Microsoft Patch Tuesday August 2025 Released

Posted on By CWS

Microsoft launched its August Patch Tuesday safety updates, addressing a complete of 107 vulnerabilities throughout its product ecosystem.

The replace consists of fixes for 90 vulnerabilities, categorised as follows: 13 are Important, 76 are Essential, one is Reasonable, and one is Low. Notably, none of those vulnerabilities are listed as actively exploited zero-days, which gives some aid for IT directors.

The vulnerabilities fall into a number of classes, together with Distant Code Execution (RCE), Elevation of Privilege (EoP), Data Disclosure, Spoofing, Denial of Service (DoS), and Tampering. Under is an in depth breakdown of the vulnerabilities by class, together with key insights for organizations to prioritize their patching efforts.

Severity / ImpactRemote Code Execution (RCE)Elevation of Privilege (EoP)Data DisclosureSpoofingDenial of Service (DoS)TamperingTotalCritical91210013Important26381475191Moderate0101002Low0001001Total3540161051107

On August 12, 2025, Microsoft launched its month-to-month Patch Tuesday safety updates, addressing a major variety of vulnerabilities throughout its product ecosystem.

Distant Code Execution (RCE) Vulnerabilities: 36 Complete

Distant Code Execution vulnerabilities dominate this month’s Patch Tuesday, with 36 vulnerabilities patched, 10 of that are rated Important. These flaws might permit attackers to execute arbitrary code, probably compromising complete programs. Key RCE vulnerabilities embody:

Home windows Graphics Part (CVE-2025-50165, Important): An untrusted pointer dereference within the Microsoft Graphics Part permits unauthorized attackers to execute code over a community.

DirectX Graphics Kernel (CVE-2025-50176, Important): A sort confusion flaw within the Graphics Kernel allows native code execution by a certified attacker.

Microsoft Workplace (CVE-2025-53731, CVE-2025-53740, Important): A number of use-after-free vulnerabilities in Microsoft Workplace permit unauthorized attackers to execute code domestically.

Microsoft Phrase (CVE-2025-53733, CVE-2025-53784, Important): Flaws in Microsoft Phrase, together with incorrect numeric kind conversion and use-after-free points, allow native code execution.

GDI+ (CVE-2025-53766, Important): A heap-based buffer overflow in Home windows GDI+ permits network-based code execution.

Home windows Hyper-V (CVE-2025-48807, Important): An improper restriction of communication channels in Hyper-V allows native code execution.

Microsoft Message Queuing (MSMQ) (CVE-2025-50177, Important; CVE-2025-53143, CVE-2025-53144, CVE-2025-53145, Essential): A number of vulnerabilities, together with use-after-free and sort confusion flaws, have an effect on MSMQ, permitting network-based code execution.

Microsoft Excel (CVE-2025-53741, CVE-2025-53759, CVE-2025-53737, CVE-2025-53739, Essential): Heap-based buffer overflows and use-after-free points in Excel allow native code execution.

Home windows Routing and Distant Entry Service (RRAS) (CVE-2025-49757, CVE-2025-50160, CVE-2025-50162, CVE-2025-50163, CVE-2025-50164, CVE-2025-53720, Essential): Heap-based buffer overflows in RRAS permit network-based code execution.

