Keep attempting to improve your SEO strategies for August 2025 Patch Tuesday.

July turned into a surprisingly busy month for cybersecurity. It began slowly with a relatively calm Patch Tuesday, as forecasted in the previous blog. Although 130 new Common Vulnerabilities and Exposures (CVEs) were addressed across all Microsoft releases, only one CVE was publicly disclosed, indicating a low risk. However, the situation escalated when two CVEs in SharePoint were reported as exploited, leading to a flurry of hotfixes towards the end of the month. The month also saw security configuration issues with Microsoft Exchange Server, alongside significant updates from Google and Apple, culminating in a period of heightened activity.

The Cybersecurity and Infrastructure Security Agency (CISA) flagged SharePoint flaws as Microsoft issued new fixes. It often takes multiple iterations to fully resolve a vulnerability, a lesson Microsoft learned with recent SharePoint fixes. Earlier in the year, during the Berlin Pwn2Own contest, a series of vulnerabilities known as the ‘ToolShell’ chain were exploited and subsequently patched in the July 2025 Patch Tuesday updates. Key vulnerabilities included CVE-2025-49704, a SharePoint Remote Code Execution Vulnerability, and CVE-2025-49706, a SharePoint Server Spoofing Vulnerability. Shortly after these updates, reports emerged that the fixes had been bypassed, resulting in compromises for many organisations. On July 19th, Microsoft released a more robust fix addressing vulnerabilities CVE-2025-53770 and CVE-2025-53771, with separate releases for various SharePoint Server editions. Microsoft also recommended rotating the associated machine keys on impacted servers, as ransomware was reported to exploit the ToolShell attack chain. CISA included these vulnerabilities in its catalogue for immediate remediation by federal agencies, and hotfixes are anticipated to be part of the August Patch Tuesday releases.

In addition to Microsoft’s updates, a zero-day vulnerability in Chromium and numerous Apple CVEs were addressed in recent releases. Microsoft issued CVE-2025-53786 to tackle security issues related to Microsoft Exchange Server in hybrid environments. This CVE linked the April update and security hotfix with a series of instructions for securing on-premise Microsoft Exchange Server and Exchange Online. These systems share sensitive credentials and data, such as calendars and email contact lists, which can lead to compromises with minimal logging to trace the incidents. An Exchange Server blog provided extensive details on the upcoming end-of-life for Exchange products and migration options to more secure configurations. Other significant updates included Google’s weekly updates to the Chromium browser, with a release on July 16th addressing several vulnerabilities, including the zero-day CVE-2025-6558, which allowed remote attackers to potentially perform a sandbox escape. Apple also released important updates during this period. 

Categories: Vulnerability Management, Software Updates, Cybersecurity Threats 

Tags: July, CVEs, Microsoft, SharePoint, Vulnerability, Hotfixes, Exchange Server, Ransomware, Chromium, Apple