On July 8, 2025, Microsoft released its monthly Patch Tuesday update, addressing 130+ vulnerabilities across its product portfolio. This cycle includes 10 critical-rated bugs, with one publicly disclosed zero-day vulnerability affecting Microsoft SQL Server.  

Below are some of the highlighted vulnerabilities. 

SQL Server Zero-Day: CVE-2025-49719 

Severity: High CVSS 7.5 

Impact: Information Disclosure 

Affected versions: Microsoft SQL Server 2016, 2017, 2019, 2022 

CVE-2025-49719 is a high-severity vulnerability in Microsoft SQL Server's input validation mechanisms. It allows unauthenticated, remote attackers to send specially crafted requests that cause improper input processing—leading to unintended memory exposure over the network. 

Mitigations: 

  • Patch Immediately: Install the latest cumulative updates for SQL Server to address these issues. 
  • Reduce attack surface: Limit the exposure of SQL servers if possible 

Connected Devices Platform Service RCE: CVE202549724 

Severity: High CVSS 8.8 

Impact: Remote Code Exectution 

Affected versions: Windows 10, Windows 11, Windows Server 2019, Windows Server 2022, Windows Server 2025 

This vulnerability is a network-facing use-after-free in CDPSvc, rated CVSS 8.8, allowing unauthenticated remote code execution requiring user interaction (e.g. clicking a prompt) and affecting high-impact system services. 

Although CDPSvc normally is not exposed over internet, it can still be targeted by an attacker to achieve lateral movement due to how common CDPSvc is once initial access has been achieved. 

Mitigations: 

  • Apply the Microsoft Patch Immediately 
  • Disable Nearby Sharing (If Not Needed) 

Microsoft Office RCE via Preview Pane CVE202549695 & CVE202549696 

Severity: High CVSS 8.4 

Impact: Remote Code Exectution 

Affected versions: Microsoft 365 Apps for Enterprise, Office 2016, Office 2019 

Microsoft has disclosed and patched two critical vulnerabilities in Microsoft Office – CVE202549695 (Use-After-Free) and CVE202549696 (Heap Buffer Overflow). These vulnerabilities enable attackers to execute arbitrary code simply by having a user preview a malicious document, making them particularly dangerous in phishing campaigns or through file shares. 

No user interaction is required beyond opening a folder or previewing an attachment, making exploitation low-complexity and high-impact. 

Mitigations: 

  • Patch Immediately: Upgrade Office to the latest version that addresses these CVEs. 
  • Disable Preview Pane 

If you are worried about any of the threats outlined in this bulletin or need help in determining what steps you should take to protect yourself from the most material threats facing your organisation, please contact your account manager, or alternatively Get in touch to find out how you can protect your organisation.