• EPFL Researchers Unveil FG2 at CVPR: A New AI Model That Slashes Localization Errors by 28% for Autonomous Vehicles in GPS-Denied Environments

    Navigating the dense urban canyons of cities like San Francisco or New York can be a nightmare for GPS systems. The towering skyscrapers block and reflect satellite signals, leading to location errors of tens of meters. For you and me, that might mean a missed turn. But for an autonomous vehicle or a delivery robot, that level of imprecision is the difference between a successful mission and a costly failure. These machines require pinpoint accuracy to operate safely and efficiently. Addressing this critical challenge, researchers from the École Polytechnique Fédérale de Lausannein Switzerland have introduced a groundbreaking new method for visual localization during CVPR 2025
    Their new paper, “FG2: Fine-Grained Cross-View Localization by Fine-Grained Feature Matching,” presents a novel AI model that significantly enhances the ability of a ground-level system, like an autonomous car, to determine its exact position and orientation using only a camera and a corresponding aerialimage. The new approach has demonstrated a remarkable 28% reduction in mean localization error compared to the previous state-of-the-art on a challenging public dataset.
    Key Takeaways:

    Superior Accuracy: The FG2 model reduces the average localization error by a significant 28% on the VIGOR cross-area test set, a challenging benchmark for this task.
    Human-like Intuition: Instead of relying on abstract descriptors, the model mimics human reasoning by matching fine-grained, semantically consistent features—like curbs, crosswalks, and buildings—between a ground-level photo and an aerial map.
    Enhanced Interpretability: The method allows researchers to “see” what the AI is “thinking” by visualizing exactly which features in the ground and aerial images are being matched, a major step forward from previous “black box” models.
    Weakly Supervised Learning: Remarkably, the model learns these complex and consistent feature matches without any direct labels for correspondences. It achieves this using only the final camera pose as a supervisory signal.

    Challenge: Seeing the World from Two Different Angles
    The core problem of cross-view localization is the dramatic difference in perspective between a street-level camera and an overhead satellite view. A building facade seen from the ground looks completely different from its rooftop signature in an aerial image. Existing methods have struggled with this. Some create a general “descriptor” for the entire scene, but this is an abstract approach that doesn’t mirror how humans naturally localize themselves by spotting specific landmarks. Other methods transform the ground image into a Bird’s-Eye-Viewbut are often limited to the ground plane, ignoring crucial vertical structures like buildings.

    FG2: Matching Fine-Grained Features
    The EPFL team’s FG2 method introduces a more intuitive and effective process. It aligns two sets of points: one generated from the ground-level image and another sampled from the aerial map.

    Here’s a breakdown of their innovative pipeline:

    Mapping to 3D: The process begins by taking the features from the ground-level image and lifting them into a 3D point cloud centered around the camera. This creates a 3D representation of the immediate environment.
    Smart Pooling to BEV: This is where the magic happens. Instead of simply flattening the 3D data, the model learns to intelligently select the most important features along the verticaldimension for each point. It essentially asks, “For this spot on the map, is the ground-level road marking more important, or is the edge of that building’s roof the better landmark?” This selection process is crucial, as it allows the model to correctly associate features like building facades with their corresponding rooftops in the aerial view.
    Feature Matching and Pose Estimation: Once both the ground and aerial views are represented as 2D point planes with rich feature descriptors, the model computes the similarity between them. It then samples a sparse set of the most confident matches and uses a classic geometric algorithm called Procrustes alignment to calculate the precise 3-DoFpose.

    Unprecedented Performance and Interpretability
    The results speak for themselves. On the challenging VIGOR dataset, which includes images from different cities in its cross-area test, FG2 reduced the mean localization error by 28% compared to the previous best method. It also demonstrated superior generalization capabilities on the KITTI dataset, a staple in autonomous driving research.

    Perhaps more importantly, the FG2 model offers a new level of transparency. By visualizing the matched points, the researchers showed that the model learns semantically consistent correspondences without being explicitly told to. For example, the system correctly matches zebra crossings, road markings, and even building facades in the ground view to their corresponding locations on the aerial map. This interpretability is extremenly valuable for building trust in safety-critical autonomous systems.
    “A Clearer Path” for Autonomous Navigation
    The FG2 method represents a significant leap forward in fine-grained visual localization. By developing a model that intelligently selects and matches features in a way that mirrors human intuition, the EPFL researchers have not only shattered previous accuracy records but also made the decision-making process of the AI more interpretable. This work paves the way for more robust and reliable navigation systems for autonomous vehicles, drones, and robots, bringing us one step closer to a future where machines can confidently navigate our world, even when GPS fails them.

