Microsoft has released security updates to fix at least 137 vulnerabilities in Windows and supported software.
It is advised that these are installed as soon as possible, particularly the 14 ‘critical’ flaws that could potentially allow an attacker to take control of a vulnerable Windows PC without any interaction required from a user.
The July update addresses a SQL Server information disclosure vulnerability, CVE-2025-49719, which is rated as less likely to be exploited but due to the availability of proof-of-concept code, it should be treated as a priority.
Also highlighted by security researchers is CVE-2025-47981, a pre-authentication remote code execution bug in Windows servers and clients; all versions of Windows Client and Server are vulnerable, as is Adobe Audition, After Effects, Illustrator, FrameMaker and ColdFusion.