41
Microsoft has released the scheduled Patch Tuesday updates for August 2025. This month’s update bundle holds utmost importance as it addresses over a hundred vulnerabilities, including a zero-day.
A Publicly Disclosed Zero-Day Flaw Addressed
The most important security fix in the August Patch Tuesday updates addressed a zero-day vulnerability in Microsoft Windows Kerberos. While Microsoft confirmed no active exploitation of this flaw, they confirmed public disclosure of this vulnerability before a fix.
Identified as CVE-2025-53779, Microsoft described this vulnerability as a privilege escalation issue in Windows Kerberos, the authentication protocol in Windows Server 2025. In their advisory, Microsoft described the flaw as,
Relative path traversal in Windows Kerberos allows an authorized attacker to elevate privileges over a network.
This vulnerability achieved a moderate severity rating with a CVSS score of 7.2. Microsoft acknowledged the security researcher Yuval Gordon of Akamai for reporting this vulnerability.
The researcher has already shared details about this flaw, dubbed “BadSuccessor,” in a separate blog post, where he confirmed reporting the vulnerability to Microsoft in April 2025. However, the tech giant seemingly downplayed the severity of the matter, deferring an immediate fix.
Fortunately, despite being known for months, the vulnerability escaped active exploitation attempts. Now that the fix is available, users must ensure updating their systems to receive the patch.
Other Important Fixes From Microsoft With August Patch Tuesday
Apart from the zero-day vulnerability, Microsoft addressed 107 other vulnerabilities this month. These include 12 critical severity vulnerabilities and 92 important severity flaws. Moreover, it also fixed a moderate severity (CVE-2025-49736) and a low severity issue (CVE-2025-49755) in the Microsoft Edge browser.
Regarding the type of these vulnerabilities, the update addressed 4 denial of service vulnerabilities, 41 privilege escalation issues, 16 information disclosure flaws, 35 remote code execution vulnerabilities, 8 spoofing issues, 1 tampering, and 1 cross-site scripting vulnerability.
Some noteworthy vulnerabilities from these include the following.
- CVE-2025-53766 (critical; CVSS 9.8): A heap-buffer overflow in Windows GDI+ that could allow remote code execution over a network. An unauthenticated adversary could exploit the flaw by tricking the target user into opening a maliciously crafted file.
- CVE-2025-50165 (important; CVSS 9.8): A remote code execution vulnerability in Windows Graphics Component that existed due to untrusted pointer dereference. An unauthenticated attacker could exploit the flaw even without user interaction.
- CVE-2025-50171 (important; CVSS 9.1): Due to missing authorization in Remote Desktop Server, an authorized attacker could perform spoofing over the target network.
Microsoft implements automatic roll-out of these scheduled updates to all eligible devices. Yet, users should still ensure updating their systems in time via manual review to receive all security fixes and avoid potential attacks via unpatched vulnerabilities.
Let us know your thoughts in the comments.
Get real time update about this post category directly on your device, subscribe now.
