Microsoft has launched fixes for the 137 safety flaws, together with one Zero-Day vulnerability and 14 vital flaws for Home windows, as a part of its July 2025 Patch Tuesday launch. Out of the 14 vital flaws, the corporate recognized and glued 10 distant code execution flaws, one data disclosure challenge, and two AMD aspect channel assault flaws. In its June 2025 Patch Tuesday Launch, the US-based tech big had fastened 67 safety flaws, together with two Zero-Day vulnerabilities.

Microsoft Fixes Zero-Day Flaw within the SQL Server

Microsoft, within the release notes, revealed that the corporate July 2025 safety replace fixes 137 Home windows safety vulnerabilities. This included one publicly disclosed Zero-Day flaw that impacts the SQL Server. The corporate acknowledged, “Improper enter validation in SQL Server permits an unauthorised attacker to reveal data over a community.”

In response to Microsoft’s website, zero-day vulnerabilites are software program flaws that do not have any official patch or replace but. Most instances, even the software program writer has no concept that the vulnerability exists. Such flaws are often exploited by unhealthy actors and are extremely extreme.

The tech big stated that the vulnerabilities had been found by Vladimir Aleksic with Microsoft. Nonetheless, the corporate did not disclose particulars concerning how the Zero-Day vulnerability grew to become publicly recognized.

Microsoft additionally fastened 14 vital vulnerabilities, together with 10 distant code execution flaws, one data disclosure flaw, and two AMD aspect channel assault vulnerabilities. In its July 2025 Patch Tuesday replace Microsoft additionally patched 53 elevation of privilege vulnerabilities, eight safety characteristic bypass vulnerabilities, 41 distant code execution vulnerabilities, 18 data disclosure vulnerabilities, six denial of service vulnerabilities, and 4 spoofing flaws.

For context, in its June 2025 Patch Tuesday replace, Microsoft rolled out fixes for 67 safety flaws that affected numerous services. The US-based firm fastened 14 vulnerabilities that might have led to an escalation of privilege, 26 distant code execution vulnerabilities, and 17 different points that might have led to data disclosure.