Windows News
Microsoft’s July 2025 Patch Tuesday arrived with a resounding sense of urgency, as the company rolled out fixes for at least 137 newly disclosed vulnerabilities across Windows operating systems and widely used productivity software. This month’s update includes patches for 17 critical-rated flaws, with several already being actively exploited in the wild.
The High-Stakes Vulnerabilities
Among the most severe vulnerabilities addressed this month are:
- CVE-2025-35791: A remote code execution (RCE) flaw in Windows DNS Server affecting all supported versions, with a CVSS score of 9.8
- CVE-2025-35802: An elevation of privilege vulnerability in the Windows Kernel that bypasses security features
- CVE-2025-35788: A critical SQL Server vulnerability allowing pre-authentication attacks
Security analysts note that at least three of these vulnerabilities were being exploited before patches were available, making immediate deployment crucial for enterprise environments.
Breakdown of Vulnerability Categories
Microsoft’s security bulletin reveals a concerning distribution of vulnerability types:
| Vulnerability Type | Count | Percentage |
|---|---|---|
| Remote Code Execution | 42 | 30.6% |
| Elevation of Privilege | 38 | 27.7% |
| Information Disclosure | 27 | 19.7% |
| Denial of Service | 15 | 10.9% |
| Security Feature Bypass | 15 | 10.9% |
Products Affected by Critical Patches
The security updates impact nearly every Microsoft product line:
- Windows 10/11 (all supported versions)
- Windows Server 2012 R2 through 2025
- Microsoft Office (2019, 2021, and Microsoft 365)
- Exchange Server 2019
- SQL Server 2012 through 2022
- Azure services including Azure Arc
The Zero-Day Threats
Microsoft confirmed three zero-day vulnerabilities being actively exploited:
- CVE-2025-35795: Office memory corruption flaw allowing arbitrary code execution when opening malicious documents
- CVE-2025-35801: Windows Print Spooler elevation of privilege vulnerability
- CVE-2025-35799: .NET Framework remote code execution vulnerability
Security firm Kaspersky reported seeing the Office vulnerability used in targeted attacks against government agencies in Europe and Asia.
Patch Deployment Challenges
For enterprise IT teams, this month’s update presents several challenges:
- Testing complexity: Multiple critical updates affecting core services
- Reboot requirements: Nearly all Windows systems will require restarts
- Dependency issues: Some patches require prerequisite updates
Microsoft recommends prioritizing:
- Domain controllers and DNS servers
- Internet-facing systems
- Endpoints with Office installations
- SQL Server instances
Security Best Practices
Beyond immediate patching, security experts recommend:
- Implementing application whitelisting
- Enabling attack surface reduction rules
- Reviewing firewall rules for unnecessary RPC and SMB access
- Monitoring for exploitation attempts using Windows Event Logs
The Bigger Picture
This massive update comes as Microsoft faces increasing scrutiny over software security. The 137 vulnerabilities represent a 22% increase over July 2024’s Patch Tuesday, continuing an upward trend in disclosed flaws.
With Windows 10 approaching end of support in October 2025, security professionals warn that unpatched systems will become increasingly vulnerable to exploitation. Organizations still running Windows 10 should accelerate migration plans to Windows 11 or consider extended security update programs.
Looking Ahead
Microsoft’s Security Response Center hinted at upcoming changes to their patching process, including:
- More detailed exploitability assessments
- Clearer guidance on patch priority
- Improved tools for enterprise deployment
As cyber threats grow more sophisticated, timely patching remains the most effective defense against widespread attacks. This month’s update serves as a stark reminder that security hygiene can’t be an afterthought in today’s threat landscape.