The June 2025 Security Update Review

Adobe and Microsoft released their June 2025 security updates: Adobe fixed 254 CVEs (primarily 225 XSS issues in Experience Manager plus several code-execution bugs across products), while Microsoft patched 66 Windows/Office-related CVEs (including 10 Critical issues). Notable Microsoft vulnerabilities include CVE-2025-33053 (WEBDAV RCE reported as under active attack), a Netlogon elevation-of-privilege affecting domain controllers, an SMB client elevation-of-privilege, and Office RCEs exploitable via the Preview Pane.