August 2025 Microsoft Patch Tuesday Addresses 111 Vulnerabilities, Including Multiple EoP and RCE Flaws
Summary
Hide β²
Show βΌ
Microsoft's August 2025 Patch Tuesday update addresses 111 vulnerabilities, with 44 elevation-of-privilege (EoP) flaws, 35 remote code execution (RCE) vulnerabilities, 18 information disclosure issues, 8 spoofing vulnerabilities, and 4 denial-of-service defects. The update includes fixes for critical vulnerabilities in Azure OpenAI, Windows Kerberos, Windows Hyper-V, Microsoft SQL Server, SharePoint, and Microsoft's AI technologies. The update does not include any actively exploited vulnerabilities, marking the second consecutive month without such issues. However, several vulnerabilities are considered high-priority due to their potential impact and ease of exploitation. Additionally, the update addresses 16 vulnerabilities in Microsoft's Chromium-based Edge browser and fixes for vulnerabilities in various third-party software and services. The August 2025 Windows security updates are causing reset and recovery operations to fail on Windows 10 and older versions of Windows 11.
Timeline
-
19.08.2025 16:39 π° 1 articles Β· β± 28d ago
Microsoft fixes Windows update failures after network share installation
Microsoft previously fixed a bug causing Windows update failures when installed from a network share using WUSA.
Show sources
- Microsoft: August security updates break Windows recovery, reset β www.bleepingcomputer.com β 19.08.2025 16:39
-
19.08.2025 16:39 π° 1 articles Β· β± 28d ago
Microsoft fixes 0x80240069 errors after WSUS delivery of KB5063878 update
Microsoft previously fixed a bug causing 0x80240069 errors when delivered via WSUS after installing the KB5063878 update for Windows 11 24H2 systems.
Show sources
- Microsoft: August security updates break Windows recovery, reset β www.bleepingcomputer.com β 19.08.2025 16:39
-
19.08.2025 16:39 π° 1 articles Β· β± 28d ago
Microsoft acknowledges Windows Update Service errors for enterprise customers
Microsoft previously acknowledged a similar issue affecting enterprise customers encountering Windows Update Service errors when trying to update Windows 11 22H2/23H2 systems.
Show sources
- Microsoft: August security updates break Windows recovery, reset β www.bleepingcomputer.com β 19.08.2025 16:39
-
13.08.2025 00:47 π° 3 articles Β· β± 1mo ago
Microsoft releases August 2025 Patch Tuesday update addressing 111 vulnerabilities
The update includes 16 Critical, 92 Important, 2 Moderate, and 1 Low severity vulnerabilities. The update includes 8 spoofing and 4 denial-of-service vulnerabilities. The update addresses 16 vulnerabilities in Microsoft's Chromium-based Edge browser, including two spoofing bugs affecting Edge for Android. The update includes fixes for vulnerabilities in various third-party software and services, such as 7-Zip, Adobe, Amazon Web Services, AMD, and others. CVE-2025-53786 is an EoP vulnerability in Microsoft Exchange Server hybrid deployments with a CVSS score of 8.0. CVE-2025-53766 is a GDI+ RCE vulnerability with a CVSS score of 9.8. CVE-2025-50165 is a Windows Graphics Component RCE vulnerability with a CVSS score of 9.8. CVE-2025-53792 is an Azure Portal EoP vulnerability with a CVSS score of 9.1. CVE-2025-53787 is a Microsoft 365 Copilot BizChat information disclosure vulnerability with a CVSS score of 8.2. CVE-2025-50177 is an MSMQ RCE vulnerability with a CVSS score of 8.1. CVE-2025-50176 is a DirectX Graphics Kernel RCE vulnerability with a CVSS score of 7.8. CVE-2025-50154 is an NTLM hash disclosure spoofing vulnerability with a CVSS score of 6.5. The August 2025 Windows security updates are causing reset and recovery operations to fail on Windows 10 and older versions of Windows 11. The affected platforms include Windows 11 23H2, Windows 11 22H2, Windows 10 22H2, Windows 10 Enterprise LTSC 2021, Windows 10 IoT Enterprise LTSC 2021, Windows 10 Enterprise LTSC 2019, and Windows 10 IoT Enterprise LTSC 2019. The issue impacts the Reset my PC feature, the Fix problems using Windows Update tool, and the RemoteWipe CSP. Microsoft is working on an out-of-band update to fix the issue.
