Microsoft Patches 86 Vulnerabilities – SecurityWeek

Posted on By CWS

Microsoft’s September 2025 Patch Tuesday updates resolve a complete of 86 vulnerabilities throughout Home windows and different merchandise.

The tech big’s launch notes point out that not one of the safety holes patched this month have been exploited within the wild.

Nonetheless, eight of them have an ‘exploitation extra probably’ score, together with info disclosure and privilege escalation points within the Home windows kernel, a distant code execution vulnerability in Home windows NTFS, and privilege escalation bugs within the Home windows TCP/IP driver, Home windows Hyper-V, Home windows NTLM, and Home windows SMB.

A majority of those vulnerabilities have a ‘excessive severity’ score, and the NTLM and SMB points have the very best CVSS rating, 8.8/10. 

Based mostly on CVSS rating, an important safety gap patched by Microsoft this month is CVE-2025-55232, described as a distant code execution situation within the Excessive Efficiency Compute (HPC) pack. CVE-2025-55232 has a CVSS rating of 9.8.

“Prospects ought to make certain the HPC Pack clusters are working in a trusted community secured by firewall guidelines particularly for the TCP port 5999,” Microsoft tells clients.

Different points with a CVSS rating exceeding 8.0 are CVE-2025-54106 and CVE-2025-54113 (each distant code execution flaws in Routing and Distant Entry Service), CVE-2025-54897 (distant code execution in SharePoint), CVE-2025-54910 (distant code execution in Workplace), and CVE-2025-55227 (privilege escalation in SQL Server).

Nonetheless, all of those vulnerabilities, together with the important HPC pack situation, have an exploitability evaluation of ‘exploitation much less probably’ or ‘exploitation unlikely’.Commercial. Scroll to proceed studying.

Adobe’s Patch Tuesday updates for September 2025 deal with almost two dozen vulnerabilities throughout 9 merchandise, together with important ColdFusion and Commerce flaws. 

Associated: Microsoft Patches Over 100 Vulnerabilities

Associated: Organizations Warned of Vulnerability in Microsoft Change Hybrid Deployment

Associated: Microsoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint Servers

Security Week News Tags:, , ,

Related Posts

Cloudflare Puts a Default Block on AI Web Scraping Security Week News
Organizations Warned of Vulnerability in Microsoft Exchange Hybrid Deployment Security Week News
Vulnerabilities Patched by Juniper, VMware and Zoom  Security Week News
Motors Theme Vulnerability Exploited to Hack WordPress Websites Security Week News
‘MadeYouReset’ HTTP2 Vulnerability Enables Massive DDoS Attacks Security Week News
In Other News: Cloudflare Outage, Cracked.io Users Identified, Victoria’s Secret Cyberattack Cost Security Week News