Patch Tuesday – July 2025
- Triumvirate Cyber
- Jul 8, 2025
- 2 min read
Hopefully you've recovered from your holiday hot dog eating contest and accompanying sunburn, because Microsoft has published its monthly patches for July 2025! 🌭 This month's updates include fixes for a whopping 145 vulnerabilities—with 14 rated as Critical. Read on to review the details!
Happy Patch Tuesday! On July 8, 2025, Microsoft released security updates for 145 vulnerabilities across 72 products. 14 of the vulnerabilities were rated as Critical, 123 were rated as Important, and 1 was rated as Moderate.
The release also includes 7 vulnerabilities impacting Git within Visual Studio which aren't assigned a severity rating by Microsoft, but 3 have been assigned CVSS scores—including 2 High-severity vulnerabilities (CVE-2025-48384: 8.1, CVE-2025-48385: 8.6) and 1 Medium-severity vulnerability (CVE-2025-48386: 6.3)—while the other 4 have not yet had scores assigned as of this posting.
The monthly patch breakdown is provided below. As always, you can find more information on the specifics via the MSRC Security Update Guide at https://msrc.microsoft.com/update-guide/
Patch Tuesday July 2025: Security Updates
Critical | # of Vulnerabilities |
AMD L1 Data Queue | 1 |
AMD Store Queue | 1 |
Microsoft Office | 4 |
Microsoft Office SharePoint | 1 |
Microsoft Office Word | 2 |
Role: Windows Hyper-V | 1 |
SQL Server | 1 |
Windows Imaging Component | 1 |
Windows KDC Proxy Service (KPSSVC) | 1 |
Windows SPNEGO Extended Negotiation | 1 |
Important | # of Vulnerabilities |
.NET and Visual Studio | 1 |
Azure Monitor Agent | 1 |
Capability Access Management Service (camsvc) | 1 |
HID class driver | 1 |
Kernel Streaming WOW Thunk Service Driver | 1 |
Microsoft Brokering File System | 3 |
Microsoft Configuration Manager | 1 |
Microsoft Defender for Endpoint | 5 |
Microsoft Graphics Component | 3 |
Microsoft Input Method Editor (IME) | 3 |
Microsoft MPEG-2 Video Extension | 2 |
Microsoft Office | 2 |
Microsoft Office Excel | 2 |
Microsoft Office PowerPoint | 1 |
Microsoft Office SharePoint | 2 |
Microsoft Office Word | 1 |
Microsoft PC Manager | 2 |
Microsoft Teams | 2 |
Microsoft Windows QoS scheduler | 1 |
Microsoft Windows Search Component | 1 |
Office Developer Platform | 1 |
Remote Desktop Client | 2 |
Role: Windows Hyper-V | 2 |
Service Fabric | 1 |
SQL Server | 3 |
Storage Port Driver | 1 |
Universal Print Management Service | 1 |
Virtual Hard Disk (VHDX) | 4 |
Visual Studio | 2 |
Visual Studio Code - Python extension | 1 |
Windows Ancillary Function Driver for WinSock | 1 |
Windows AppX Deployment Service | 1 |
Windows BitLocker | 5 |
Windows Connected Devices Platform Service | 2 |
Windows Cred SSProvider Protocol | 1 |
Windows Cryptographic Services | 1 |
Windows Event Tracing | 2 |
Windows Fast FAT Driver | 1 |
Windows GDI | 1 |
Windows Kerberos | 1 |
Windows Kernel | 4 |
Windows MBT Transport driver | 1 |
Windows Media | 2 |
Windows Netlogon | 1 |
Windows Notification | 2 |
Windows NTFS | 1 |
Windows Performance Recorder | 1 |
Windows Print Spooler Components | 1 |
Windows Remote Desktop Licensing Service | 1 |
Windows Routing and Remote Access Service (RRAS) | 16 |
Windows Secure Kernel Mode | 1 |
Windows Shell | 1 |
Windows SmartScreen | 1 |
Windows SMB | 1 |
Windows SSDP Service | 3 |
Windows StateRepository API | 1 |
Windows Storage VSP Driver | 1 |
Windows TCP/IP | 1 |
Windows TDX.sys | 2 |
Windows Universal Plug and Play (UPnP) Device Host | 2 |
Windows Update Service | 1 |
Windows User-Mode Driver Framework Host | 1 |
Windows Virtualization-Based Security (VBS) Enclave | 3 |
Windows Win32K - GRFX | 1 |
Windows Win32K - ICOMP | 2 |
Workspace Broker | 1 |
Moderate | # of Vulnerabilities |
Windows Storage | 1 |
Not Rated | # of Vulnerabilities |
Visual Studio | 7 |
