Patch Tuesday: Microsoft Patches 68 Security Flaws, Including One for Targeted Espionage
techrepublic.comSecurity experts offer their takes on some of the flaws, including a set of vulnerabilities that could enable remote code execution in Microsoft Office.
Microsoft patched 68 vulnerabilities in the June Patch Tuesday roundup. The most high-profile CVE this month is CVE-2025-33053, which had already been exploited; Check Point Research discovered it has been used by Stealth Falcon, an advanced threat actor group, which had used it to spy on a defense company in Turkey and other defense organizations in the Middle East.
WebDAV flaw actively exploited for targeted espionage
CVE-2025-33053 spreads through a malicious URL or file delivered through social engineering. Check Point Research discovered it in March and disclosed the vulnerability’s use of a previously unknown method of executing files on a Web Distributed Authoring and Versioning (WebDAV) server. Using WebDAV, a deprecated HTTP extension, the attackers executed a malicious file through a PDF document.
“Given the ...
Copyright of this story solely belongs to techrepublic.com . To see the full text click HERE