    Check out the Paper. All credit for this research goes to the researchers of this project. Also, feel free to follow us on Twitter and don’t forget to join our 100k+ ML SubReddit and Subscribe to our Newsletter.
    Jean-marc MommessinJean-marc is a successful AI business executive .He leads and accelerates growth for AI powered solutions and started a computer vision company in 2006. He is a recognized speaker at AI conferences and has an MBA from Stanford.Jean-marc Mommessinhttps://www.marktechpost.com/author/jean-marc0000677/AI-Generated Ad Created with Google’s Veo3 Airs During NBA Finals, Slashing Production Costs by 95%Jean-marc Mommessinhttps://www.marktechpost.com/author/jean-marc0000677/Highlighted at CVPR 2025: Google DeepMind’s ‘Motion Prompting’ Paper Unlocks Granular Video ControlJean-marc Mommessinhttps://www.marktechpost.com/author/jean-marc0000677/Snowflake Charts New AI Territory: Cortex AISQL & Snowflake Intelligence Poised to Reshape Data AnalyticsJean-marc Mommessinhttps://www.marktechpost.com/author/jean-marc0000677/Exclusive Talk: Joey Conway of NVIDIA on Llama Nemotron Ultra and Open Source Models
    #epfl #researchers #unveil #fg2 #cvpr
    EPFL Researchers Unveil FG2 at CVPR: A New AI Model That Slashes Localization Errors by 28% for Autonomous Vehicles in GPS-Denied Environments
    Navigating the dense urban canyons of cities like San Francisco or New York can be a nightmare for GPS systems. The towering skyscrapers block and reflect satellite signals, leading to location errors of tens of meters. For you and me, that might mean a missed turn. But for an autonomous vehicle or a delivery robot, that level of imprecision is the difference between a successful mission and a costly failure. These machines require pinpoint accuracy to operate safely and efficiently. Addressing this critical challenge, researchers from the École Polytechnique Fédérale de Lausannein Switzerland have introduced a groundbreaking new method for visual localization during CVPR 2025 Their new paper, “FG2: Fine-Grained Cross-View Localization by Fine-Grained Feature Matching,” presents a novel AI model that significantly enhances the ability of a ground-level system, like an autonomous car, to determine its exact position and orientation using only a camera and a corresponding aerialimage. The new approach has demonstrated a remarkable 28% reduction in mean localization error compared to the previous state-of-the-art on a challenging public dataset. Key Takeaways: Superior Accuracy: The FG2 model reduces the average localization error by a significant 28% on the VIGOR cross-area test set, a challenging benchmark for this task. Human-like Intuition: Instead of relying on abstract descriptors, the model mimics human reasoning by matching fine-grained, semantically consistent features—like curbs, crosswalks, and buildings—between a ground-level photo and an aerial map. Enhanced Interpretability: The method allows researchers to “see” what the AI is “thinking” by visualizing exactly which features in the ground and aerial images are being matched, a major step forward from previous “black box” models. Weakly Supervised Learning: Remarkably, the model learns these complex and consistent feature matches without any direct labels for correspondences. It achieves this using only the final camera pose as a supervisory signal. Challenge: Seeing the World from Two Different Angles The core problem of cross-view localization is the dramatic difference in perspective between a street-level camera and an overhead satellite view. A building facade seen from the ground looks completely different from its rooftop signature in an aerial image. Existing methods have struggled with this. Some create a general “descriptor” for the entire scene, but this is an abstract approach that doesn’t mirror how humans naturally localize themselves by spotting specific landmarks. Other methods transform the ground image into a Bird’s-Eye-Viewbut are often limited to the ground plane, ignoring crucial vertical structures like buildings. FG2: Matching Fine-Grained Features The EPFL team’s FG2 method introduces a more intuitive and effective process. It aligns two sets of points: one generated from the ground-level image and another sampled from the aerial map. Here’s a breakdown of their innovative pipeline: Mapping to 3D: The process begins by taking the features from the ground-level image and lifting them into a 3D point cloud centered around the camera. This creates a 3D representation of the immediate environment. Smart Pooling to BEV: This is where the magic happens. Instead of simply flattening the 3D data, the model learns to intelligently select the most important features along the verticaldimension for each point. It essentially asks, “For this spot on the map, is the ground-level road marking more important, or is the edge of that building’s roof the better landmark?” This selection process is crucial, as it allows the model to correctly associate features like building facades with their corresponding rooftops in the