Microsoft supplied up a reasonably mild Patch Tuesday launch this month, with 68 patches to Microsoft Home windows and Microsoft Workplace. There have been no updates for Change or SQL server and simply two minor patches for Microsoft Edge. That stated, two zero-day vulnerabilities (CVE-2025-33073 and CVE-2025-33053) have led to a “Patch Now” suggestion for each Home windows and Workplace. (Builders can comply with their traditional launch cadence with updates to Microsoft .NET and Visible Studio.)
To assist navigate these adjustments, the staff from Readiness has supplied ahelpful infographic detailing the dangers concerned when deploying the most recent updates. (Extra details about latest Patch Tuesday releases is on the market right here.)
Recognized points
Microsoft launched a restricted variety of identified points for June, with a product-focused subject and a really minor show concern:
- Microsoft Excel: This a uncommon product stage entry within the “identified points” class — an advisory that “sq. brackets” or [] are usually not supported in Excel filenames. An error is generated, advising the person to take away the offending characters.
- Home windows 10: There are studies of blurry or unclear CJK (Chinese language, Japanese, Korean) textual content when displayed at 96 DPI (100% scaling) in Chromium-based browsers equivalent to Microsoft Edge and Google Chrome. It is a restricted useful resource subject, because the font decision in Home windows 10 doesn’t absolutely match the high-level decision of the Noto font. Microsoft recommends altering the show scaling to 125% or 150% to enhance readability.
Main revisions and mitigations
Microsoft might need received an award for the shortest time between releasing an replace and a revision with:
- CVE-2025-33073: Home windows SMB Consumer Elevation of Privilege. Microsoft labored to handle a vulnerability the place improper entry management in Home windows SMB permits an attacker to raise privileges over a community. This patch was revised on the identical day as its preliminary launch (and has been revised once more for documentation functions).
Home windows lifecycle and enforcement updates
Microsoft didn’t launch any enforcement updates for June.
Every month, the Readiness staff analyzes Microsoft’s newest updates and gives technically sound, actionable testing plans. Whereas June’s launch consists of no said purposeful adjustments, many foundational elements throughout authentication, storage, networking, and person expertise have been up to date.
For this testing information, we grouped Microsoft’s updates by Home windows characteristic after which accompanied the part with prescriptive take a look at actions and rationale to assist prioritize enterprise efforts.
Core OS and UI compatibility
Microsoft up to date a number of core kernel drivers affecting Home windows as an entire. It is a low-level system change and carries a excessive danger of compatibility and system points. As well as, core Microsoft print libraries have been included within the replace, requiring further print testing along with the next suggestions:
- Run print operations from 32-bit purposes on 64-bit Home windows environments.
- Use completely different print drivers and configurations (e.g., native, networked).
- Observe printing from older productiveness apps and digital environments.
Distant desktop and community connectivity
This replace might affect the reliability of distant entry whereas damaged DHCP-to-DNS integration can block machine onboarding, and NAT misbehavior disrupts VPNs or site-to-site routing configurations. We suggest the next exams be carried out:
- Create and reconnect Distant Desktop (RDP) periods beneath various community circumstances.
- Verify that DHCP-assigned IP addresses are appropriately registered with DNS in AD-integrated environments.
- Check modifying NAT and routing settings in RRAS configurations and make sure that adjustments persist throughout reboots.
Filesystem, SMB and storage
Updates to the core Home windows storage libraries have an effect on practically each command associated to Microsoft Storage Areas. A minor misalignment right here may end up in degraded clusters, orphaned volumes, or knowledge loss in a failover situation. These are high-priority elements in fashionable knowledge heart and hybrid cloud infrastructure, with the next storage-related testing suggestions:
- Entry file shares utilizing server names, FQDNs, and IP addresses.
- Allow and validate encrypted and compressed file-share operations between purchasers and servers.
- Run exams that create, open, and skim from system log recordsdata utilizing numerous file and storage configurations.
- Validate core cluster storage administration duties, together with creating and managing storage swimming pools, tiers, and volumes.
- Check disk addition/removing, failover behaviors, and resiliency settings.
- Run system-level storage diagnostics throughout lively and passive nodes within the cluster.
Home windows installer and restoration
Microsoft delivered one other replace to the Home windows Installer (MSI) utility infrastructure. Damaged or regressed Installer bundle MSI dealing with disrupts app deployment pipelines whereas placing core enterprise purposes in danger. We recommend the next exams for the most recent adjustments to MSI Installer, Home windows Restoration and Microsoft’s Virtualization Based mostly Safety (VBS):
- Carry out set up, restore, and uninstallation of MSI Installer packages utilizing customary enterprise deployment instruments (e.g. Intune).
- Validate restore level conduct for factors older than 60 days beneath various virtualization-based safety (VBS) settings.
- Examine each shopper and server behaviors for allowed or blocked restores.
We extremely suggest prioritizing printer testing this month, then distant desktop deployment testing to make sure your core enterprise purposes set up and uninstall as anticipated.
Every month, we break down the replace cycle into product households (as outlined by Microsoft) with the next fundamental groupings:
- Browsers (Microsoft IE and Edge);
- Microsoft Home windows (each desktop and server);
- Microsoft Workplace;
- Microsoft Change and SQL Server;
- Microsoft Developer Instruments (Visible Studio and .NET);
- And Adobe (when you get this far).
Browsers
Microsoft delivered a really minor sequence of updates to Microsoft Edge. The browser receives two Chrome patches (CVE-2025-5068 and CVE-2025-5419) the place each updates are rated vital. These low-profile adjustments might be added to your customary launch calendar.
Microsoft Home windows
Microsoft launched 5 vital patches and (a smaller than traditional) 40 patches rated vital. This month the 5 vital Home windows patches cowl the next desktop and server vulnerabilities:
- Lacking launch of reminiscence after efficient lifetime in Home windows Cryptographic Providers (WCS) permits an unauthorized attacker to execute code over a community.
- Use after free in Home windows Distant Desktop Providers permits an unauthorized attacker to execute code over a community.
- Use after free in Home windows KDC Proxy Service (KPSSVC) permits an unauthorized attacker to execute code over a community.
- Use of uninitialized assets in Home windows Netlogon permits an unauthorized attacker to raise privileges over a community.
Sadly, CVE-2025-33073 has been reported as publicly disclosed whereas CVE-2025-33053 has been reported as exploited. Given these two zero-days, the Readiness recommends a “Patch Now” launch schedule to your Home windows updates.
Microsoft Workplace
Microsoft launched 5 vital updates and an additional 13 rated vital for Workplace. The vital patches cope with reminiscence associated and “use after free” reminiscence allocation points affecting all the platform. As a result of quantity and severity of those points, we suggest a “Patch Now” schedule for Workplace for this Patch Tuesday launch.
Microsoft Change and SQL Server
There are not any updates for both Microsoft Change or SQL Server this month.
Developer instruments
There have been solely three low-level updates (product targeted and rated vital) launched, affecting .NET and Visible Studio. Add these updates to your customary developer launch schedule.
Adobe (and third get together updates)
Adobe has launched (however Microsoft has not co-published) a single replace to Adobe Acrobat (APSB25-57). There have been two different non-Microsoft up to date releases affecting the Chromium platform, which have been coated within the Browser part above.