Show sources
- Elevation-of-Privilege Vulns Dominate Microsoft's Patch Tuesday β www.darkreading.com β 13.08.2025 00:47
- Microsoft August 2025 Patch Tuesday Fixes Kerberos Zero-Day Among 111 Total New Flaws β thehackernews.com β 13.08.2025 11:47
- Microsoft: August security updates break Windows recovery, reset β www.bleepingcomputer.com β 19.08.2025 16:39
Information Snippets
-
Microsoft's August 2025 Patch Tuesday update addresses 111 vulnerabilities.
First reported: 13.08.2025 00:47π° 2 sources, 2 articlesShow sources
- Elevation-of-Privilege Vulns Dominate Microsoft's Patch Tuesday β www.darkreading.com β 13.08.2025 00:47
- Microsoft August 2025 Patch Tuesday Fixes Kerberos Zero-Day Among 111 Total New Flaws β thehackernews.com β 13.08.2025 11:47
-
44 of the vulnerabilities are elevation-of-privilege (EoP) flaws.
First reported: 13.08.2025 00:47π° 2 sources, 2 articlesShow sources
- Elevation-of-Privilege Vulns Dominate Microsoft's Patch Tuesday β www.darkreading.com β 13.08.2025 00:47
- Microsoft August 2025 Patch Tuesday Fixes Kerberos Zero-Day Among 111 Total New Flaws β thehackernews.com β 13.08.2025 11:47
-
34 of the vulnerabilities are remote code execution (RCE) flaws.
First reported: 13.08.2025 00:47π° 2 sources, 2 articlesShow sources
- Elevation-of-Privilege Vulns Dominate Microsoft's Patch Tuesday β www.darkreading.com β 13.08.2025 00:47
- Microsoft August 2025 Patch Tuesday Fixes Kerberos Zero-Day Among 111 Total New Flaws β thehackernews.com β 13.08.2025 11:47
-
16 of the vulnerabilities are information disclosure issues.
First reported: 13.08.2025 00:47π° 2 sources, 2 articlesShow sources
- Elevation-of-Privilege Vulns Dominate Microsoft's Patch Tuesday β www.darkreading.com β 13.08.2025 00:47
- Microsoft August 2025 Patch Tuesday Fixes Kerberos Zero-Day Among 111 Total New Flaws β thehackernews.com β 13.08.2025 11:47
-
The update includes fixes for critical vulnerabilities in Azure OpenAI, Windows Kerberos, Windows Hyper-V, Microsoft SQL Server, SharePoint, and Microsoft's AI technologies.
First reported: 13.08.2025 00:47π° 2 sources, 2 articlesShow sources
- Elevation-of-Privilege Vulns Dominate Microsoft's Patch Tuesday β www.darkreading.com β 13.08.2025 00:47
- Microsoft August 2025 Patch Tuesday Fixes Kerberos Zero-Day Among 111 Total New Flaws β thehackernews.com β 13.08.2025 11:47
-
The update does not include any actively exploited vulnerabilities.
First reported: 13.08.2025 00:47π° 2 sources, 2 articlesShow sources
- Elevation-of-Privilege Vulns Dominate Microsoft's Patch Tuesday β www.darkreading.com β 13.08.2025 00:47
- Microsoft August 2025 Patch Tuesday Fixes Kerberos Zero-Day Among 111 Total New Flaws β thehackernews.com β 13.08.2025 11:47
-
CVE-2025-53767 is a maximum severity vulnerability in Azure OpenAI, fully mitigated by Microsoft.
First reported: 13.08.2025 00:47π° 2 sources, 2 articlesShow sources
- Elevation-of-Privilege Vulns Dominate Microsoft's Patch Tuesday β www.darkreading.com β 13.08.2025 00:47
- Microsoft August 2025 Patch Tuesday Fixes Kerberos Zero-Day Among 111 Total New Flaws β thehackernews.com β 13.08.2025 11:47
-
CVE-2025-53779 is a publicly known Windows Kerberos EoP flaw, dubbed BadSuccessor.
First reported: 13.08.2025 00:47π° 2 sources, 2 articlesShow sources
- Elevation-of-Privilege Vulns Dominate Microsoft's Patch Tuesday β www.darkreading.com β 13.08.2025 00:47
- Microsoft August 2025 Patch Tuesday Fixes Kerberos Zero-Day Among 111 Total New Flaws β thehackernews.com β 13.08.2025 11:47
-
CVE-2025-53155 is an EoP vulnerability in Windows Hyper-V with a CVSS score of 7.8.