aerial view. Feature Matching and Pose Estimation: Once both the ground and aerial views are represented as 2D point planes with rich feature descriptors, the model computes the similarity between them. It then samples a sparse set of the most confident matches and uses a classic geometric algorithm called Procrustes alignment to calculate the precise 3-DoFpose. Unprecedented Performance and Interpretability The results speak for themselves. On the challenging VIGOR dataset, which includes images from different cities in its cross-area test, FG2 reduced the mean localization error by 28% compared to the previous best method. It also demonstrated superior generalization capabilities on the KITTI dataset, a staple in autonomous driving research. Perhaps more importantly, the FG2 model offers a new level of transparency. By visualizing the matched points, the researchers showed that the model learns semantically consistent correspondences without being explicitly told to. For example, the system correctly matches zebra crossings, road markings, and even building facades in the ground view to their corresponding locations on the aerial map. This interpretability is extremenly valuable for building trust in safety-critical autonomous systems. “A Clearer Path” for Autonomous Navigation The FG2 method represents a significant leap forward in fine-grained visual localization. By developing a model that intelligently selects and matches features in a way that mirrors human intuition, the EPFL researchers have not only shattered previous accuracy records but also made the decision-making process of the AI more interpretable. This work paves the way for more robust and reliable navigation systems for autonomous vehicles, drones, and robots, bringing us one step closer to a future where machines can confidently navigate our world, even when GPS fails them. Check out the Paper. All credit for this research goes to the researchers of this project. Also, feel free to follow us on Twitter and don’t forget to join our 100k+ ML SubReddit and Subscribe to our Newsletter. Jean-marc MommessinJean-marc is a successful AI business executive .He leads and accelerates growth for AI powered solutions and started a computer vision company in 2006. He is a recognized speaker at AI conferences and has an MBA from Stanford.Jean-marc Mommessinhttps://www.marktechpost.com/author/jean-marc0000677/AI-Generated Ad Created with Google’s Veo3 Airs During NBA Finals, Slashing Production Costs by 95%Jean-marc Mommessinhttps://www.marktechpost.com/author/jean-marc0000677/Highlighted at CVPR 2025: Google DeepMind’s ‘Motion Prompting’ Paper Unlocks Granular Video ControlJean-marc Mommessinhttps://www.marktechpost.com/author/jean-marc0000677/Snowflake Charts New AI Territory: Cortex AISQL & Snowflake Intelligence Poised to Reshape Data AnalyticsJean-marc Mommessinhttps://www.marktechpost.com/author/jean-marc0000677/Exclusive Talk: Joey Conway of NVIDIA on Llama Nemotron Ultra and Open Source Models #epfl #researchers #unveil #fg2 #cvpr
    WWW.MARKTECHPOST.COM
    EPFL Researchers Unveil FG2 at CVPR: A New AI Model That Slashes Localization Errors by 28% for Autonomous Vehicles in GPS-Denied Environments
    Navigating the dense urban canyons of cities like San Francisco or New York can be a nightmare for GPS systems. The towering skyscrapers block and reflect satellite signals, leading to location errors of tens of meters. For you and me, that might mean a missed turn. But for an autonomous vehicle or a delivery robot, that level of imprecision is the difference between a successful mission and a costly failure. These machines require pinpoint accuracy to operate safely and efficiently. Addressing this critical challenge, researchers from the École Polytechnique Fédérale de Lausanne (EPFL) in Switzerland have introduced a groundbreaking new method for visual localization during CVPR 2025 Their new paper, “FG2: Fine-Grained Cross-View Localization by Fine-Grained Feature Matching,” presents a novel AI model that significantly enhances the ability of a ground-level system, like an autonomous car, to determine its exact position and orientation using only a camera and a corresponding aerial (or satellite) image. The new approach has demonstrated a remarkable 28% reduction in mean localization error compared to the previous state-of-the-art on a challenging public dataset. Key Takeaways: Superior Accuracy: The FG2 model reduces the average localization error by a significant 28% on the VIGOR cross-area test set, a challenging benchmark for this task. Human-like Intuition: Instead of relying on abstract descriptors, the model mimics human reasoning by matching fine-grained, semantically consistent features—like curbs, crosswalks, and buildings—between a ground-level photo and an aerial map. Enhanced Interpretability: The method allows researchers to “see” what the AI is “thinking” by visualizing exactly which features in the ground and aerial images are being matched, a major step forward from previous “black box” models. Weakly Supervised Learning: