise deployment instruments (e.g. Intune).
- Validate restore level conduct for factors older than 60 days underneath various virtualization-based safety (VBS) settings.
- Verify each consumer and server behaviors for allowed or blocked restores.
We extremely suggest prioritizing printer testing this month, then distant desktop deployment testing to make sure your core enterprise functions set up and uninstall as anticipated.
Every month, we break down the replace cycle into product households (as outlined by Microsoft) with the next fundamental groupings:
- Browsers (Microsoft IE and Edge);
- Microsoft Home windows (each desktop and server);
- Microsoft Workplace;
- Microsoft Change and SQL Server;
- Microsoft Developer Instruments (Visible Studio and .NET);
- And Adobe (if you happen to get this far).
Browsers
Microsoft delivered a really minor collection of updates to Microsoft Edge. The browser receives two Chrome patches (CVE-2025-5068 and CVE-2025-5419) the place each updates are rated essential. These low-profile adjustments might be added to your normal launch calendar.
Microsoft Home windows
Microsoft launched 5 important patches and (a smaller than regular) 40 patches rated essential. This month the 5 important Home windows patches cowl the next desktop and server vulnerabilities:
- Lacking launch of reminiscence after efficient lifetime in Home windows Cryptographic Companies (WCS) permits an unauthorized attacker to execute code over a community.
- Use after free in Home windows Distant Desktop Companies permits an unauthorized attacker to execute code over a community.
- Use after free in Home windows KDC Proxy Service (KPSSVC) permits an unauthorized attacker to execute code over a community.
- Use of uninitialized sources in Home windows Netlogon permits an unauthorized attacker to raise privileges over a community.
Sadly, CVE-2025-33073 has been reported as publicly disclosed whereas CVE-2025-33053 has been reported as exploited. Given these two zero-days, the Readiness recommends a “Patch Now” launch schedule to your Home windows updates.
Microsoft Workplace
Microsoft launched 5 important updates and an additional 13 rated essential for Workplace. The important patches cope with reminiscence associated and “use after free” reminiscence allocation points affecting your entire platform. Because of the quantity and severity of those points, we suggest a “Patch Now” schedule for Workplace for this Patch Tuesday launch.
Microsoft Change and SQL Server
There aren’t any updates for both Microsoft Change or SQL Server this month.
Developer instruments
There have been solely three low-level updates (product centered and rated essential) launched, affecting .NET and Visible Studio. Add these updates to your normal developer launch schedule.
Adobe (and third get together updates)
Adobe has launched (however Microsoft has not co-published) a single replace to Adobe Acrobat (APSB25-57). There have been two different non-Microsoft up to date releases affecting the Chromium platform, which have been coated within the Browser part above.
