Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Microsoft September 2025 security update (81 CVEs)

Security Patch Release
First reported
Last updated
Happening score
H score 28
2 unique sources, 2 articles

Summary

Hide ▲

Microsoft's September 2025 security update shipped fixes for 81 unique CVEs, and 38 elevation-of-privilege (EoP) flaws again dominated the release. The bundle also covered RCE, information disclosure, and denial-of-service issues, while Microsoft said it had no actively exploited vulnerabilities among the disclosed CVEs. Security teams were urged to prioritize the higher-risk entries, including SMB, NTLM, Windows UI XAML, HPC Pack, and NTFS flaws.

Related Happenings

Microsoft April 2026 Patch Tuesday security update (165 CVEs)

Security Patch Release
First: 15.04.2026 00:22 Last: 15.04.2026 00:22 Sources 1

About this happening: **Microsoft** shipped **April 2026 Patch Tuesday** updates covering **165 CVEs**, including an **actively exploited zero-day** and a **publicly disclosed** flaw, creating immediat...

Open Happening

Microsoft April 2026 Patch Tuesday security updates (167 flaws)

Security Patch Release
First: 14.04.2026 20:41 Last: 14.04.2026 20:41 Sources 1

About this happening: Microsoft's **April 2026 Patch Tuesday** ships **security updates** for **167 flaws**, including **2 zero-days**, reducing exposure across widely used Microsoft software. The rele...

Open Happening

Microsoft March 2026 Patch Tuesday (83 CVEs)

Security Patch Release
First: 11.03.2026 03:08 Last: 11.03.2026 03:08 Sources 1

About this happening: **Microsoft** released its **March 2026 Patch Tuesday** update with **83 CVEs** across its product range, reducing exposure to a broad set of flaws that includes issues Microsoft...

Open Happening

Microsoft security patch release for CVE-2026-21262

Security Patch Release
First: 10.03.2026 19:49 Last: 10.03.2026 19:49 Sources 1

About this happening: **Microsoft's March 2026 Patch Tuesday** delivers fixes for **79 flaws**, including **2 publicly disclosed zero-days** and several **Critical** issues across **SQL Server**, **.NE...

Open Happening

Microsoft Windows Admin Center patch for CVE-2026-26119

Security Patch Release
First: 19.02.2026 19:40 Last: 19.02.2026 19:40 Sources 1

About this happening: Microsoft shipped **Windows Admin Center version 2511** to patch **CVE-2026-26119**, closing an **improper authentication** flaw that could let an authorized attacker **elevate pr...

Open Happening

Timeline

  1. 15.09.2025 15:48 1 articles · 8mo ago

    Microsoft confirms SMBv1 share connection issues from September 2025 Windows updates

    Victim Impact Update

    Microsoft confirmed that the September 2025 Windows security updates can cause connection failures to Server Message Block (SMB) v1 shares over NetBIOS over TCP/IP (NetBT), affecting Windows 11 24H2/23H2/22H2, Windows 10 22H2/21H2, Windows Server 2025, and Windows Server 2022 when either the SMB client or SMB server has the update installed. Microsoft is working on a fix and advises allowing traffic on TCP port 445 as a temporary workaround so SMB can switch from NetBT to TCP.

    Show sources
    Open in new tab
  2. 09.09.2025 23:48 2 articles · 8mo ago

    Microsoft releases September 2025 security update with 81 CVEs

    Initial Disclosure

    Microsoft released its September 2025 security update, fixing 81 unique CVEs across its product portfolio and including 38 elevation-of-privilege flaws that again outnumbered the other vulnerability categories. The update reported no actively exploited vulnerabilities, but it highlighted high-priority issues such as CVE-2025-55234 in Windows Server Message Block (SMB), CVE-2025-54918 in Windows NT LAN Manager (NTLM), CVE-2025-55232 in the Microsoft High Performance Compute (HPC) Pack, and CVE-2025-54916 in Windows NTFS.

    Show sources
    Open in new tab