Remarkably, the model learns these complex and consistent feature matches without any direct labels for correspondences. It achieves this using only the final camera pose as a supervisory signal. Challenge: Seeing the World from Two Different Angles The core problem of cross-view localization is the dramatic difference in perspective between a street-level camera and an overhead satellite view. A building facade seen from the ground looks completely different from its rooftop signature in an aerial image. Existing methods have struggled with this. Some create a general “descriptor” for the entire scene, but this is an abstract approach that doesn’t mirror how humans naturally localize themselves by spotting specific landmarks. Other methods transform the ground image into a Bird’s-Eye-View (BEV) but are often limited to the ground plane, ignoring crucial vertical structures like buildings. FG2: Matching Fine-Grained Features The EPFL team’s FG2 method introduces a more intuitive and effective process. It aligns two sets of points: one generated from the ground-level image and another sampled from the aerial map. Here’s a breakdown of their innovative pipeline: Mapping to 3D: The process begins by taking the features from the ground-level image and lifting them into a 3D point cloud centered around the camera. This creates a 3D representation of the immediate environment. Smart Pooling to BEV: This is where the magic happens. Instead of simply flattening the 3D data, the model learns to intelligently select the most important features along the vertical (height) dimension for each point. It essentially asks, “For this spot on the map, is the ground-level road marking more important, or is the edge of that building’s roof the better landmark?” This selection process is crucial, as it allows the model to correctly associate features like building facades with their corresponding rooftops in the aerial view. Feature Matching and Pose Estimation: Once both the ground and aerial views are represented as 2D point planes with rich feature descriptors, the model computes the similarity between them. It then samples a sparse set of the most confident matches and uses a classic geometric algorithm called Procrustes alignment to calculate the precise 3-DoF (x, y, and yaw) pose. Unprecedented Performance and Interpretability The results speak for themselves. On the challenging VIGOR dataset, which includes images from different cities in its cross-area test, FG2 reduced the mean localization error by 28% compared to the previous best method. It also demonstrated superior generalization capabilities on the KITTI dataset, a staple in autonomous driving research. Perhaps more importantly, the FG2 model offers a new level of transparency. By visualizing the matched points, the researchers showed that the model learns semantically consistent correspondences without being explicitly told to. For example, the system correctly matches zebra crossings, road markings, and even building facades in the ground view to their corresponding locations on the aerial map. This interpretability is extremenly valuable for building trust in safety-critical autonomous systems. “A Clearer Path” for Autonomous Navigation The FG2 method represents a significant leap forward in fine-grained visual localization. By developing a model that intelligently selects and matches features in a way that mirrors human intuition, the EPFL researchers have not only shattered previous accuracy records but also made the decision-making process of the AI more interpretable. This work paves the way for more robust and reliable navigation systems for autonomous vehicles, drones, and robots, bringing us one step closer to a future where machines can confidently navigate our world, even when GPS fails them. Check out the Paper. All credit for this research goes to the researchers of this project. Also, feel free to follow us on Twitter and don’t forget to join our 100k+ ML SubReddit and Subscribe to our Newsletter. Jean-marc MommessinJean-marc is a successful AI business executive .He leads and accelerates growth for AI powered solutions and started a computer vision company in 2006. He is a recognized speaker at AI conferences and has an MBA from Stanford.Jean-marc Mommessinhttps://www.marktechpost.com/author/jean-marc0000677/AI-Generated Ad Created with Google’s Veo3 Airs During NBA Finals, Slashing Production Costs by 95%Jean-marc Mommessinhttps://www.marktechpost.com/author/jean-marc0000677/Highlighted at CVPR 2025: Google DeepMind’s ‘Motion Prompting’ Paper Unlocks Granular Video ControlJean-marc Mommessinhttps://www.marktechpost.com/author/jean-marc0000677/Snowflake Charts New AI Territory: Cortex AISQL & Snowflake Intelligence Poised to Reshape Data AnalyticsJean-marc Mommessinhttps://www.marktechpost.com/author/jean-marc0000677/Exclusive Talk: Joey Conway of NVIDIA on Llama Nemotron Ultra and Open Source Models
    Like
    Love
    Wow
    Angry
    Sad
    601
    0 Reacties 0 aandelen
  • For June’s Patch Tuesday, 68 fixes — and two zero-day flaws

