Microsoft’s August Patch Tuesday fixes 107 vulnerabilities, together with 13 crucial RCE flaws, impacting Home windows, Workplace, Azure, and extra, urging quick updates.
Microsoft delivered patches for 107 vulnerabilities as per of its Patch Tuesday safety updates. Of the recognized vulnerabilities, 13 are categorized as Vital, demanding instant consideration resulting from their extreme potential impression.
Vital Vulnerabilities
This month’s updates characteristic 13 crucial vulnerabilities, representing probably the most extreme threats to techniques. These flaws carry the potential for attackers to achieve full management, disclose delicate info, or disrupt providers, typically with out requiring any consumer interplay.
Most of the crucial fixes goal Distant Code Execution (RCE) flaws, that are among the many most harmful as they permit an attacker to execute arbitrary code on a compromised system. Notable RCE vulnerabilities embrace:
Home windows Graphics Element (CVE-2025-50165)
This crucial RCE vulnerability may enable unauthorized attackers to execute code over a community by way of untrusted pointer dereferences. Its impression on a basic Home windows part makes it significantly regarding.
DirectX Graphics Kernel (CVE-2025-50176)
This can be a kind confusion vulnerability within the Graphics Kernel that allows native code execution by an authenticated attacker, probably with out requiring elevated privileges.
Microsoft Message Queuing (MSMQ) (CVE-2025-50177)
This use-after-free vulnerability permits an unauthenticated attacker to attain distant code execution, though profitable exploitation requires successful a race situation. The persistence of MSMQ vulnerabilities highlights an ongoing space of concern for system directors.
Microsoft Workplace & Phrase (CVE-2025-53731, CVE-2025-53740, CVE-2025-53733, CVE-2025-53784)
A number of use-after-free and different flaws in Microsoft Workplace and Phrase may enable unauthenticated attackers to attain distant code execution. Typically, these vulnerabilities may be triggered just by a consumer opening a malicious file, underscoring the continued danger related to document-based assaults.
GDI+ (CVE-2025-53766)
This can be a heap-based buffer overflow vulnerability in Home windows GDI+ that will enable an unauthenticated attacker to attain distant code execution.
Home windows Hyper-V (CVE-2025-48807)
On this vulnerability, an improper restriction of communication channels in Hyper-V may enable an authenticated attacker to attain distant code execution. This is a crucial concern for organizations counting on virtualized environments, because it may result in the compromise of digital machines.
Based on Microsoft’s safety replace information, patches for Vital Elevation of Privilege (EoP) vulnerabilities have additionally been launched. These vulnerabilities enable attackers to achieve larger entry ranges on a system.
One such instance is Home windows NTLM (CVE-2025-53778), an improper authentication flaw that will enable an authenticated attacker to raise privileges over a community, probably gaining SYSTEM privileges. This poses a critical menace to community safety and area integrity.
One other vulnerability mounted on this replace features a Vital Data Disclosure vulnerability that would result in the leakage of delicate information. This consists of Azure Digital Machines (CVE-2025-53781), the place a flaw may enable an attacker to reveal delicate info.
Equally, Azure Stack Hub (CVE-2025-53793) is affected by one other crucial info disclosure vulnerability, which may leak delicate information to unauthorized actors. Lastly, a crucial Spoofing vulnerability was addressed.
For a fast overview of probably the most extreme threats, the next desk summarizes the crucial vulnerabilities:
| CVE ID | Affected Product/Element | Vulnerability Kind | Potential Affect |
| CVE-2025-53781 | Azure Digital Machines | Data Disclosure | Leakage of delicate information |
| CVE-2025-50176 | DirectX Graphics Kernel | Distant Code Execution | Native code execution, system compromise |
| CVE-2025-50177 | Microsoft Message Queuing | Distant Code Execution | Distant code execution, system compromise |
| CVE-2025-53731 | Microsoft Workplace | Distant Code Execution | Distant code execution, system compromise |
| CVE-2025-53740 | Microsoft Workplace | Distant Code Execution | Distant code execution, system compromise |
| CVE-2025-53733 | Microsoft Phrase | Distant Code Execution | Distant code execution, system compromise |
| CVE-2025-53766 | GDI+ | Distant Code Execution | Distant code execution, system compromise |
| CVE-2025-53778 | Home windows NTLM | Elevation of Privilege | Acquire SYSTEM privileges, community compromise |
| CVE-2025-53784 | Microsoft Phrase | Distant Code Execution | Distant code execution, system compromise |
| CVE-2025-49707 | Azure Digital Machines | Spoofing | Native impersonation, unauthorized actions |
| CVE-2025-48807 | Home windows Hyper-V | Distant Code Execution | Native code execution, digital setting compromise |
| CVE-2025-50165 | Home windows Graphics Element | Distant Code Execution | Distant code execution, system compromise |
| CVE-2025-53793 | Azure Stack Hub | Data Disclosure | Leakage of delicate information |
Necessary Fixes and Safety Patterns
Other than the crucial points, Microsoft addressed 76 “Necessary” severity vulnerabilities. Whereas these usually are not as instantly threatening as crucial flaws, they will nonetheless result in compromise, together with privilege escalation, denial of service, info disclosure, and spoofing.