First reported: 13.08.2025 00:47π° 2 sources, 2 articlesShow sources
- Elevation-of-Privilege Vulns Dominate Microsoft's Patch Tuesday β www.darkreading.com β 13.08.2025 00:47
- Microsoft August 2025 Patch Tuesday Fixes Kerberos Zero-Day Among 111 Total New Flaws β thehackernews.com β 13.08.2025 11:47
-
Four EoP vulnerabilities in Microsoft SQL Server have a CVSS score of 8.8 each.
First reported: 13.08.2025 00:47π° 1 source, 1 articleShow sources
- Elevation-of-Privilege Vulns Dominate Microsoft's Patch Tuesday β www.darkreading.com β 13.08.2025 00:47
-
CVE-2025-49712 is a new SharePoint RCE vulnerability with a CVSS score of 8.8.
First reported: 13.08.2025 00:47π° 2 sources, 2 articlesShow sources
- Elevation-of-Privilege Vulns Dominate Microsoft's Patch Tuesday β www.darkreading.com β 13.08.2025 00:47
- Microsoft August 2025 Patch Tuesday Fixes Kerberos Zero-Day Among 111 Total New Flaws β thehackernews.com β 13.08.2025 11:47
-
CVE-2025-50165 and CVE-2025-53766 are RCE flaws in the Windows Graphics Component and GDI+ with CVSS scores of 9.8.
First reported: 13.08.2025 00:47π° 2 sources, 2 articlesShow sources
- Elevation-of-Privilege Vulns Dominate Microsoft's Patch Tuesday β www.darkreading.com β 13.08.2025 00:47
- Microsoft August 2025 Patch Tuesday Fixes Kerberos Zero-Day Among 111 Total New Flaws β thehackernews.com β 13.08.2025 11:47
-
The update includes 16 Critical, 92 Important, 2 Moderate, and 1 Low severity vulnerabilities.
First reported: 13.08.2025 11:47π° 1 source, 1 articleShow sources
- Microsoft August 2025 Patch Tuesday Fixes Kerberos Zero-Day Among 111 Total New Flaws β thehackernews.com β 13.08.2025 11:47
-
The update includes 8 spoofing and 4 denial-of-service vulnerabilities.
First reported: 13.08.2025 11:47π° 1 source, 1 articleShow sources
- Microsoft August 2025 Patch Tuesday Fixes Kerberos Zero-Day Among 111 Total New Flaws β thehackernews.com β 13.08.2025 11:47
-
CVE-2025-53786 is an EoP vulnerability in Microsoft Exchange Server hybrid deployments with a CVSS score of 8.0.
First reported: 13.08.2025 11:47π° 1 source, 1 articleShow sources
- Microsoft August 2025 Patch Tuesday Fixes Kerberos Zero-Day Among 111 Total New Flaws β thehackernews.com β 13.08.2025 11:47
-
CVE-2025-53766 is a GDI+ RCE vulnerability with a CVSS score of 9.8.
First reported: 13.08.2025 11:47π° 1 source, 1 articleShow sources
- Microsoft August 2025 Patch Tuesday Fixes Kerberos Zero-Day Among 111 Total New Flaws β thehackernews.com β 13.08.2025 11:47
-
CVE-2025-50165 is a Windows Graphics Component RCE vulnerability with a CVSS score of 9.8.
First reported: 13.08.2025 11:47π° 1 source, 1 articleShow sources
- Microsoft August 2025 Patch Tuesday Fixes Kerberos Zero-Day Among 111 Total New Flaws β thehackernews.com β 13.08.2025 11:47
-
CVE-2025-53792 is an Azure Portal EoP vulnerability with a CVSS score of 9.1.
First reported: 13.08.2025 11:47π° 1 source, 1 articleShow sources
- Microsoft August 2025 Patch Tuesday Fixes Kerberos Zero-Day Among 111 Total New Flaws β thehackernews.com β 13.08.2025 11:47
-
CVE-2025-53787 is a Microsoft 365 Copilot BizChat information disclosure vulnerability with a CVSS score of 8.2.
First reported: 13.08.2025 11:47π° 1 source, 1 articleShow sources
- Microsoft August 2025 Patch Tuesday Fixes Kerberos Zero-Day Among 111 Total New Flaws β thehackernews.com β 13.08.2025 11:47
-
CVE-2025-50177 is an MSMQ RCE vulnerability with a CVSS score of 8.1.
First reported: 13.08.2025 11:47π° 1 source, 1 articleShow sources
- Microsoft August 2025 Patch Tuesday Fixes Kerberos Zero-Day Among 111 Total New Flaws β thehackernews.com β 13.08.2025 11:47
-
CVE-2025-50176 is a DirectX Graphics Kernel RCE vulnerability with a CVSS score of 7.8.
