Microsoft July 2025 Patch Tuesday Update for windows 11 and 10

Microsoft’s July 2025 Patch Tuesday update was released with critical security fixes, performance improvements, and new features for Windows 10, Windows 11, and Windows Server. This time, Microsoft fixes 130 vulnerabilities across its software ecosystem, including fixes for a critical zero-day vulnerability in SQL Server (CVE-2025-49719) and several other high-severity flaws, such as remote code execution (RCE) and elevation of privilege issues. Beyond security, both Windows 10 and Windows 11 also receive various quality-of-life enhancements and new functionalities, particularly for Windows 11 24H2. These updates are important and should be installed as soon as possible to protect your device from potential attacks and exploits. Let’s look at the highlights of the Microsoft Patch Tuesday update in July 2025 for Windows 11 and Windows 10.

What is the Patch Tuesday Update?

Microsoft Patch Tuesday Update, the colloquial term for Microsoft’s Update Tuesday, falls on the second Tuesday of every month and brings security updates to fix vulnerabilities or recent bugs.

A vulnerability is a weakness or flaw in a software or hardware component that an attacker could exploit to gain unauthorized access, execute malicious code, or cause damage or disruption. A bug is an error or defect in a software or hardware component that could cause it to malfunction or behave unexpectedly.

A security update is a software patch that fixes or mitigates one or more vulnerabilities or bugs.

A security update can have different ratings depending on the severity and impact of the vulnerability or bug it addresses. Microsoft uses four ratings: critical, important, moderate, and low.

• The critical update fixes a vulnerability that could allow an attacker to take complete control of a system without user interaction.
• An Important update fixes a vulnerability that could compromise data or functionality but requires user interaction or specific conditions.
• A moderate update fixes a vulnerability that is unlikely to be exploited but could still have some impact.
• A Low update fixes a vulnerability that is very unlikely to be exploited and has minimal impact.

Microsoft Patch Tuesday update July 2025

Microsoft’s July 2025 Patch Tuesday addresses 130 vulnerabilities, including one publicly disclosed zero-day vulnerability in Microsoft SQL Server. It also patches fourteen “Critical” vulnerabilities, ten of which are remote code execution vulnerabilities, one is an information disclosure, and two are AMD side channel attack flaws.

One Publicly Disclosed Zero-Day:

A significant information disclosure vulnerability (CVE-2025-49719) in Microsoft SQL Server was patched. This zero-day could allow unauthenticated attackers to leak information over the network, potentially exposing sensitive information like authentication credentials. While publicly disclosed, it was not actively exploited before the patches were released.

14 Critical Vulnerabilities:

Microsoft also fixed ten critical remote code execution flaws in Microsoft Office and SharePoint that can be exploited simply by opening a specially crafted document or when viewed through the preview pane.

For example, CVE-2025-49704 in SharePoint enables unauthenticated RCE over the internet for attackers with platform accounts, making it a high-priority patch.

CVE-2025-47981, a heap-based buffer overflow vulnerability in the NEGOEX mechanism, allows unauthenticated attackers to execute arbitrary code remotely without user interaction or elevated privileges. Similarly, CVE-2025-49735 in the Windows KDC Proxy Service (KPSSVC), commonly used in remote authentication scenarios like Azure Virtual Desktop, could be exploited via a use-after-free flaw to gain remote code execution without authentication.

In virtualization environments, CVE-2025-48822 stands out as a critical vulnerability in Hyper-V’s Discrete Device Assignment (DDA). This out-of-bounds read issue could let attackers execute code remotely by targeting virtual machines with PCI passthrough enabled.

For enterprise-grade databases, CVE-2025-49717 introduces a serious risk in Microsoft SQL Server due to a heap-based buffer overflow that could be exploited by authenticated users to gain remote code execution.

Additionally, AMD disclosed two vulnerabilities, CVE-2025-36357 and CVE-2024-36350, affecting certain processor models. These transient execution attacks target the L1 data queue and require both firmware and a Windows update for proper mitigation, as detailed in AMD-SB-7029.

The detailed breakdown by category is as follows:

Mandatory Updates for Windows 11: KB5062553 and KB5062552

For Windows 11 users, Microsoft rolled out two mandatory cumulative updates: KB5062553 for version 24H2 and KB5062552 for versions 23H2 and 22H2. These updates incorporate the July 2025 security patches, including fixes for the zero-days and critical vulnerabilities listed above, and address issues from previous months.

