July 2025 Patch Tuesday Updates are Now Available on Windows 11 and Windows 10

Microsoft has released today the July 2025 Patch Tuesday updates for Windows 11 and Windows 10. This month, Microsoft fixed 130 vulnerabilities in Windows, Office, Azure, Teams, Hyper-V, Windows BitLocker, and other components, and you can also expect the usual bug fixes and quality improvements.

Windows 11 has finally become the most popular version of the operating system, surpassing Windows 10. According to StatCounter, Windows 11 held a 52% market share, while Windows 10 dropped to 44.59% in July 2025. This shift is influenced by the upcoming end of support on October 14, 2025.

July 2025 Patch Tuesday updates fix 130 vulnerabilities

According to the Zero Day Initiative, Microsoft released a total of 130 patches yesterday, with fixes for 10 critical vulnerabilities. However, none of them are already being exploited by attackers.

Here are the most important vulnerabilities you should know about this month:

• CVE-2025-47981: This is a heap-based buffer overflow in the Windows SPNEGO Extended Negotiation mechanism. A remote hacker could exploit it by crafting a specially crafted message and running arbitrary code on a vulnerable machine.

• CVE-2025-49701 and CVE-2025-49704: These vulnerabilities could be exploited by an attacker authenticated with site owner privileges on a vulnerable SharePoint server. Microsoft advises SharePoint admins to patch these security flaws as soon as possible.

• CVE-2025-48799: This is an elevation of privilege vulnerability that affects the Windows Update Service. Microsoft believes that attackers are more likely to exploit this security flaw and recommends immediate patching.

• CVE-2025-49717: This is an SQL Server vulnerability that could allow remote code execution within the database engine as well as on the host OS. An attacker could abuse stolen credentials or app flaws to escalate privileges, deploy ransomware, or move laterally in a compromised network.

• CVE-2025-49696: This vulnerability could be exploited locally by an attacker via the Preview Pane in Microsoft Office. Cybercriminals could carry out an attack by combining an out-of-bounds read and heap-based buffer overflow, and doesn’t require authentication.

• CVE-2025-49698, 2025-49700, and 2025-49703: The important-rated vulnerabilities in Microsoft Word are use-after-free flaws that are technically difficult to exploit due to modern protections like ASLR. However, their risk is elevated because they can be triggered through the Preview Pane.

Here’s the full list of CVEs Microsoft released this month:

Quality and experience updates

For users running Windows 11 version 24H2, the KB5062553 patch brings various quality improvements, including a new Settings homepage for commercial customers. This new homepage will show cards relevant to enterprise-managed Windows 11 devices, including “Recommended settings” and “Bluetooth devices.” There are also two new enterprise-specific device info and accessibility preferences cards.

For Windows 10, the KB5062554 update is now available for users running version 22H2 of the operating system. This release fixes an issue affecting USB-connected Multi-Function printers with dual protocol interfaces.

Windows Update testing and best practices

Organizations looking to deploy this month’s patches should conduct thorough testing before deploying them widely on production systems. That said, applying the patches widely shouldn’t be delayed longer than necessary, as hackers start to work out how to weaponize newly reported vulnerabilities.

A best practice is to make sure you have backed up systems before applying updates. Every month, users experience issues with Windows updates that lead to systems not booting, application and hardware compatibility issues, or even data loss in extreme cases.

There are backup tools built into Windows and Windows Server that you can use to restore systems in the event a patch causes a problem. The backup features in Windows can be used to restore an entire system or files and folders on a granular basis.