On June 10, Microsoft released its Patch Tuesday update, offering relief as administrators faced only 70 security flaws for remediation. This included two urgent vulnerabilities, CVE-2025-33053, a remote code execution flaw in WEBDAV, and CVE-2025-33073, an elevation of privilege issue in SMB Client, both rated with an 8.8 CVSS score. The RCE vulnerability is actively being exploited, while the EoP vulnerability has proof-of-concept code released. The necessity for patches is heightened by the legacy use of Internet Explorer within enterprise systems, complicating the update process.
This vulnerability allows attackers to execute remote code on affected systems when users click on malicious URLs, significantly impacting enterprise environments that utilize WebDAV.
Microsoft's recent Patch Tuesday led to a lighter load for admins, focusing on two critical CVEs, one of which is already exploited in the wild.
Collection
[
|
...
]