Microsoft July 2025 Security Updates

July 2025 Security Updates


This release consists of the following 130 Microsoft CVEs:

Tag CVE Base Score CVSS Vector Exploitability FAQs? Workarounds? Mitigations?


Service Fabric CVE-2025-21195

Windows Kernel CVE-2025-26636

Remote Desktop Client CVE-2025-33054

Windows Visual Basic Scripting CVE-2025-47159

Microsoft Intune CVE-2025-47178

Virtual Hard Disk (VHDX) CVE-2025-47971

Microsoft Input Method Editor (IME) CVE-2025-47972

Virtual Hard Disk (VHDX) CVE-2025-47973

Windows SSDP Service CVE-2025-47975

Windows SSDP Service CVE-2025-47976

Windows Kerberos CVE-2025-47978

Windows Imaging Component CVE-2025-47980

Windows SPNEGO Extended Negotiation CVE-2025-47981

Windows Storage VSP Driver CVE-2025-47982

Windows GDI CVE-2025-47984

Windows Event Tracing CVE-2025-47985

Universal Print Management Service CVE-2025-47986

Windows Cred SSProvider Protocol CVE-2025-47987

Azure Monitor Agent CVE-2025-47988

Microsoft Input Method Editor (IME) CVE-2025-47991

Microsoft PC Manager CVE-2025-47993

Microsoft Office CVE-2025-47994

Windows MBT Transport driver CVE-2025-47996

Windows Routing and Remote Access Service (RRAS) CVE-2025-47998

Role: Windows Hyper-V CVE-2025-47999

Windows Connected Devices Platform Service CVE-2025-48000

Windows BitLocker CVE-2025-48001

Role: Windows Hyper-V CVE-2025-48002

Windows BitLocker CVE-2025-48003

Windows Update Service CVE-2025-48799

Windows BitLocker CVE-2025-48800

Windows SMB CVE-2025-48802

Windows Virtualization-Based Security (VBS) Enclave CVE-2025-48803

Windows BitLocker CVE-2025-48804

Microsoft MPEG-2 Video Extension CVE-2025-48805

Microsoft MPEG-2 Video Extension CVE-2025-48806

Windows Kernel CVE-2025-48808

Windows Kernel CVE-2025-48809

Windows Secure Kernel Mode CVE-2025-48810

Windows Virtualization-Based Security (VBS) Enclave CVE-2025-48811

Microsoft Office Excel CVE-2025-48812

Windows Remote Desktop Licensing Service CVE-2025-48814

Windows SSDP Service CVE-2025-48815

HID class driver CVE-2025-48816

Remote Desktop Client CVE-2025-48817

Windows BitLocker CVE-2025-48818

Windows Universal Plug and Play (UPnP) Device Host CVE-2025-48819

Windows AppX Deployment Service CVE-2025-48820

Windows Universal Plug and Play (UPnP) Device Host CVE-2025-48821

Role: Windows Hyper-V CVE-2025-48822

Windows Cryptographic Services CVE-2025-48823

Windows Routing and Remote Access Service (RRAS) CVE-2025-48824

Windows Routing and Remote Access Service (RRAS) CVE-2025-49657

Windows TDX.sys CVE-2025-49658

Windows TDX.sys CVE-2025-49659

Windows Event Tracing CVE-2025-49660

Windows Ancillary Function Driver for WinSock CVE-2025-49661

Windows Routing and Remote Access Service (RRAS) CVE-2025-49663

Windows User-Mode Driver Framework Host CVE-2025-49664

Workspace Broker CVE-2025-49665

Windows Kernel CVE-2025-49666

Windows Win32K - ICOMP CVE-2025-49667

Windows Routing and Remote Access Service (RRAS) CVE-2025-49668

Windows Routing and Remote Access Service (RRAS) CVE-2025-49669

Windows Routing and Remote Access Service (RRAS) CVE-2025-49670

Windows Routing and Remote Access Service (RRAS) CVE-2025-49671

Windows Routing and Remote Access Service (RRAS) CVE-2025-49672

Windows Routing and Remote Access Service (RRAS) CVE-2025-49673

Windows Routing and Remote Access Service (RRAS) CVE-2025-49674

Kernel Streaming WOW Thunk Service Driver CVE-2025-49675

Windows Routing and Remote Access Service (RRAS) CVE-2025-49676

Microsoft Brokering File System CVE-2025-49677

Windows NTFS CVE-2025-49678

Windows Shell CVE-2025-49679

Windows Performance Recorder CVE-2025-49680

Windows Routing and Remote Access Service (RRAS) CVE-2025-49681

Windows Media CVE-2025-49682

Virtual Hard Disk (VHDX) CVE-2025-49683

Storage Port Driver CVE-2025-49684

Microsoft Windows Search Component CVE-2025-49685

Windows TCP/IP CVE-2025-49686

Microsoft Input Method Editor (IME) CVE-2025-49687

Windows Routing and Remote Access Service (RRAS) CVE-2025-49688

Virtual Hard Disk (VHDX) CVE-2025-49689

Capability Access Management Service (camsvc) CVE-2025-49690

Windows Media CVE-2025-49691