First reported: 13.08.2025 11:47π° 1 source, 1 articleShow sources
- Microsoft August 2025 Patch Tuesday Fixes Kerberos Zero-Day Among 111 Total New Flaws β thehackernews.com β 13.08.2025 11:47
-
CVE-2025-50154 is an NTLM hash disclosure spoofing vulnerability with a CVSS score of 6.5.
First reported: 13.08.2025 11:47π° 1 source, 1 articleShow sources
- Microsoft August 2025 Patch Tuesday Fixes Kerberos Zero-Day Among 111 Total New Flaws β thehackernews.com β 13.08.2025 11:47
-
The update addresses 16 vulnerabilities in Microsoft's Chromium-based Edge browser, including two spoofing bugs affecting Edge for Android.
First reported: 13.08.2025 11:47π° 1 source, 1 articleShow sources
- Microsoft August 2025 Patch Tuesday Fixes Kerberos Zero-Day Among 111 Total New Flaws β thehackernews.com β 13.08.2025 11:47
-
The update includes fixes for vulnerabilities in various third-party software and services, such as 7-Zip, Adobe, Amazon Web Services, AMD, and others.
First reported: 13.08.2025 11:47π° 1 source, 1 articleShow sources
- Microsoft August 2025 Patch Tuesday Fixes Kerberos Zero-Day Among 111 Total New Flaws β thehackernews.com β 13.08.2025 11:47
-
The August 2025 Windows security updates are causing reset and recovery operations to fail on Windows 10 and older versions of Windows 11.
First reported: 19.08.2025 16:39π° 1 source, 1 articleShow sources
- Microsoft: August security updates break Windows recovery, reset β www.bleepingcomputer.com β 19.08.2025 16:39
-
The affected platforms include Windows 11 23H2, Windows 11 22H2, Windows 10 22H2, Windows 10 Enterprise LTSC 2021, Windows 10 IoT Enterprise LTSC 2021, Windows 10 Enterprise LTSC 2019, and Windows 10 IoT Enterprise LTSC 2019.
First reported: 19.08.2025 16:39π° 1 source, 1 articleShow sources
- Microsoft: August security updates break Windows recovery, reset β www.bleepingcomputer.com β 19.08.2025 16:39
-
The issue impacts the Reset my PC feature, the Fix problems using Windows Update tool, and the RemoteWipe CSP.
First reported: 19.08.2025 16:39π° 1 source, 1 articleShow sources
- Microsoft: August security updates break Windows recovery, reset β www.bleepingcomputer.com β 19.08.2025 16:39
-
Microsoft is working on an out-of-band update to fix the issue.
First reported: 19.08.2025 16:39π° 1 source, 1 articleShow sources
- Microsoft: August security updates break Windows recovery, reset β www.bleepingcomputer.com β 19.08.2025 16:39
-
Microsoft previously fixed a bug causing Windows update failures when installed from a network share using WUSA.
First reported: 19.08.2025 16:39π° 1 source, 1 articleShow sources
- Microsoft: August security updates break Windows recovery, reset β www.bleepingcomputer.com β 19.08.2025 16:39
-
Microsoft previously fixed a bug causing 0x80240069 errors when delivered via WSUS after installing the KB5063878 update for Windows 11 24H2 systems.
First reported: 19.08.2025 16:39π° 1 source, 1 articleShow sources
- Microsoft: August security updates break Windows recovery, reset β www.bleepingcomputer.com β 19.08.2025 16:39
-
Microsoft previously acknowledged a similar issue affecting enterprise customers encountering Windows Update Service errors when trying to update Windows 11 22H2/23H2 systems.
First reported: 19.08.2025 16:39π° 1 source, 1 articleShow sources
- Microsoft: August security updates break Windows recovery, reset β www.bleepingcomputer.com β 19.08.2025 16:39
Similar Happenings
Active exploitation of CVE-2025-5086 in DELMIA Apriso
CVE-2025-5086, a critical deserialization flaw in Dassault Systèmes DELMIA Apriso Manufacturing Operations Management (MOM) software, is being actively exploited. The vulnerability, with a CVSS score of 9.0, affects versions from Release 2020 through Release 2025. Exploitation attempts have been observed, targeting the /apriso/WebServices/FlexNetOperationsService.svc/Invoke endpoint with a Base64-encoded payload. The payload decodes to a GZIP-compressed Windows executable that deploys a malicious program designed to spy on user activities. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the flaw to its Known Exploited Vulnerabilities (KEV) catalog, advising Federal Civilian Executive Branch (FCEB) agencies to apply updates by October 2, 2025. The malware, identified as Trojan.MSIL.Zapchast.gen, captures keyboard input, takes screenshots, and gathers information about active applications. This information is then sent to the attacker via various means, including email, FTP, and HTTP. The exploit involves sending a malicious SOAP request to vulnerable endpoints. The malicious requests were observed originating from the IP 156.244.33[.]162.
