Black Arrow Cyber Advisory 09 July 2025 – Security Updates from Microsoft, Ivanti, Fortinet, Splunk, Adobe, and SAP

Written By Black Arrow Admin

Executive Summary

  • Microsoft’s July 2025 Patch Tuesday addressed 137 vulnerabilities, including a publicly disclosed zero-day in SQL Server, 14 critical issues (primarily remote code execution) in Office and Windows components, and a range of privilege escalation, information disclosure, denial-of-service, and spoofing flaws affecting Office and Office Components, .NET and Visual Studio, Azure, Teams, Hyper-V, Windows BitLocker, Microsoft Edge (Chromium-based), and the Windows Cryptographic Service.

  • Ivanti released advisory AV25‑405 on 8 July, fixing 11 vulnerabilities across Connect Secure (ICS), Policy Secure (IPS), Endpoint Manager (EPM), and Endpoint Manager Mobile (EPMM), including high-severity flaws that impact authentication, credential decryption, and OS command injection.

  • Fortinet published eight security advisories covering one critical, one high, five medium, and one low severity vulnerabilities affecting FortiAnalyzer, FortiProxy, FortiOS, FortiSandbox, FortiVoice, and FortiWeb.

  • Splunk this week issued 12 advisories that resolve critical and high-severity flaws in third-party dependencies in Splunk SOAR, Enterprise, and DB Connect. Additionally, the company announced fixes for seven medium- and one low-severity issue in Splunk Enterprise.

  • Adobe announced the rollout of security fixes for 58 vulnerabilities across 13 products, including three critical-severity flaws in Adobe Connect, ColdFusion, and Experience Manager Forms (AEM Forms) on JEE.

  • SAP announced the release of 27 new and four updated security notes as part of its July 2025 Security Patch Day, including six that address critical vulnerabilities.

What’s the risk to me or my business?
This month’s releases cover major vendor ecosystems and include both publicly disclosed and critical vulnerabilities. Unpatched systems are vulnerable to SQL Server information disclosure, Office/Windows RCEs, credential decryption in Ivanti, command injection in Fortinet devices, package-level compromises in Splunk SOAR, Adobe application attacks, and insecure deserialization in SAP, which can lead to full system compromise or data breaches.

What can I do?

Black Arrow recommends promptly applying the available security updates for all affected products. Prioritise patches for vulnerabilities that are actively exploited or rated as critical or high severity. Regularly review and update your organisation's security policies and ensure that all systems are running supported and up-to-date software versions.

Microsoft

Further details on specific updates within this Microsoft patch Tuesday can be found here:

https://msrc.microsoft.com/update-guide/releaseNote/2025-Jul

Ivanti, Fortinet, Splunk, Adobe, SAP

Further details of the vulnerabilities in affected Ivanti, Fortinet, Splunk, Adobe, SAP products:

https://www.ivanti.com/blog/july-security-update-2025

https://www.fortiguard.com/psirt

https://advisory.splunk.com/advisories/SVD-2025-0712

https://helpx.adobe.com/security.html

https://support.sap.com/en/my-support/knowledge-base/security-notes-news/july-2025.html

#threatadvisory #threatintelligence #cybersecurity

Black Arrow Admin
Previous

Black Arrow Cyber Threat Intelligence Briefing 11 July 2025
Next

Black Arrow Cyber Threat Intelligence Briefing 04 July 2025