BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Patch Tuesday, June 2025 Edition
/in General NewsMicrosoft today released security updates to fix at least 67 vulnerabilities in its Windows operating systems and software. Redmond warns that one of the flaws is already under active attack, and that software blueprints showing how to exploit a pervasive Windows bug patched this month are now public.
The sole zero-day flaw this month is CVE-2025-33053, a remote code execution flaw in the Windows implementation of WebDAV — an HTTP extension that lets users remotely manage files and directories on a server. While WebDAV isn’t enabled by default in Windows, its presence in legacy or specialized systems still makes it a relevant target, said Seth Hoyt, senior security engineer at Automox.
Adam Barnett, lead software engineer at Rapid7, said Microsoft’s advisory for CVE-2025-33053 does not mention that the Windows implementation of WebDAV is listed as deprecated since November 2023, which in practical terms means that the WebClient service no longer starts by default.
“The advisory also has attack complexity as low, which means that exploitation does not require preparation of the target environment in any way that is beyond the attacker’s control,” Barnett said. “Exploitation relies on the user clicking a malicious link. It’s not clear how an asset would be immediately vulnerable if the service isn’t running, but all versions of Windows receive a patch, including those released since the deprecation of WebClient, like Server 2025 and Windows 11 24H2.”
Microsoft warns that an “elevation of privilege” vulnerability in the Windows Server Message Block (SMB) client (CVE-2025-33073) is likely to be exploited, given that proof-of-concept code for this bug is now public. CVE-2025-33073 has a CVSS risk score of 8.8 (out of 10), and exploitation of the flaw leads to the attacker gaining “SYSTEM” level control over a vulnerable PC.
“What makes this especially dangerous is that no further user interaction is required after the initial connection—something attackers can often trigger without the user realizing it,” said Alex Vovk, co-founder and CEO of Action1. “Given the high privilege level and ease of exploitation, this flaw poses a significant risk to Windows environments. The scope of affected systems is extensive, as SMB is a core Windows protocol used for file and printer sharing and inter-process communication.”
Beyond these highlights, 10 of the vulnerabilities fixed this month were rated “critical” by Microsoft, including eight remote code execution flaws.
Notably absent from this month’s patch batch is a fix for a newly discovered weakness in Windows Server 2025 that allows attackers to act with the privileges of any user in Active Directory. The bug, dubbed “BadSuccessor,” was publicly disclosed by researchers at Akamai on May 21, and several public proof-of-concepts are now available. Tenable’s Satnam Narang said organizations that have at least one Windows Server 2025 domain controller should review permissions for principals and limit those permissions as much as possible.
Adobe has released updates for Acrobat Reader and six other products addressing at least 259 vulnerabilities, most of them in an update for Experience Manager. Mozilla Firefox and Google Chrome both recently released security updates that require a restart of the browser to take effect. The latest Chrome update fixes two zero-day exploits in the browser (CVE-2025-5419 and CVE-2025-4664).
For a detailed breakdown on the individual security updates released by Microsoft today, check out the Patch Tuesday roundup from the SANS Internet Storm Center. Action 1 has a breakdown of patches from Microsoft and a raft of other software vendors releasing fixes this month. As always, please back up your system and/or data before patching, and feel free to drop a note in the comments if you run into any problems applying these updates.
Krebs on Security – Read More
Apple Intelligence Is Gambling on Privacy as a Killer Feature
/in General NewsMany new Apple Intelligence features happen on your device rather than in the cloud. While it may not be flashy, the privacy-centric approach could be a competitive advantage.
Security Latest – Read More
June 2025 Patch Tuesday: Microsoft Fixes 66 Bugs, Including Active 0-Day
/in General NewsJune 2025 Patch Tuesday fixes 66 bugs, including a zero-day in WebDAV. Update Windows, Office, and more now to block active threats.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Stealth Falcon APT Exploits Microsoft RCE Zero-Day in Mideast
/in General NewsThe bug is one of 66 disclosed and patched today by Microsoft as part of its June 2025 Patch Tuesday set of security vulnerability fixes.
darkreading – Read More
PoC Code Escalates Roundcube Vuln Threat
/in General NewsThe flaw allows an authenticated attacker to gain complete control over a Roundcube webmail server.
darkreading – Read More
The five security principles driving open source security apps at scale
/in General NewsOpen-source AI is shaping the future of cybersecurity innovation, consistently breaking down barriers and delivering results.Read More
Security News | VentureBeat – Read More
Two Mirai Botnets, Lzrd and Resgod Spotted Exploiting Wazuh Flaw
/in General NewsAkamai’s latest report reveals two Mirai botnets exploiting the critical CVE-2025-24016 flaw in Wazuh. Learn about these fast-spreading IoT threats and urgent patching advice.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
CISA, Microsoft warn of Windows zero-day used in attack on ‘major’ Turkish defense org
/in General NewsCheck Point attributed the attack to a group known as Stealth Falcon — a hacking group with longstanding ties to the UAE that has been implicated in dozens of spyware cases and hacking incidents involving governments across the Middle East and Africa.
The Record from Recorded Future News – Read More
Whole Foods tells staff cyberattack at its primary distributor UNFI will affect product availability
/in General NewsThe retail giant described the food shortages as “temporary supply challenges” following the cyberattack at its primary distributor, UNFI.
Security News | TechCrunch – Read More
Code Execution Flaws Haunt Adobe Acrobat Reader, Adobe Commerce
/in General NewsPatch Tuesday: Adobe documents hundreds of bugs across multiple products and warns of code execution, feature bypass risks.
The post Code Execution Flaws Haunt Adobe Acrobat Reader, Adobe Commerce appeared first on SecurityWeek.
SecurityWeek – Read More