As Bleeping Computer outlines, this month's patch fixes 13 elevation-of-privilege flaws, three security-feature-bypass flaws, 25 remote-code-execution flaws, 17 information-disclosure flaws, six denial-of-service flaws, and two spoofing flaws. Eight of the remote-code-execution vulnerabilities are labeled "critical" along with two elevation-of-privilege flaws.
The active exploit (CVE-2025-33053) is a remote-code-execution flaw in Microsoft Windows Web Distributed Authoring and Versioning, which would allow threat actors to execute arbitrary code on the affected system in the event that a user clicks on a "specially crafted" WebDav URL. This vulnerability was discovered by Check Point Research and exploited by a group called "Stealth Falcon."
Five of the critical vulnerabilities patched this month are in Microsoft Office, including Excel and SharePoint. The remaining issues were spread across Power Automate, Windows Cryptographic Services, Windows KDC Proxy Service, Windows Netlogon, and Windows Remote Desktop Services.
What Microsoft users need to do now
Settings > Windows Update and selecting Check for Windows updates.
Microsoft typically releases Patch Tuesday fixes on the second Tuesday of the month. Timely updates are essential to minimizing the risk that your device or system will be vulnerable to exploits.
Read More Details
Finally We wish PressBee provided you with enough information of ( Microsoft's Latest Update Patches Two Zero-Day Flaws )
Also on site :