Overview
- The June 10 Patch Tuesday release addresses 66 vulnerabilities in Windows 10, Windows 11 and Microsoft Office products, including fixes for remote code execution and privilege escalation flaws.
- Two zero-day vulnerabilities—CVE-2025-33053 in WebDAV exploited by the Stealth Falcon group and CVE-2025-33073 in the SMB client—are among the critical patches.
- A Secure Boot bypass flaw (CVE-2025-3052) was patched to prevent attackers from loading bootkits before the operating system starts.
- Some Windows 11 24H2 devices encountered compatibility issues and installation failures, prompting Microsoft to throttle the rollout and develop a revised cumulative update.
- The updated 24H2 patch is now rolling out to affected systems, reinforcing the mandatory nature of June’s security fixes and non-security improvements like extended 60-day restore point retention.