This month’s updates additionally noticed a number of Elevation of Privilege (EoP) and Distant Code Execution (RCE) vulnerabilities overlaying all ranges of seriousness. There have been 40 EoP flaws in complete, with 38 categorized as Necessary.
RCE vulnerabilities totaled 35, with 26 rated as Necessary. This fixed concentrate on RCE and EoP reveals their significance as the principle assault vectors for adversaries in search of to achieve management and develop their attain inside networks.
Some examples of Necessary RCEs embrace these affecting Microsoft Excel (CVE-2025-53741, CVE-2025-53759, CVE-2025-53737, CVE-2025-53739) with heap-based buffer overflows and use-after-free points.
The Home windows Routing and Distant Entry Service (RRAS) additionally noticed a number of heap-based buffer overflows (e.g., CVE-2025-49757, CVE-2025-50160, CVE-2025-50162, CVE-2025-50163, CVE-2025-50164, CVE-2025-53720).
Microsoft PowerPoint additionally had an Necessary RCE (CVE-2025-53761). Necessary EoPs embrace a number of SQL Server bugs like CVE-2025-49758, stemming from SQL injection weaknesses, and Microsoft SharePoint (CVE-2025-53760).
Decrease severity
Decrease severity points additionally obtained consideration. Two Reasonable vulnerabilities have been patched, together with CVE-2025-53779 in Home windows Kerberos, which entails relative path traversal for EoP.
Moreover, one Low severity spoofing flaw was mounted in Microsoft Edge for Android (CVE-2025-49755). Whereas much less pressing, these nonetheless contribute to the general safety and shouldn’t be ignored, as they are often exploited with different vulnerabilities to additional assaults.
A notable sample rising from this month’s patches entails the recurrence of frequent vulnerability varieties corresponding to use-after-free errors, heap overflows, and improper enter validation. These points ceaselessly seem, significantly in legacy elements like Win32k and Ancillary Perform Drivers.
This means continued challenges in managing the safety of older, foundational codebases inside Home windows, which regularly predate trendy safe coding practices. The continual presence of those reminiscence corruption flaws in such deep-seated elements suggests a systemic problem for Microsoft.
The Zero-Day Watch
Microsoft’s August 2025 Patch Tuesday consists of one publicly disclosed zero-day vulnerability. Organizations want to know the excellence right here that whereas this vulnerability is thought to the general public, Microsoft experiences that not one of the patched vulnerabilities, together with this zero-day, are at present listed as actively exploited within the wild as of August 12, 2025.
The excellence between “publicly disclosed” and “actively exploited” is essential for understanding instant danger. “Publicly disclosed” means the vulnerability’s particulars can be found within the public area, probably giving menace actors a blueprint to develop their very own exploits.
Alternatively, “actively exploited” signifies that attackers are already utilizing the vulnerability in real-world assaults. The present “not actively exploited” standing offers a crucial, though momentary, window for organizations to use patches.
Updates Throughout Microsoft’s Merchandise
The August 2025 Patch Tuesday updates covers a number of Microsoft services. This consists of core Home windows elements, in style Microsoft Workplace purposes, Azure cloud providers, Trade Server, SQL Server, Home windows Hyper-V, and even Microsoft Edge (Chromium-based).
Particularly, 10 vulnerabilities have been addressed in Microsoft Edge (Chromium-based). These embrace a number of “use after free” points in elements like Forged and Extensions (CVE-2025-8578, CVE-2025-8576), and “inappropriate implementation” flaws in Image In Image and Filesystems (CVE-2025-8577, CVE-2025-8579, CVE-2025-8580).
Vulnerability Breakdown by Class and Severity (August 2025)
| Vulnerability Kind | Vital Rely | Necessary Rely | Reasonable Rely | Low Rely | Whole |
| Distant Code Execution (RCE) | 9 | 26 | 0 | 0 | 35 |
| Elevation of Privilege (EoP) | 1 | 38 | 1 | 0 | 40 |
| Data Disclosure | 2 | 14 | 0 | 0 | 16 |
| Spoofing | 1 | 7 | 1 | 1 | 10 |
| Denial of Service (DoS) | 0 | 5 | 0 | 0 | 5 |
| Tampering | 0 | 1 | 0 | 0 | 1 |
| Whole | 13 | 91 | 2 | 1 | 107 |
PowerShell 2.0 Removing
Home windows PowerShell 2.0 is being faraway from Home windows 11, model 24H2, beginning with the August 2025 non-security replace. It is going to even be faraway from Home windows Server 2025 with the September 2025 safety replace.
“Patch Tuesday after Black Hat is all the time spicy, and these patches (like all others) want to maneuver with a way of objective, and the Kerberos vulnerability from Yuval Gordon is of explicit curiosity because it seems this shall be offered intimately at SecTor on the finish of September 2025,” mentioned Trey Ford, Chief Technique and Belief Officer at Bugcrowd.
“Vulnerabilities just like the Kerberos discovering solely goes to indicate the significance of numerous views and testing in characteristic design and launch – the facility of the worldwide safety group can assist verify that new options, particularly security measures, are each efficient and resilient,” he added.
When you run Home windows, you’ll in all probability see updates in Home windows Replace later immediately or tomorrow, and it’s normally a good suggestion to put in them promptly since many deal with safety flaws actively focused by attackers.