Microsoft Patch Tuesday August 2025 – Vulnerabilities listing

CVEVulnerability DetailsActively ExploitTypeSeverityCVE-2025-53781Azure Digital Machines Data Disclosure VulnerabilityNoInformation DisclosureCriticalCVE-2025-50165Windows Graphics Part Distant Code Execution VulnerabilityNoRemote Code ExecutionCriticalCVE-2025-50176DirectX Graphics Kernel Distant Code Execution VulnerabilityNoRemote Code ExecutionCriticalCVE-2025-50177Microsoft Message Queuing (MSMQ) Distant Code Execution VulnerabilityNoRemote Code ExecutionCriticalCVE-2025-53731Microsoft Workplace Distant Code Execution VulnerabilityNoRemote Code ExecutionCriticalCVE-2025-53733Microsoft Phrase Distant Code Execution VulnerabilityNoRemote Code ExecutionCriticalCVE-2025-53740Microsoft Workplace Distant Code Execution VulnerabilityNoRemote Code ExecutionCriticalCVE-2025-53766GDI+ Distant Code Execution VulnerabilityNoRemote Code ExecutionCriticalCVE-2025-53778Windows NTLM Elevation of Privilege VulnerabilityNoElevation of PrivilegeCriticalCVE-2025-53784Microsoft Phrase Distant Code Execution VulnerabilityNoRemote Code ExecutionCriticalCVE-2025-53793Azure Stack Hub Data Disclosure VulnerabilityNoInformation DisclosureCriticalCVE-2025-48807Windows Hyper-V Distant Code Execution VulnerabilityNoRemote Code ExecutionCriticalCVE-2025-49707Azure Digital Machines Spoofing VulnerabilityNoSpoofingCriticalCVE-2025-53786Microsoft Alternate Server Hybrid Deployment Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportantCVE-2025-49751Windows Hyper-V Denial of Service VulnerabilityNoDenial of ServiceImportantCVE-2025-49745Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilityNoSpoofingImportantCVE-2025-49758Microsoft SQL Server Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportantCVE-2025-53727Microsoft SQL Server Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportantCVE-2025-53729Microsoft Azure File Sync Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportantCVE-2025-33051Microsoft Alternate Server Data Disclosure VulnerabilityNoInformation DisclosureImportantCVE-2025-53730Microsoft Workplace Visio Distant Code Execution VulnerabilityNoRemote Code ExecutionImportantCVE-2025-53741Microsoft Excel Distant Code Execution VulnerabilityNoRemote Code ExecutionImportantCVE-2025-53759Microsoft Excel Distant Code Execution VulnerabilityNoRemote Code ExecutionImportantCVE-2025-53760Microsoft SharePoint Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportantCVE-2025-53761Microsoft PowerPoint Distant Code Execution VulnerabilityNoRemote Code ExecutionImportantCVE-2025-24999Microsoft SQL Server Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportantCVE-2025-53772Web Deploy Distant Code Execution VulnerabilityNoRemote Code ExecutionImportantCVE-2025-53773GitHub Copilot and Visible Studio Distant Code Execution VulnerabilityNoRemote Code ExecutionImportantCVE-2025-25005Microsoft Alternate Server Tampering VulnerabilityNoTamperingImportantCVE-2025-25006Microsoft Alternate Server Spoofing VulnerabilityNoSpoofingImportantCVE-2025-25007Microsoft Alternate Server Spoofing VulnerabilityNoSpoofingImportantCVE-2025-49743Windows Graphics Part Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportantCVE-2025-49757Windows Routing and Distant Entry Service (RRAS) Distant Code Execution VulnerabilityNoRemote Code ExecutionImportantCVE-2025-49759Microsoft SQL Server Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportantCVE-2025-49761Windows Kernel Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportantCVE-2025-49762Windows Ancillary Operate Driver for WinSock Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportantCVE-2025-50153Desktop Home windows Supervisor Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportantCVE-2025-50154Microsoft Home windows File Explorer Spoofing VulnerabilityNoSpoofingImportantCVE-2025-50156Windows Routing and Distant Entry Service (RRAS) Data Disclosure VulnerabilityNoInformation DisclosureImportantCVE-2025-50158Windows NTFS Data Disclosure VulnerabilityNoInformation DisclosureImportantCVE-2025-50159Remote Entry Level-to-Level Protocol (PPP) EAP-TLS Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportantCVE-2025-50160Windows Routing and Distant Entry Service (RRAS) Distant Code Execution VulnerabilityNoRemote Code ExecutionImportantCVE-2025-50161Win32k Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportantCVE-2025-50162Windows Routing and Distant Entry Service (RRAS) Distant Code Execution VulnerabilityNoRemote Code ExecutionImportantCVE-2025-50163Windows Routing and Distant Entry Service (RRAS) Distant Code Execution VulnerabilityNoRemote Code ExecutionImportantCVE-2025-50164Windows Routing and Distant Entry Service (RRAS) Distant Code Execution VulnerabilityNoRemote Code ExecutionImportantCVE-2025-50166Windows Distributed Transaction Coordinator (MSDTC) Data Disclosure VulnerabilityNoInformation DisclosureImportantCVE-2025-50167Windows Hyper-V Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportantCVE-2025-50168Win32k Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportantCVE-2025-50169Windows SMB Distant Code Execution VulnerabilityNoRemote Code ExecutionImportantCVE-2025-50170Windows Cloud Information Mini Filter Driver Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportantCVE-2025-50171Remote Desktop Spoofing VulnerabilityNoSpoofingImportantCVE-2025-50172DirectX Graphics Kernel Denial of Service VulnerabilityNoDenial of ServiceImportantCVE-2025-50173Windows Installer Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportantCVE-2025-53131Windows Media Distant Code Execution VulnerabilityNoRemote Code ExecutionImportantCVE-2025-53132Win32k Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportantCVE-2025-53133Windows PrintWorkflowUserSvc Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportantCVE-2025-53134Windows Ancillary Operate Driver for