Microsoft Patch Tuesday Security Updates for July 2025: A Zero-Day Fix
Microsoft has released its monthly Patch Tuesday security updates for July 2025, addressing a total of 130 vulnerabilities across various Microsoft products and services. Among these, one critical flaw – CVE-2025-49719 – is flagged as a publicly disclosed zero-day vulnerability in Microsoft SQL Server.
The zero-day vulnerability, tracked as CVE-2025-49719, has a CVSS score of 7.5 and allows remote, unauthenticated attackers to access uninitialized memory due to improper input validation in Microsoft SQL Server. This means that an attacker could potentially exploit this flaw to gain unauthorized access to sensitive data stored on the server.
Microsoft recommends updating SQL Server and installing OLE DB Driver 18 or 19 to fix the issue. The vulnerability was discovered by Vladimir Aleksic from Microsoft, highlighting the importance of internal expertise in identifying and addressing security vulnerabilities.
The Most Interesting Vulnerabilities Addressed
CVE-2025-47981: A Critical Wormable RCE Issue in Windows SPNEGO NEGOEX
The vulnerability CVE-2025-47981 has a CVSS score of 9.8 and is a critical, wormable Remote Code Execution (RCE) issue in Windows SPNEGO NEGOEX. It allows remote attackers to execute code via a malicious message, with no user interaction required. This means that an attacker could potentially exploit this flaw to gain elevated privileges on the affected system.
Microsoft expects active exploitation within 30 days and urges rapid patching of this vulnerability. This highlights the importance of timely patching to prevent attacks before they can be carried out.
CVE-2025-49695: A Microsoft Office RCE Vulnerability Exploitable via the Preview Pane
The vulnerability CVE-2025-49695 has a CVSS score of 8.8 and is an exploitable Remote Code Execution (RCE) vulnerability in Microsoft Office that can be exploited via the Preview Pane.
This is one of four similar bugs this month, marking the third month in a row with critical Office flaws. Mac users remain unprotected, as patches for Office LTSC 2021 and 2024 aren’t yet available. Disabling the Preview Pane is recommended until Microsoft resolves these ongoing issues.
The Full List of Vulnerabilities
For those interested in learning more about the vulnerabilities addressed by Microsoft this month, you can find the full list on the Security Affairs website.
Patching Your Systems: What You Need to Know
As with any Patch Tuesday release, it is essential for users to patch their systems as soon as possible to prevent exploitation of these vulnerabilities. Microsoft recommends updating all affected products and services immediately.
For Mac users who rely on Office LTSC 2021 and 2024, there is currently no available patch. Until then, disabling the Preview Pane can help mitigate potential exploits until a fix is released.
Stay Informed
Follow me on Twitter (@securityaffairs), Facebook, and Mastodon (SecurityAffairs – hacking, Microsoft Patch Tuesday) for the latest news and updates on security vulnerabilities and patching recommendations.
Remember to always prioritize your systems' security by staying up-to-date with the latest patches and taking proactive steps to protect against emerging threats.