Randy Franklin Smith's Ultimate Windows Security

Upcoming Webinars

Webinar Library

Latest Blogs

How to Detect Pass-the-Hash Attacks Blog Series

Come meet Randy in Orlando at Microsoft Ignite at Quest's Booth #1818

Detecting Pass-the-Hash with Honeypots

Catch Malware Hiding in WMI with Sysmon

For of all sad words of tongue or pen, the saddest are these: 'We weren’t logging’

Experimenting with Windows Security: Controls for Enforcing Policies

Sysmon Event IDs 1, 6, 7 Report All the Binary Code Executing on Your Network

Yet Another Ransomware Can That Can be Immediately Detected with Process Tracking on Workstations

Cracking AD Passwords with NTDSXtract, Dsusers.py and John the Ripper

Cracking local windows passwords with Mimikatz, LSA dump and Hashcat

Top Resources

Security Log

Additional Resources

July, 2025: Patch Tuesday - A Large Number of Patches but Only One Zero-Day

Welcome to my July Patch Tuesday newsletter. Today Microsoft released 137 updates and an additional 3 in the past month for a total of 140 updates.

We have more than double the updates this month compared to last month but the good thing is we only have one zero-day to look at:

Publicly known:
- CVE-2025-49719 (Information Disclosure)
  - Improper input validation in SQL Server allows an unauthorized attacker to disclose information over a network.

This vulnerability was patched today. If you have one of the affected versions of SQL Server installed (see chart below) please update it. Also, if you have an application using SQL make sure you update your application to use MS OLE DB Driver 18 or 19. You have time to get these tested and updated because the severity is only "Important" and the Exploitability Assessment is "Exploitation Less Likely".

Besides this one, there are another 14 updates that are rated "Critical":

So, we do have a good bit of updating that needs to be done. You will want to download, update and reboot those systems. See you next month!