    Microsoft offered up a fairly light Patch Tuesday release this month, with 68 patches to Microsoft Windows and Microsoft Office. There were no updates for Exchange or SQL server and just two minor patches for Microsoft Edge. That said, two zero-day vulnerabilitieshave led to a “Patch Now” recommendation for both Windows and Office.To help navigate these changes, the team from Readiness has provided auseful  infographic detailing the risks involved when deploying the latest updates.Known issues

    Microsoft released a limited number of known issues for June, with a product-focused issue and a very minor display concern:

    Microsoft Excel: This a rare product level entry in the “known issues” category — an advisory that “square brackets” orare not supported in Excel filenames. An error is generated, advising the user to remove the offending characters.

    Windows 10: There are reports of blurry or unclear CJKtext when displayed at 96 DPIin Chromium-based browsers such as Microsoft Edge and Google Chrome. This is a limited resource issue, as the font resolution in Windows 10 does not fully match the high-level resolution of the Noto font. Microsoft recommends changing the display scaling to 125% or 150% to improve clarity.

    Major revisions and mitigations

    Microsoft might have won an award for the shortest time between releasing an update and a revision with:

    CVE-2025-33073: Windows SMB Client Elevation of Privilege. Microsoft worked to address a vulnerability where improper access control in Windows SMB allows an attacker to elevate privileges over a network. This patch was revised on the same day as its initial release.

    Windows lifecycle and enforcement updates

    Microsoft did not release any enforcement updates for June.

    Each month, the Readiness team analyzes Microsoft’s latest updates and provides technically sound, actionable testing plans. While June’s release includes no stated functional changes, many foundational components across authentication, storage, networking, and user experience have been updated.

    For this testing guide, we grouped Microsoft’s updates by Windows feature and then accompanied the section with prescriptive test actions and rationale to help prioritize enterprise efforts.

    Core OS and UI compatibility

    Microsoft updated several core kernel drivers affecting Windows as a whole. This is a low-level system change and carries a high risk of compatibility and system issues. In addition, core Microsoft print libraries have been included in the update, requiring additional print testing in addition to the following recommendations:

    Run print operations from 32-bit applications on 64-bit Windows environments.

    Use different print drivers and configurations.

    Observe printing from older productivity apps and virtual environments.

    Remote desktop and network connectivity

    This update could impact the reliability of remote access while broken DHCP-to-DNS integration can block device onboarding, and NAT misbehavior disrupts VPNs or site-to-site routing configurations. We recommend the following tests be performed:

    Create and reconnect Remote Desktopsessions under varying network conditions.

    Confirm that DHCP-assigned IP addresses are correctly registered with DNS in AD-integrated environments.

    Test modifying NAT and routing settings in RRAS configurations and ensure that changes persist across reboots.

    Filesystem, SMB and storage

    Updates to the core Windows storage libraries affect nearly every command related to Microsoft Storage Spaces. A minor misalignment here can result in degraded clusters, orphaned volumes, or data loss in a failover scenario. These are high-priority components in modern data center and hybrid cloud infrastructure, with the following storage-related testing recommendations:

    Access file shares using server names, FQDNs, and IP addresses.

    Enable and validate encrypted and compressed file-share operations between clients and servers.

    Run tests that create, open, and read from system log files using various file and storage configurations.

    Validate core cluster storage management tasks, including creating and managing storage pools, tiers, and volumes.

    Test disk addition/removal, failover behaviors, and resiliency settings.

    Run system-level storage diagnostics across active and passive nodes in the cluster.

    Windows installer and recovery

    Microsoft delivered another update to the Windows Installerapplication infrastructure. Broken or regressed Installer package MSI handling disrupts app deployment pipelines while putting core business applications at risk. We suggest the following tests for the latest changes to MSI Installer, Windows Recovery and Microsoft’s Virtualization Based Security:

    Perform installation, repair, and uninstallation of MSI Installer packages using standard enterprise deployment tools.

    Validate restore point behavior for points older than 60 days under varying virtualization-based securitysettings.

    Check both client and server behaviors for allowed or blocked restores.

    We highly recommend prioritizing printer testing this month, then remote desktop deployment testing to ensure your core business applications install and uninstall as expected.

    Each month, we break down the update cycle into product familieswith the following basic groupings: 

    Browsers;

    Microsoft Windows;

    Microsoft Office;

    Microsoft Exchange and SQL Server; 

    Microsoft Developer Tools;

    And Adobe.

    Browsers

    Microsoft delivered a very minor series of updates to Microsoft Edge. The  browser receives two Chrome patcheswhere both updates are rated important. These low-profile changes can be added to your standard release calendar.

    Microsoft Windows

    Microsoft released five critical patches and40 patches rated important. This month the five critical Windows patches cover the following desktop and server vulnerabilities:

    Missing release of memory after effective lifetime in Windows Cryptographic Servicesallows an unauthorized attacker to execute code over a network.

