Patch tracker / KB5060842
KB5060842
Microsoft security update released 2025-07-08. Fixes 40 CVEs.
HighCISA KEV
Download KB5060842
Get the official update for KB5060842. The download and file size for each supported product are on the Microsoft Update Catalog page.
Update summary
Released
2025-07-08
CVEs fixed
40
Max CVSS
8.8
Severity
High
Exploitation and severity
Fixes 40 CVEs. At least one is actively exploited (CISA KEV). Most severe CVSS 8.8 (High). EPSS exploit probability up to 82%.
Among the top 10% of tracked Microsoft updates by EPSS exploit probability.
What to do
Treat as urgent: it is being exploited in the wild (CISA KEV), so patch ahead of items that are not. Senserva flags whether KB5060842 is missing on your devices.
CVEs fixed by this update
CVE-2025-24065CVE-2025-24068CVE-2025-24069CVE-2025-29828CVE-2025-3052CVE-2025-32712CVE-2025-32713CVE-2025-32714CVE-2025-32715CVE-2025-32718CVE-2025-32719CVE-2025-32720CVE-2025-32721CVE-2025-32722CVE-2025-32724CVE-2025-32725CVE-2025-33050CVE-2025-33052CVE-2025-33053CVE-2025-33055CVE-2025-33056CVE-2025-33057CVE-2025-33058CVE-2025-33059CVE-2025-33060CVE-2025-33061CVE-2025-33062CVE-2025-33063CVE-2025-33064CVE-2025-33065CVE-2025-33066CVE-2025-33067CVE-2025-33068CVE-2025-33069CVE-2025-33070CVE-2025-33071CVE-2025-33073CVE-2025-33075CVE-2025-47160CVE-2025-49735
Affected products
- Windows Server 2019
- Windows Server 2019 (Server Core installation)
- Windows Server 2022
See this and every Microsoft update ranked by real-world risk on the Microsoft Patch Tracker.