SANS Stormcast Wednesday, July 9th, 2025: Microsoft Patches; Opposum Attack;
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
SANS ISC Handlers
4.9 • 696 Ratings
🗓️ 9 July 2025
⏱️ 8 minutes
🧾️ Download transcript
Summary
Microsoft Patch Tuesday, July 2025
Today, Microsoft released patches for 130 Microsoft vulnerabilities and 9 additional vulnerabilities not part of Microsoft's portfolio but distributed by Microsoft. 14 of these are rated critical. Only one of the vulnerabilities was disclosed before being patched, and none of the vulnerabilities have so far been exploited.
https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%2C%20July%202025/32088
Opposum Attack
If a TLS server is configured to allow switching from HTTP to HTTPS on a specific port, an attacker may be able to inject a request into the data stream.
https://opossum-attack.com/
Ivanti Security Updates
Ivanty fixed vulnerabilities in Ivanty Connect Secure, EPMM, and EPM. In particular the password decryption vulnerabliity may be interesting.
https://www.ivanti.com/blog/july-security-update-2025
Transcript
Click on a timestamp to play from that location
| 0:00.0 | Hello and welcome to the Wednesday, July 9th, 2025 edition of the Sands Internet Storm Centers. |
| 0:08.1 | Stormcast, my name is Johannes Ulrich, and this episode brought you by the Sands.edu graduate certificate program in cloud security is recorded in Jacksonville, Florida. |
| 0:20.9 | Well, of course, today we have to start with Microsoft Patch Tuesday. |
| 0:24.4 | We got our July patches from Microsoft. |
| 0:28.7 | Microsoft released a total of 139 patches. |
| 0:32.5 | Now, 130 of those vulnerabilities are in Microsoft's own software. |
| 0:37.9 | You had seven vulnerabilities in Git, interestingly, that were included in this update. |
| 0:43.4 | And then to Chrome and with that Microsoft Edge-related vulnerabilities |
| 0:49.3 | that were actually already released a couple of days ago. |
| 0:56.5 | Among the vulnerabilities that Microsoft patched, I think there are five that I would sort of consider noteworthy. I started out here |
| 1:02.7 | with the Microsoft Office vulnerabilities. There are two vulnerabilities that are critical, |
| 1:08.3 | that are remote code execution vulnerabilities, |
| 1:14.6 | and where Microsoft considers exploitation more likely, |
| 1:18.3 | meaning that these are not super complex exploits. |
| 1:25.5 | The reason they are rated critical instead of important is that they don't require any user interaction. |
| 1:29.7 | The user does not have to actually open the document. |
| 1:34.1 | This is exploitable just via the preview feature. |
| 1:38.8 | Then next, we do have a vulnerability in the Microsoft SQL. There are actually two vulnerabilities. |
| 1:40.6 | The one is information disclosure |
| 1:45.1 | vulnerability. What's |
| 1:47.3 | sort of interesting about this is that first of all, it has |
| 1:49.9 | already been made public. And to patch the |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2025.