Patch data provided by:
Technology	Products Affected	Severity	Reference	Workaround/ Exploited / Publicly Disclosed	Vulnerability Info
Windows	Windows 10, 11 2008 SP2, 2008 R2 SP1, 2012, 2012 R2, 2016, 2019, 2022, 2025 including Server Core Installations Remote Desktop Client Windows App Client	Critical	CVE-2025-26636 CVE-2025-33054 CVE-2025-36350 CVE-2025-36357 CVE-2025-47159 CVE-2025-47971 CVE-2025-47972 CVE-2025-47973 CVE-2025-47975 CVE-2025-47976 CVE-2025-47978 CVE-2025-47980 CVE-2025-47981 CVE-2025-47982 CVE-2025-47984 CVE-2025-47985 CVE-2025-47986 CVE-2025-47987 CVE-2025-47991 CVE-2025-47993 CVE-2025-47996 CVE-2025-47998 CVE-2025-47999 CVE-2025-48000 CVE-2025-48001 CVE-2025-48002 CVE-2025-48003 CVE-2025-48799 CVE-2025-48800 CVE-2025-48802 CVE-2025-48803 CVE-2025-48804 CVE-2025-48805 CVE-2025-48806 CVE-2025-48808 CVE-2025-48809 CVE-2025-48810 CVE-2025-48811 CVE-2025-48814 CVE-2025-48815 CVE-2025-48816 CVE-2025-48817 CVE-2025-48818 CVE-2025-48819 CVE-2025-48820 CVE-2025-48821 CVE-2025-48822 CVE-2025-48823 CVE-2025-48824 CVE-2025-49657 CVE-2025-49658 CVE-2025-49659 CVE-2025-49660 CVE-2025-49661 CVE-2025-49663 CVE-2025-49664 CVE-2025-49665 CVE-2025-49666 CVE-2025-49667 CVE-2025-49668 CVE-2025-49669 CVE-2025-49670 CVE-2025-49671 CVE-2025-49672 CVE-2025-49673 CVE-2025-49674 CVE-2025-49675 CVE-2025-49676 CVE-2025-49677 CVE-2025-49678 CVE-2025-49679 CVE-2025-49680 CVE-2025-49681 CVE-2025-49682 CVE-2025-49683 CVE-2025-49684 CVE-2025-49685 CVE-2025-49686 CVE-2025-49687 CVE-2025-49688 CVE-2025-49689 CVE-2025-49690 CVE-2025-49691 CVE-2025-49693 CVE-2025-49694 CVE-2025-49716 CVE-2025-49721 CVE-2025-49722 CVE-2025-49723 CVE-2025-49724 CVE-2025-49725 CVE-2025-49726 CVE-2025-49727 CVE-2025-49729 CVE-2025-49730 CVE-2025-49732 CVE-2025-49733 CVE-2025-49735 CVE-2025-49740 CVE-2025-49742 CVE-2025-49744 CVE-2025-49753 CVE-2025-49760	Workaround: No Exploited: No Public: No	Denial of Service Elevation of Privilege Information Disclosure Remote Code Execution Security Feature Bypass Spoofing Tampering
Edge	Chromium-based	Important	CVE-2025-6554 CVE-2025-49713 CVE-2025-49741	Workaround: No Exploited: No Public: No	Information Disclosure Remote Code Execution
Office	365 Apps for Enterprise Excel/Outlook/Power Point/Word 2016 Office 2016, 2019 LTSC 2021, 2024 including for Mac Office for Android Teams for Android/Desktop/iOS/Mac Office Online Server	Critical	CVE-2025-47994 CVE-2025-48812 CVE-2025-49695 CVE-2025-49696 CVE-2025-49697 CVE-2025-49698 CVE-2025-49699 CVE-2025-49700 CVE-2025-49702 CVE-2025-49703 CVE-2025-49705 CVE-2025-49711 CVE-2025-49731 CVE-2025-49737 CVE-2025-49756	Workaround: No Exploited: No Public: No	Elevation of Privilege Information Disclosure Remote Code Execution Security Feature Bypass
SharePoint	Enterprise Server 2016 Server 2019 Server Subscription Edition	Critical	CVE-2025-49701 CVE-2025-49703 CVE-2025-49704 CVE-2025-49706	Workaround: No Exploited: No Public: No	Remote Code Execution Spoofing
SQL Server	2016 SP2 GDR 2016 SP3 Azure Connect Feature Pack 2017 CU31/GDR 2019 CU32/GDR 2022 CU19/GDR	Critical	CVE-2025-49717 CVE-2025-49718 CVE-2025-49719**	Workaround: No Exploited: No Public: Yes**	Information Disclosure Remote Code Execution
Azure	Monitor Agent Service Fabric	Important	CVE-2025-21195 CVE-2025-47988	Workaround: No Exploited: No Public: No	Elevation of Privilege Remote Code Execution
Developer Tools	Visual Studio 2015 Update 3 Visual Studio 2017 15.9-15.0 Visual Studio 2019 16.11-16.0 Visual Studio 2022 17.8, 17.10, 17.12, 17.14 Python Extension for Visual Studio Code	Important	CVE-2025-27613 CVE-2025-27614 CVE-2025-46334 CVE-2025-46835 CVE-2025-48384 CVE-2025-48385 CVE-2025-48386 CVE-2025-49714 CVE-2025-49739	Workaround: No Exploited: No Public: No	Elevation of Privilege Remote Code Execution
Apps	Microsoft PC Manager	Important	CVE-2025-49738	Workaround: No Exploited: No Public: No	Elevation of Privilege
System Center	Microsoft Configuration Manger 2503	Important	CVE-2025-47178	Workaround: No Exploited: No Public: No	Remote Code Execution

Send me this chart next Patch Tuesday.

User name:
Password:
	/ Forgot?
	Register

July 2025 Patch Tuesday	"Patch Tuesday - A Large Number of Patches but Only One Zero-Day " - sponsored by LOGbinder

Follow @randyfsmith

About | Newsletter | Contact

Ultimate IT Security is a division of Monterey Technology Group, Inc. ©2006-2025 Monterey Technology Group, Inc. All rights reserved.
Disclaimer: We do our best to provide quality information and expert commentary but use all information at your own risk. For complaints, please contact abuse@ultimatewindowssecurity.com.