    Use after free in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.

    Use after free in Windows KDC Proxy Serviceallows an unauthorized attacker to execute code over a network.

    Use of uninitialized resources in Windows Netlogon allows an unauthorized attacker to elevate privileges over a network.

    Unfortunately, CVE-2025-33073 has been reported as publicly disclosed while CVE-2025-33053 has been reported as exploited. Given these two zero-days, the Readiness recommends a “Patch Now” release schedule for your Windows updates.

    Microsoft Office

    Microsoft released five critical updates and a further 13 rated important for Office. The critical patches deal with memory related and “use after free” memory allocation issues affecting the entire platform. Due to the number and severity of these issues, we recommend a “Patch Now” schedule for Office for this Patch Tuesday release.

    Microsoft Exchange and SQL Server

    There are no updates for either Microsoft Exchange or SQL Server this month. 

    Developer tools

    There were only three low-level updatesreleased, affecting .NET and Visual Studio. Add these updates to your standard developer release schedule.

    AdobeAdobe has releaseda single update to Adobe Acrobat. There were two other non-Microsoft updated releases affecting the Chromium platform, which were covered in the Browser section above.
    #junes #patch #tuesday #fixes #two
    For June’s Patch Tuesday, 68 fixes — and two zero-day flaws
    Microsoft offered up a fairly light Patch Tuesday release this month, with 68 patches to Microsoft Windows and Microsoft Office. There were no updates for Exchange or SQL server and just two minor patches for Microsoft Edge. That said, two zero-day vulnerabilitieshave led to a “Patch Now” recommendation for both Windows and Office.To help navigate these changes, the team from Readiness has provided auseful  infographic detailing the risks involved when deploying the latest updates.Known issues Microsoft released a limited number of known issues for June, with a product-focused issue and a very minor display concern: Microsoft Excel: This a rare product level entry in the “known issues” category — an advisory that “square brackets” orare not supported in Excel filenames. An error is generated, advising the user to remove the offending characters. Windows 10: There are reports of blurry or unclear CJKtext when displayed at 96 DPIin Chromium-based browsers such as Microsoft Edge and Google Chrome. This is a limited resource issue, as the font resolution in Windows 10 does not fully match the high-level resolution of the Noto font. Microsoft recommends changing the display scaling to 125% or 150% to improve clarity. Major revisions and mitigations Microsoft might have won an award for the shortest time between releasing an update and a revision with: CVE-2025-33073: Windows SMB Client Elevation of Privilege. Microsoft worked to address a vulnerability where improper access control in Windows SMB allows an attacker to elevate privileges over a network. This patch was revised on the same day as its initial release. Windows lifecycle and enforcement updates Microsoft did not release any enforcement updates for June. Each month, the Readiness team analyzes Microsoft’s latest updates and provides technically sound, actionable testing plans. While June’s release includes no stated functional changes, many foundational components across authentication, storage, networking, and user experience have been updated. For this testing guide, we grouped Microsoft’s updates by Windows feature and then accompanied the section with prescriptive test actions and rationale to help prioritize enterprise efforts. Core OS and UI compatibility Microsoft updated several core kernel drivers affecting Windows as a whole. This is a low-level system change and carries a high risk of compatibility and system issues. In addition, core Microsoft print libraries have been included in the update, requiring additional print testing in addition to the following recommendations: Run print operations from 32-bit applications on 64-bit Windows environments. Use different print drivers and configurations. Observe printing from older productivity apps and virtual environments. Remote desktop and network connectivity This update could impact the reliability of remote access while broken DHCP-to-DNS integration can block device onboarding, and NAT misbehavior disrupts VPNs or site-to-site routing configurations. We recommend the following tests be performed: Create and reconnect Remote Desktopsessions under varying network conditions. Confirm that DHCP-assigned IP addresses are correctly registered with DNS in AD-integrated environments. Test modifying NAT and routing settings in RRAS configurations and ensure that changes persist across reboots. Filesystem, SMB and storage Updates to the core Windows storage libraries affect nearly every command related to Microsoft Storage Spaces. A minor misalignment here can result in degraded clusters, orphaned volumes, or data loss in a failover scenario. These are high-priority components in modern data center and hybrid cloud infrastructure, with the following storage-related testing recommendations: Access file shares using server names, FQDNs, and IP addresses. Enable and validate encrypted and compressed file-share operations between clients and servers. Run tests that create, open, and read from system log files using various file and storage configurations. Validate core cluster storage management tasks, including creating and managing storage pools, tiers, and