Microsoft Patches 6 Zero-Day Bugs, 50+ Security Updates in June
Microsoft has released over 50 security updates for Windows operating systems, addressing several critical vulnerabilities. Notably, this is the sixth consecutive month without any zero-day vulnerabilities rated as critical at publication.
Among the patched issues, ESET discovered a zero-day bug (CVE-2025-24983) in older Windows versions, exploited via the PipeMagic backdoor. Additionally, Microsoft fixed several NTFS vulnerabilities, including CVE-2025-24993 which could lead to local code execution, and CVE-2025-24984 that can dump heap memory into a log file. Another notable fix is CVE-2025-26633, a weakness in Microsoft Management Console that requires opening a malicious file.
Microsoft also addressed CVE-2025-24985, which could allow attackers to install malicious code by mounting a malicious virtual hard drive. The company fixed six other 'critical' vulnerabilities this month, including two in NTFS and CVE-2025-24991, an NTFS vulnerability that could cause NTFS to disclose memory portions.
In total, Microsoft patched six zero-day vulnerabilities, including two in NTFS. Users are advised to apply these updates promptly to protect against potential security threats.
Read also:
- Pablo Escobar's Former Estate 'Hacienda Nápoles' to Be Transformed by Women's Organization
- Emergency services of the future revealed by Renault with the introduction of the Vision 4Rescue vehicle.
- SonicWall executive Michael Crean discusses the current state of managed security
- Companies exercise prudence towards AI adoption, ensuring secure implementation: Exploring safeguards and strategies.