WinSock Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportantCVE-2025-53135DirectX Graphics Kernel Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportantCVE-2025-53136NT OS Kernel Data Disclosure VulnerabilityNoInformation DisclosureImportantCVE-2025-53137Windows Ancillary Operate Driver for WinSock Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportantCVE-2025-53138Windows Routing and Distant Entry Service (RRAS) Data Disclosure VulnerabilityNoInformation DisclosureImportantCVE-2025-53140Windows Kernel Transaction Supervisor Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportantCVE-2025-53141Windows Ancillary Operate Driver for WinSock Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportantCVE-2025-53142Microsoft Brokering File System Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportantCVE-2025-53143Microsoft Message Queuing (MSMQ) Distant Code Execution VulnerabilityNoRemote Code ExecutionImportantCVE-2025-53144Microsoft Message Queuing (MSMQ) Distant Code Execution VulnerabilityNoRemote Code ExecutionImportantCVE-2025-53145Microsoft Message Queuing (MSMQ) Distant Code Execution VulnerabilityNoRemote Code ExecutionImportantCVE-2025-53147Windows Ancillary Operate Driver for WinSock Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportantCVE-2025-53148Windows Routing and Distant Entry Service (RRAS) Data Disclosure VulnerabilityNoInformation DisclosureImportantCVE-2025-53149Kernel Streaming WOW Thunk Service Driver Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportantCVE-2025-53151Windows Kernel Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportantCVE-2025-53152Desktop Home windows Supervisor Distant Code Execution VulnerabilityNoRemote Code ExecutionImportantCVE-2025-53153Windows Routing and Distant Entry Service (RRAS) Data Disclosure VulnerabilityNoInformation DisclosureImportantCVE-2025-53154Windows Ancillary Operate Driver for WinSock Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportantCVE-2025-53155Windows Hyper-V Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportantCVE-2025-53156Windows Storage Port Driver Data Disclosure VulnerabilityNoInformation DisclosureImportantCVE-2025-53716Local Safety Authority Subsystem Service (LSASS) Denial of Service VulnerabilityNoDenial of ServiceImportantCVE-2025-53718Windows Ancillary Operate Driver for WinSock Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportantCVE-2025-53719Windows Routing and Distant Entry Service (RRAS) Data Disclosure VulnerabilityNoInformation DisclosureImportantCVE-2025-53720Windows Routing and Distant Entry Service (RRAS) Distant Code Execution VulnerabilityNoRemote Code ExecutionImportantCVE-2025-53721Windows Linked Gadgets Platform Service Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportantCVE-2025-53722Windows Distant Desktop Providers Denial of Service VulnerabilityNoDenial of ServiceImportantCVE-2025-53723Windows Hyper-V Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportantCVE-2025-53724Windows Push Notifications Apps Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportantCVE-2025-53725Windows Push Notifications Apps Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportantCVE-2025-53726Windows Push Notifications Apps Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportantCVE-2025-53728Microsoft Dynamics 365 (On-Premises) Data Disclosure VulnerabilityNoInformation DisclosureImportantCVE-2025-47954Microsoft SQL Server Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportantCVE-2025-53732Microsoft Workplace Distant Code Execution VulnerabilityNoRemote Code ExecutionImportantCVE-2025-53734Microsoft Workplace Visio Distant Code Execution VulnerabilityNoRemote Code ExecutionImportantCVE-2025-53735Microsoft Excel Distant Code Execution VulnerabilityNoRemote Code ExecutionImportantCVE-2025-53736Microsoft Phrase Data Disclosure VulnerabilityNoInformation DisclosureImportantCVE-2025-53737Microsoft Excel Distant Code Execution VulnerabilityNoRemote Code ExecutionImportantCVE-2025-53738Microsoft Phrase Distant Code Execution VulnerabilityNoRemote Code ExecutionImportantCVE-2025-53739Microsoft Excel Distant Code Execution VulnerabilityNoRemote Code ExecutionImportantCVE-2025-53765Azure Stack Hub Data Disclosure VulnerabilityNoInformation DisclosureImportantCVE-2025-53769Windows Safety App Spoofing VulnerabilityNoSpoofingImportantCVE-2025-50157Windows Routing and Distant Entry Service (RRAS) Data Disclosure VulnerabilityNoInformation DisclosureImportantCVE-2025-50155Windows Push Notifications Apps Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportantCVE-2025-53783Microsoft Groups Distant Code Execution VulnerabilityNoRemote Code ExecutionImportantCVE-2025-53788Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportantCVE-2025-53789Windows StateRepository API Server file Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportantCVE-2025-49712Microsoft SharePoint Distant Code Execution VulnerabilityNoRemote Code ExecutionImportantCVE-2025-49755Microsoft Edge (Chromium-based) for Android Spoofing VulnerabilityNoSpoofingLowCVE-2025-53779Windows Kerberos Elevation of Privilege VulnerabilityNoElevation of PrivilegeModerateCVE-2025-49736Microsoft Edge (Chromium-based) for Android Spoofing VulnerabilityNoSpoofingModerate

Cyber Security News Tags:, , ,

Related Posts

TA829 Hackers Employs New TTPs and Upgraded RomCom Backdoor to Evade Detections Cyber Security News
Firefox 141 Released With Fix for Multiple Vulnerabilities Cyber Security News
Countering Spear Phishing with Advanced Email Security Solutions Cyber Security News
Hackers Actively Exploiting Langflow RCE Vulnerability to Deploy Flodrix Botnet Cyber Security News
Fortinet FortiWeb Fabric Connector Vulnerability Exploited to Execute Remote Code Cyber Security News
Samsung MagicINFO 9 Server Vulnerability Let Attackers Write Arbitrary File Cyber Security News