Fortra’s June 2025 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft.
Up first on the list are patches for Microsoft Edge (Chromium-based) that resolves 2 issues, including out of bounds read/write and use after free vulnerabilities.
Next on the list are patches for Microsoft Office, Word, Excel, PowerPoint, and Outlook. These patches resolve 14 remote code execution vulnerabilities.
Up next are patches that affect components of the core Windows operating system. These patches resolve over 40 vulnerabilities, including elevation of privilege, denial of service, information disclosure, and remote code execution vulnerabilities. These vulnerabilities affect Kernel, DWM Core Library, Remote Desktop Client, Routing and Remote Access Service (RRAS), Installer, Media, SMB, and various others.
Next are patches for .NET and Visual Studio that resolve 2 remote code execution vulnerabilities.
Lastly, administrators should focus on server-side patches for SharePoint and DHCP server that resolve 3 remote code execution and 2 denial of service vulnerabilities.
| BULLETIN | CVE |
|---|---|
| Microsoft Edge (Chromium-based) | CVE-2025-5068, CVE-2025-5419 |
| Microsoft Office Word | CVE-2025-47170, CVE-2025-47957, CVE-2025-47169, CVE-2025-47168 |
| Microsoft Office Outlook | CVE-2025-47176, CVE-2025-47171 |
| Microsoft Office | CVE-2025-47167, CVE-2025-47173, CVE-2025-47953, CVE-2025-47162, CVE-2025-47164 |
| Microsoft Office PowerPoint | CVE-2025-47175 |
| Microsoft Office Excel | CVE-2025-47174, CVE-2025-47165 |
| Windows | CVE-2025-33070, CVE-2025-33053, CVE-2025-33071, CVE-2025-32716, CVE-2025-33056, CVE-2025-29828, CVE-2025-33075, CVE-2025-32714, CVE-2025-32713, CVE-2025-47968, CVE-2025-3052, CVE-2025-33058, CVE-2025-33059, CVE-2025-33055, CVE-2025-24065, CVE-2025-33061, CVE-2025-24069, CVE-2025-24068, CVE-2025-32719, CVE-2025-33065, CVE-2025-33060, CVE-2025-33063, CVE-2025-33062, CVE-2025-32720, CVE-2025-32712, CVE-2025-47962, CVE-2025-33067, CVE-2025-33052, CVE-2025-32724, CVE-2025-47955, CVE-2025-47160, CVE-2025-33068, CVE-2025-33057, CVE-2025-32710, CVE-2025-47956, CVE-2025-47966, CVE-2025-33064, CVE-2025-33066, CVE-2025-33069, CVE-2025-32721, CVE-2025-32722, CVE-2025-32715, CVE-2025-33073, CVE-2025-32718, CVE-2025-47969 |
| .NET and Visual Studio | CVE-2025-30399, CVE-2025-47959 |
| Microsoft Office SharePoint | CVE-2025-47172, CVE-2025-47163, CVE-2025-47166 |
| Windows DHCP Server | CVE-2025-32725, CVE-2025-33050 |
Cybercrime Intelligence Shouldn't Be Siloed
Fortra® experts are dedicated to protecting organizations and the public by delivering the latest insights, data, and defenses to strengthen security against emerging cyber threats.
