Quote:The July 2025 security updates for Windows and other Microsoft products are now available. Microsoft released the updates a moment ago. This overview offers detailed information about the released updates to inform system administrators and home users alike.

The overview lists download and resource links for each update, known issues as confirmed by Microsoft, and more.

Microsoft Windows Security Updates: July 2025

You may download the following Excel spreadsheet to get a list of released updates. Click on the following link to download the archive to the local device: Microsoft Windows July 2025 security updates

Executive Summary

• Microsoft released a total of 130 security updates for various Microsoft products and 10 security update for non-Microsoft issues (e.g. Chromium).
  
• Windows clients with issues:
  • Windows 10 version 1607, 1809, 21H2, and 22H2
    
  • Windows 11: none
    
• Windows Server clients with issues:
  • Windows Server 2008, Windows Server 2016, 2019, 2022
    

Product overview

Each supported version of Windows and their critical vulnerabilities are listed below.

• Windows 10 version 22H2: 73 vulnerabilities, 6 critical, 65 important, 1 moderate, 1 low
  • AMD: CVE-2024-36350 Transient Scheduler Attack in Store Queue -- CVE-2025-36350
    
  • AMD: CVE-2025-36357 Transient Scheduler Attack in L1 Data Queue --CVE-2025-36357
    
  • Windows Imaging Component Information Disclosure Vulnerability -- CVE-2025-47980
    
  • SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability -- CVE-2025-47981
    
  • Windows Hyper-V Discrete Device Assignment (DDA) Remote Code Execution Vulnerability -- CVE-2025-48822
    
• Windows 11 version 22H2 and 23H2: 76 vulnerabilities, 5 critical, 69 important, 1 moderate, 1 critical
  • AMD: CVE-2024-36350 Transient Scheduler Attack in Store Queue -- CVE-2025-36350
    
  • AMD: CVE-2025-36357 Transient Scheduler Attack in L1 Data Queue --CVE-2025-36357
    
  • Windows Imaging Component Information Disclosure Vulnerability -- CVE-2025-47980
    
  • SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability -- CVE-2025-47981
    
  • Windows Hyper-V Discrete Device Assignment (DDA) Remote Code Execution Vulnerability -- CVE-2025-48822
    
• Windows 11 version 24H2: 77 vulnerabilities, 5 critical, 70 important, 1 moderate,1  low
  • Same as Windows 11 version 22H2 and 23H2.
    

Windows Server products

• Windows Server 2008 R2 (extended support only): 49 vulnerabilities: 1 critical,  48 important
  • Windows Imaging Component Information Disclosure Vulnerability -- CVE-2025-47980
    
• Windows Server 2016: 84 vulnerabilities: 6 critical, 77 important, 1 low
  • Windows Imaging Component Information Disclosure Vulnerability -- CVE-2025-47980
    
  • AMD: CVE-2024-36350 Transient Scheduler Attack in Store Queue -- CVE-2025-36350
    
  • AMD: CVE-2025-36357 Transient Scheduler Attack in L1 Data Queue --
    CVE-2025-36357
    
  • Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability -- CVE-2025-49735
    
  • Windows Imaging Component Information Disclosure Vulnerability -- CVE-2025-47980
    
  • SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability -- CVE-2025-47981
    
  • Windows Hyper-V Discrete Device Assignment (DDA) Remote Code Execution Vulnerability -- CVE-2025-48822
    
• Windows Server 2019: 90 vulnerabilities: 6 critical, 82 important, 1 moderate.  1 low
  • Same as Windows Server 2016
    
• Windows Server 2022: 93 vulnerabilities: 6 critical, 85 important, 1 moderate, 1 low
  • Same as Windows Server 2016
    
• Windows Server 2025:  99  vulnerabilities: 6 critical, 91 important, 1 moderate, 1 low
  • Same as Windows Server 2016
    

Continue Reading...