Particle.news
Download on the App Store
9 ARTICLES
·
4w ago

Microsoft, Adobe Ship June Security Updates for Zero-Days and Secure Boot

The release neutralizes an actively exploited WebDAV zero-day, covers more than 315 vulnerabilities in Microsoft and Adobe products, leaving one Secure Boot issue unresolved.

Image
Image
Microsoft Windows Sicherheit Symbolbild
Image

Overview

  • Microsoft’s June Patch Tuesday addresses 66 Windows and Windows Server vulnerabilities, including critical remote code execution flaws in Office and SharePoint.
  • The WebDAV zero-day CVE-2025-33053 has been patched after being used by Stealth Falcon to deploy espionage malware via MSHTML components.
  • A Windows SMB client flaw (CVE-2025-33073) is publicly documented and could enable elevation of privilege if attackers lure users to a malicious server.
  • Secure Boot bypass CVE-2025-3052 discovered by Alex Matrosov has been fixed in Windows updates, while a related flaw CVE-2025-47827 remains unpatched.
  • Adobe released fixes for 254 security holes across Acrobat, Experience Manager and other Creative Cloud tools, most of which were rated high risk.