Akira Ransomware Group Exploits SonicWall SSL VPN Flaws
The Akira ransomware group has been actively exploiting SonicWall SSL VPN flaws and misconfigurations to gain initial access to networks. This campaign has seen increased activity since late July 2025, targeting SonicWall devices to facilitate ransomware operations. The group leverages a combination of security vulnerabilities, including a year-old flaw (CVE-2024-40766) and misconfigured LDAP settings, to bypass access controls and infiltrate networks. Organizations are advised to rotate passwords, remove unused accounts, enable multi-factor authentication, and restrict access to the Virtual Office Portal to mitigate risks. The Australian Cyber Security Centre (ACSC) has acknowledged Akira's targeting of SonicWall SSL VPNs and issued alerts about the increased exploitation of CVE-2024-40766.
Microsoft September 2025 Patch Tuesday fixes 81 vulnerabilities, including two zero-days
Microsoft released updates for 80 vulnerabilities on September 2025 Patch Tuesday. None of these vulnerabilities were zero-days. The updates address eight critical flaws, including five remote code execution vulnerabilities, one information disclosure, and two elevation of privilege vulnerabilities. The vulnerabilities span various categories: 38 elevation of privilege, 2 security feature bypass, 22 remote code execution, 14 information disclosure, 3 denial of service, and 1 spoofing. One zero-day vulnerability was fixed in Windows SMB Server. The updates also include hardening features for SMB Server to mitigate relay attacks, with recommendations for administrators to enable auditing. The patch includes 38 elevation of privilege vulnerabilities, the highest number among all categories. CVE-2025-54918 is an EoP vulnerability in Windows NT LAN Manager (NTLM) marked as critical. CVE-2025-54111 and CVE-2025-54913 are EoP flaws in Windows UI XAML, allowing privilege escalation via phished credentials or malicious Microsoft Store apps. CVE-2025-55232 is an RCE vulnerability in the Microsoft High Performance Compute (HPC) Pack with a CVSS score of 9.8. CVE-2025-54916 is an RCE vulnerability in Windows NTFS that can be triggered by authenticated users. Microsoft's patch update includes recommendations for preparing for the end-of-life of Windows 10 and mandatory multifactor authentication (MFA) for Azure in October 2025.
Critical SessionReaper flaw in Adobe Commerce and Magento Open Source patched
Adobe has patched a critical vulnerability (CVE-2025-54236) in its Commerce and Magento Open Source platforms, dubbed SessionReaper. The flaw could allow unauthenticated attackers to take control of customer accounts via the Commerce REST API. The vulnerability was disclosed to selected customers on September 4, 2025, with a patch released on September 9, 2025. Adobe Commerce on Cloud users were protected by a WAF rule until the patch was available. The flaw is considered one of the most severe in the history of the platform, potentially leading to session forging, privilege escalation, and code execution. No exploitation in the wild has been reported, but a hotfix was leaked, which could accelerate exploitation attempts. The vulnerability impacts various versions of Adobe Commerce, Adobe Commerce B2B, Magento Open Source, and the Custom Attributes Serializable module. Adobe has also patched a critical path traversal vulnerability in ColdFusion (CVE-2025-54261).
Critical SAP NetWeaver vulnerabilities patched, including remote code execution flaw
SAP has fixed 21 vulnerabilities, including three critical flaws in its NetWeaver software. The most severe, CVE-2025-42944, is an insecure deserialization flaw allowing unauthenticated remote code execution. The second critical flaw, CVE-2025-42922, enables arbitrary file uploads by authenticated users. The third, CVE-2025-42958, allows unauthorized access to sensitive data and administrative functions. The vulnerabilities affect various SAP products, including ERP, CRM, SRM, and SCM, which are widely used in large enterprise networks. The flaws could lead to full system compromise and unauthorized data manipulation. SAP products are frequently targeted by threat actors due to their handling of mission-critical data. A high-severity missing input validation bug in SAP S/4HANA (CVE-2025-42916) could allow an attacker with high privilege access to delete the content of arbitrary database tables. A critical security defect in SAP S/4HANA (CVE-2025-42957) has come under active exploitation in the wild.