volumes. Test disk addition/removal, failover behaviors, and resiliency settings. Run system-level storage diagnostics across active and passive nodes in the cluster. Windows installer and recovery Microsoft delivered another update to the Windows Installerapplication infrastructure. Broken or regressed Installer package MSI handling disrupts app deployment pipelines while putting core business applications at risk. We suggest the following tests for the latest changes to MSI Installer, Windows Recovery and Microsoft’s Virtualization Based Security: Perform installation, repair, and uninstallation of MSI Installer packages using standard enterprise deployment tools. Validate restore point behavior for points older than 60 days under varying virtualization-based securitysettings. Check both client and server behaviors for allowed or blocked restores. We highly recommend prioritizing printer testing this month, then remote desktop deployment testing to ensure your core business applications install and uninstall as expected. Each month, we break down the update cycle into product familieswith the following basic groupings:  Browsers; Microsoft Windows; Microsoft Office; Microsoft Exchange and SQL Server;  Microsoft Developer Tools; And Adobe. Browsers Microsoft delivered a very minor series of updates to Microsoft Edge. The  browser receives two Chrome patcheswhere both updates are rated important. These low-profile changes can be added to your standard release calendar. Microsoft Windows Microsoft released five critical patches and40 patches rated important. This month the five critical Windows patches cover the following desktop and server vulnerabilities: Missing release of memory after effective lifetime in Windows Cryptographic Servicesallows an unauthorized attacker to execute code over a network. Use after free in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network. Use after free in Windows KDC Proxy Serviceallows an unauthorized attacker to execute code over a network. Use of uninitialized resources in Windows Netlogon allows an unauthorized attacker to elevate privileges over a network. Unfortunately, CVE-2025-33073 has been reported as publicly disclosed while CVE-2025-33053 has been reported as exploited. Given these two zero-days, the Readiness recommends a “Patch Now” release schedule for your Windows updates. Microsoft Office Microsoft released five critical updates and a further 13 rated important for Office. The critical patches deal with memory related and “use after free” memory allocation issues affecting the entire platform. Due to the number and severity of these issues, we recommend a “Patch Now” schedule for Office for this Patch Tuesday release. Microsoft Exchange and SQL Server There are no updates for either Microsoft Exchange or SQL Server this month.  Developer tools There were only three low-level updatesreleased, affecting .NET and Visual Studio. Add these updates to your standard developer release schedule. AdobeAdobe has releaseda single update to Adobe Acrobat. There were two other non-Microsoft updated releases affecting the Chromium platform, which were covered in the Browser section above. #junes #patch #tuesday #fixes #two
    WWW.COMPUTERWORLD.COM
    For June’s Patch Tuesday, 68 fixes — and two zero-day flaws
    Microsoft offered up a fairly light Patch Tuesday release this month, with 68 patches to Microsoft Windows and Microsoft Office. There were no updates for Exchange or SQL server and just two minor patches for Microsoft Edge. That said, two zero-day vulnerabilities (CVE-2025-33073 and CVE-2025-33053) have led to a “Patch Now” recommendation for both Windows and Office. (Developers can follow their usual release cadence with updates to Microsoft .NET and Visual Studio.) To help navigate these changes, the team from Readiness has provided auseful  infographic detailing the risks involved when deploying the latest updates. (More information about recent Patch Tuesday releases is available here.) Known issues Microsoft released a limited number of known issues for June, with a product-focused issue and a very minor display concern: Microsoft Excel: This a rare product level entry in the “known issues” category — an advisory that “square brackets” or [] are not supported in Excel filenames. An error is generated, advising the user to remove the offending characters. Windows 10: There are reports of blurry or unclear CJK (Chinese, Japanese, Korean) text when displayed at 96 DPI (100% scaling) in Chromium-based browsers such as Microsoft Edge and Google Chrome. This is a limited resource issue, as the font resolution in Windows 10 does not fully match the high-level resolution of the Noto font. Microsoft recommends changing the display scaling to 125% or 150% to improve clarity. Major revisions and mitigations Microsoft might have won an award for the shortest time between releasing an update and a revision with: CVE-2025-33073: Windows SMB Client Elevation of Privilege. Microsoft worked to address a vulnerability where improper access control in Windows SMB allows an attacker to elevate privileges over a network. This patch was revised on the same day as its initial release (and has been revised again for documentation purposes). Windows lifecycle and enforcement updates Microsoft did not release any enforcement updates for June. Each month, the Readiness team analyzes Microsoft’s latest updates and provides technically sound, actionable testing plans. While June’s release includes no stated functional changes, many foundational components across authentication, storage, networking, and user experience have