• Windows 11 24H2 (KB5062553): Updates systems to Build 26100.4652 and focuses on improving usability, accessibility, and compliance. It includes A new “Show smaller taskbar buttons” option in Settings > Personalization > Taskbar allows users to resize app icons to fit more on the taskbar. The Windows Share interface now supports image compression before sharing, and the Windows Backup app introduces a preview of a new “Transfer to a new PC” feature. Users with a Copilot+ PC and a Microsoft 365 license will find a new action to copy and paste selected images or text directly into the Copilot app for querying. Enterprise devices see a redesigned Settings homepage with contextual cards like Bluetooth and recommended settings.
• Windows 11 23H2 and 22H2 (KB5062552): Updates systems to Build 22631.5624. This update delivers similar security patches and fixes, ensuring consistency across supported Windows 11 versions.

These updates also enhance the servicing stack, ensuring a reliable update process. You can download these patches via Windows Update or from the Microsoft Update Catalog.

Windows 10 Updates: KB5062554 and KB5062557

Windows 10 users, particularly those on versions 21H2 and 22H2, received the KB5062554  cumulative update. Additional updates, such as KB5062557 released for older Windows 10 version 1809, ensuring legacy systems remain protected. These updates focus on security with no reported known issues. With Windows 10’s end of support on October 14, 2025, Microsoft urges users to upgrade to Windows 11 or explore Extended Security Updates (ESU).

• Updated: Country and Operator Settings Asset (COSA) profiles.
• Fixed: An issue where the system may stop responding when acknowledging an Oplock break request on resources located on SMB shares.
• Fixed: An issue where Kiosk devices using the ForceAutoLogon configuration and Shift Override might stop responding with a blue screen after being locked and unlocked by support administrators.
• Fixed: An issue affecting the complete removal of unused language packs and Feature on Demand (FOD) packages. This issue led to unnecessary storage use and increased Windows update installation time.
• Fixed: An issue affecting Component Object Model (COM) functionality on Windows platforms. Remote COM activations were failing with error 0x8001011.

Download the Microsoft Security Update

To download and install the updates, users can use Windows Update, Microsoft Update Catalog, or other tools such as Windows Server Update Services (WSUS) or System Center Configuration Manager (SCCM).

Usually, security updates are automatically downloaded and installed via Windows Update. Or you can force Windows update from settings, Windows Update, and check for updates to download and install the latest patch updates immediately.

Microsoft has published download links for Windows update offline installers if you prefer manual installation over Windows Update.

• Windows 11 KB5062553 (Version 24H2) offline installer Direct Download Link 64-bit.
• Windows 11 KB5062552 (Version 23H2/22H2) offline installer Direct Download Link 64-bit.
• Windows 10 KB5062554 (For versions 22H2 and 21H1) Direct Download Links: 64-bit and 32-bit (x86).

Windows 10 KB5058392 (for version 1809) Offline Download Links

• KB5062557 64-bit | Download (705 MB)
• KB5062557 32-bit | Download (380.3 MB)

If you are looking for the Windows 10 version 22H2 ISO image, click here.

Or check How to Upgrade to Windows 11 version 24H2 Using the media creation tool.

If you face any difficulty while installing these updates, check the Windows 11 Update troubleshooting guide to fix the Windows 11 update KB5062553 stuck downloading, failed to install with different errors, etc.

FAQ on Patch Tuesday update

What is Patch Tuesday?

• Patch Tuesday is the colloquial term for Microsoft’s Update Tuesday, which falls on the second Tuesday of every month.

When is Patch Tuesday?

• Patch Tuesday falls on the second Tuesday of each month. The upcoming Patch Tuesday is on August 12, 2025.

What is patching, and why is it important?

• Patches are nothing but pieces of software code that are written to fix a bug in a software application that might lead to a vulnerability.

What kind of patch updates are released during Patch Tuesday?

• Predominantly, security patch updates of varying severity, like Critical, Important, Moderate and low, are labeled and released.

What are CVE IDs?

• CVE ID – Common Vulnerabilities and Exposures ID is a format in which each vulnerability is disclosed and cataloged in the National Vulnerability Database (NVD).

Also Read

• Complete Review of Microsoft Windows 10 Operating system
• Solved: Microsoft Edge not working after the Windows 10 update
• can’t connect securely to this page ie11 or Edge Windows 10
• Windows 10 Stuck Preparing Automatic Repair? Here is how to fix
• Everything About IP (Internet Protocol) Address – Purpose to Benefits explained