Microsoft Brokering File System CVE-2025-49693

Microsoft Brokering File System CVE-2025-49694

Microsoft Office CVE-2025-49695

Microsoft Office CVE-2025-49696

Microsoft Office CVE-2025-49697

Microsoft Office Word CVE-2025-49698

Microsoft Office CVE-2025-49699 Microsoft Office Word CVE-2025-49700

Microsoft Office SharePoint CVE-2025-49701

Microsoft Office CVE-2025-49702

Microsoft Office Word CVE-2025-49703

Microsoft Office SharePoint CVE-2025-49704

Microsoft Office PowerPoint CVE-2025-49705

Microsoft Office SharePoint CVE-2025-49706

Microsoft Office Excel CVE-2025-49711

Microsoft Edge (Chromium-based) CVE-2025-49713

Visual Studio Code - Python extension CVE-2025-49714

Windows Netlogon CVE-2025-49716

SQL Server CVE-2025-49717

SQL Server CVE-2025-49718

SQL Server CVE-2025-49719

Windows Fast FAT Driver CVE-2025-49721

Windows Print Spooler Components CVE-2025-49722

Windows StateRepository API CVE-2025-49723

Windows Connected Devices Platform Service CVE-2025-49724

Windows Notification CVE-2025-49725

Windows Notification CVE-2025-49726

Windows Win32K - GRFX CVE-2025-49727

Windows Routing and Remote Access Service (RRAS) CVE-2025-49729

Microsoft Windows QoS scheduler CVE-2025-49730

Microsoft Teams CVE-2025-49731

Microsoft Graphics Component CVE-2025-49732

Windows Win32K - ICOMP CVE-2025-49733

Windows KDC Proxy Service (KPSSVC) CVE-2025-49735

Microsoft Teams CVE-2025-49737

Microsoft PC Manager CVE-2025-49738

Visual Studio CVE-2025-49739

Windows SmartScreen CVE-2025-49740

Microsoft Edge (Chromium-based) CVE-2025-49741

Microsoft Graphics Component CVE-2025-49742

Microsoft Graphics Component CVE-2025-49744

Windows Routing and Remote Access Service (RRAS) CVE-2025-49753

Office Developer Platform CVE-2025-49756

Windows Storage CVE-2025-49760


We are republishing 10 non-Microsoft CVEs:

CNA Tag CVE FAQs? Workarounds? Mitigations?

MITRE Visual Studio CVE-2025-27613

MITRE Visual Studio CVE-2025-27614

AMD AMD Store Queue CVE-2025-36350

AMD AMD L1 Data Queue CVE-2025-36357

MITRE Visual Studio CVE-2025-46334

MITRE Visual Studio CVE-2025-46835

MITRE Visual Studio CVE-2025-48384

MITRE Visual Studio CVE-2025-48385

MITRE Visual Studio CVE-2025-48386

Chrome Microsoft Edge (Chromium-based) CVE-2025-6554


Security Update Guide Blog Posts

Date Blog Post

November 12, 2024 Toward greater transparency: Publishing machine-readable CSAF files

June 27, 2024 Toward greater transparency: Unveiling Cloud Service CVEs

April 9, 2024 Toward greater transparency: Security Update Guide now shares CWEs for CVEs

January 6, 2023 Publishing CBL-Mariner CVEs on the Security Update Guide CVRF API

January 11, 2022 Coming Soon: New Security Update Guide Notification System

February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API

January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners

December 8, 2020 Security Update Guide: Let’s keep the conversation going

November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide


Relevant Resources

• The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
  
  
• Windows 10 and Windows 11 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10 and Windows 11, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 and Windows 11 operating systems, please see Windows Lifecycle Facts Sheet.
  
  
• Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
  
  
• A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
  
  
• In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
  
  
• Customers running Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
  

Known Issues

You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.


For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).


KB Article Applies To

5062554 Windows 10, version 21H2, Windows 10, version 22H2

5062557 Windows 10, version 1809, Windows Server 2019

5062560 Windows 10, version 1607, Windows Server 2016

5062572 Windows Server 2022

5062618 Windows Server 2008 (Security-only update)

5062624 Windows Server 2008 (Monthly Rollup)

Released: Jul 8, 2025


July 2025 Security Updates - Release Notes - Security Update Guide - Microsoft