Skip to content
BLOG

Patch Tuesday July 2025

Brock Bingham candid headshot
Brock Bingham|July 8, 2025
Patch Tuesday (green)
Patch Tuesday (green)
Sections

There’s nothing quite like an anxiety-filled Patch Tuesday to snap you right back to reality after a long holiday weekend. Fingers crossed that Microsoft keeps the curveballs to a minimum this month so we can get back to grilling hot dogs and perfecting our farmer's tans.

Here are the details:

  • Total exploits patched: 140

  • Critical patches: 14

  • Already known or exploited: 1

Some highlights (or lowlights)

  • CVE-2025-47981: This month's highest-rated CVE comes in at a whopping 9.8 and takes advantage of a heap-based buffer overflow exploit in Windows SPNEGO Extended Negotiation, which sounds like something I’d order at a questionable Italian restaurant. Why is it rated so high? Well, with a network attack vector, low complexity, no privileges or user interaction required, and the end result of remote code execution, the only thing stopping this from being a 10 is that it’s not already being exploited in the wild. Thankfully, this official fix should keep everyone safe … if you’re deploying your patches like you should be. Better luck next time, bad guys. 

  • CVE-2025-48001: CVE-2025-48001 takes advantage of a time-of-check time-of-use race condition (TOCTOU) exploit to bypass BitLocker security features and allow an attacker to potentially access encrypted data. Considering the nature of BitLocker and what it’s supposed to do, it’s interesting to think of the ramifications of this CVE. Because if a bad actor already has physical possession of your device, that means that you won’t be able to apply this patch to remediate the vulnerability. Hmmmm ... 

  • CVE-2025-49719: Last up, but certainly not least (especially since this is the only publicly disclosed exploit on our list), is an information disclosure vulnerability impacting Microsoft SQL Server. An attacker could theoretically send a specially crafted request over the network to a SQL Server and gain access to sensitive information. Needless to say, if you or your vendors are rocking an SQL Server, it’s time to apply the necessary security and OLE DB driver updates.

Wrapping up

As always, make sure to check out the full release notes over on the MSRC Security Update Guide and identify the CVEs that are relevant to your environment.

And if you’d rather spend more time grilling and less time updating, PDQ Connect can automate your Windows and third-party patch deployments in minutes. Just make sure to validate those patches or else Patch Tuesday could turn into Patch Wednesday, Thursday, Friday, and Saturday.

Loading...

Brock Bingham candid headshot
Brock Bingham

Born in the '80s and raised by his NES, Brock quickly fell in love with everything tech. With over 15 years of IT experience, Brock now enjoys the life of luxury as a renowned tech blogger and receiver of many Dundie Awards. In his free time, Brock enjoys adventuring with his wife, kids, and dogs, while dreaming of retirement.

Related articles

PDQ announces the Sysadmin Hall of Fame

How to recognize (and retain) great sysadmins

GENERAL IT

Illustration of Power(turtle)Shell

How to schedule tasks using PowerShell

POWERSHELL

Illustration of computer desk and monitor with PDQ logo

How to perform an in-place Windows upgrade

PRODUCT