June often signals mid-year check-ins — half the year’s gone, and attackers aren’t slowing down. Neither should you. As we welcome the beginning of summer and National Safety Month, there's no better occasion to fortify your defenses. This month’s Patch Tuesday addresses 67 vulnerabilities, including 2 zero-days and 9 critical vulnerabilities,
Let's see what's in store for us this month. Also, register for our free Patch Tuesday webinar and listen to our experts break down Patch Tuesday updates in detail.
Fact: This month's zero-day duo spans both Remote Code Execution and Elevation of Privilege, proving attackers aren’t limiting themselves to one tactic. As for volume, Remote Code Execution continues to dominate with 25 CVEs—a full cybersecurity buffet.
Security updates have been released for critical Microsoft products, including:
To view the complete list of affected products, features, and roles, please refer to the MSRC Release Notes
Patch Tuesday wouldn’t be complete without a breakdown of the vulnerability types. Here’s how this month’s vulnerabilities are distributed:
The takeaway? Remote Code Execution (RCE) remains a top priority this month too as they dominate security updates.
This actively exploited flaw targets the WebDAV component, a long-standing Microsoft extension for remote file editing. In this case, attackers can craft malicious WebDAV URLs that, when clicked by a user, lead to arbitrary code execution on the system. The entry vector is deceptively simple—just one click. Think of it as “drive-by downloading” with a side of elevated risk. Microsoft acknowledges that the vulnerability has been used in real-world attacks, though details are scant. Discovered by Alexandra Gofman and David Driker from Check Point Research, this one underscores the need for URL handling hygiene and endpoint monitoring.
This publicly disclosed zero-day takes advantage of improper access control within the Windows SMB client. A remote attacker could exploit it using a malicious script that forces the victim machine to initiate an SMB connection to the attacker’s system. Upon successful coercion, the attacker gains SYSTEM privileges—essentially full control. Although a patch is now available, system administrators can also mitigate the flaw by enabling server-side SMB signing via Group Policy. With a multi-researcher discovery team including contributors from CrowdStrike, Synacktiv, SySS GmbH, RedTeam Pentesting GmbH, and Google Project Zero, this vulnerability attracted serious attention before it was patched.
Microsoft isn’t alone in the June patching race. Several other vendors have issued critical updates:
To know more about the patches supported by our product to remediate the vulnerabilities, kindly refer to our forum post.
As we hit the halfway mark of the year, it's clear that threat actors aren’t taking a break—and neither should your patching strategy. Staying ahead means staying consistent. Don’t let unpatched vulnerabilities undo months of good work. Make patching a routine, not a reaction. Patch your systems promptly to ensure your hard work remains intact. With Endpoint Central, Patch Manager Plus and Vulnerability Manager Plus, you can streamline the entire patch management process— from testing patches to deploying them— effectively mitigating vulnerabilities. You can also tailor patch tasks according to your enterprise needs.
Register now for our free Patch Tuesday webinar to gain more insights about these Patch Tuesday Updates. Our experts will not only offer in-depth analysis about the updates but also provide best practice to manage Patches in your network. You can also ask our experts all your patch-related questions and get live answers in the webinar.