been updated. For this testing guide, we grouped Microsoft’s updates by Windows feature and then accompanied the section with prescriptive test actions and rationale to help prioritize enterprise efforts. Core OS and UI compatibility Microsoft updated several core kernel drivers affecting Windows as a whole. This is a low-level system change and carries a high risk of compatibility and system issues. In addition, core Microsoft print libraries have been included in the update, requiring additional print testing in addition to the following recommendations: Run print operations from 32-bit applications on 64-bit Windows environments. Use different print drivers and configurations (e.g., local, networked). Observe printing from older productivity apps and virtual environments. Remote desktop and network connectivity This update could impact the reliability of remote access while broken DHCP-to-DNS integration can block device onboarding, and NAT misbehavior disrupts VPNs or site-to-site routing configurations. We recommend the following tests be performed: Create and reconnect Remote Desktop (RDP) sessions under varying network conditions. Confirm that DHCP-assigned IP addresses are correctly registered with DNS in AD-integrated environments. Test modifying NAT and routing settings in RRAS configurations and ensure that changes persist across reboots. Filesystem, SMB and storage Updates to the core Windows storage libraries affect nearly every command related to Microsoft Storage Spaces. A minor misalignment here can result in degraded clusters, orphaned volumes, or data loss in a failover scenario. These are high-priority components in modern data center and hybrid cloud infrastructure, with the following storage-related testing recommendations: Access file shares using server names, FQDNs, and IP addresses. Enable and validate encrypted and compressed file-share operations between clients and servers. Run tests that create, open, and read from system log files using various file and storage configurations. Validate core cluster storage management tasks, including creating and managing storage pools, tiers, and volumes. Test disk addition/removal, failover behaviors, and resiliency settings. Run system-level storage diagnostics across active and passive nodes in the cluster. Windows installer and recovery Microsoft delivered another update to the Windows Installer (MSI) application infrastructure. Broken or regressed Installer package MSI handling disrupts app deployment pipelines while putting core business applications at risk. We suggest the following tests for the latest changes to MSI Installer, Windows Recovery and Microsoft’s Virtualization Based Security (VBS): Perform installation, repair, and uninstallation of MSI Installer packages using standard enterprise deployment tools (e.g. Intune). Validate restore point behavior for points older than 60 days under varying virtualization-based security (VBS) settings. Check both client and server behaviors for allowed or blocked restores. We highly recommend prioritizing printer testing this month, then remote desktop deployment testing to ensure your core business applications install and uninstall as expected. Each month, we break down the update cycle into product families (as defined by Microsoft) with the following basic groupings:  Browsers (Microsoft IE and Edge); Microsoft Windows (both desktop and server); Microsoft Office; Microsoft Exchange and SQL Server;  Microsoft Developer Tools (Visual Studio and .NET); And Adobe (if you get this far). Browsers Microsoft delivered a very minor series of updates to Microsoft Edge. The  browser receives two Chrome patches (CVE-2025-5068 and CVE-2025-5419) where both updates are rated important. These low-profile changes can be added to your standard release calendar. Microsoft Windows Microsoft released five critical patches and (a smaller than usual) 40 patches rated important. This month the five critical Windows patches cover the following desktop and server vulnerabilities: Missing release of memory after effective lifetime in Windows Cryptographic Services (WCS) allows an unauthorized attacker to execute code over a network. Use after free in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network. Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network. Use of uninitialized resources in Windows Netlogon allows an unauthorized attacker to elevate privileges over a network. Unfortunately, CVE-2025-33073 has been reported as publicly disclosed while CVE-2025-33053 has been reported as exploited. Given these two zero-days, the Readiness recommends a “Patch Now” release schedule for your Windows updates. Microsoft Office Microsoft released five critical updates and a further 13 rated important for Office. The critical patches deal with memory related and “use after free” memory allocation issues affecting the entire platform. Due to the number and severity of these issues, we recommend a “Patch Now” schedule for Office for this Patch Tuesday release. Microsoft Exchange and SQL Server There are no updates for either Microsoft Exchange or SQL Server this month.  Developer tools There were only three low-level updates (product focused and rated important) released, affecting .NET and Visual Studio. Add these updates to your standard developer release schedule. Adobe (and 3rd party updates) Adobe has released (but Microsoft has not co-published) a single update to Adobe Acrobat (APSB25-57). There were two other non-Microsoft updated releases affecting the Chromium platform, which were covered in the Browser section above.
    0 Reacties 0 aandelen