Microsoft has launched its September 2025 Patch Tuesday updates, addressing a complete of 81 safety vulnerabilities throughout its product suite. The safety patches cowl a variety of software program, together with Home windows, Microsoft Workplace, Azure, and SQL Server.
Among the many fixes are 22 Distant Code Execution (RCE) vulnerabilities, making this a major replace for system directors. Of the 81 flaws, 8 are rated as Vital, with the remaining 73 categorized as Vital in severity.
ImpactCountElevation of Privilege (EoP)38Remote Code Execution (RCE)22Information Disclosure14Denial of Service (DoS)4Security Characteristic Bypass2Spoofing1Total81
The vulnerabilities cowl numerous classes, with Distant Code Execution (RCE), Elevation of Privilege (EoP), and Info Disclosure being probably the most continuously addressed varieties on this month’s launch.
Vital Distant Code Execution Flaws
This month’s replace resolves a number of essential RCE vulnerabilities that would enable attackers to execute arbitrary code on affected methods. Among the many most extreme are a number of race situation flaws within the Graphics Kernel (CVE-2025-55226, CVE-2025-55236) and the Home windows Graphics Element (CVE-2025-55228), which a certified attacker might exploit to execute code domestically.
Microsoft Workplace additionally acquired a essential patch for a heap-based buffer overflow vulnerability (CVE-2025-54910) that permits native code execution.
Moreover, a essential RCE vulnerability in Home windows Hyper-V (CVE-2025-55224) was mounted. This flaw, stemming from a race situation, might enable a neighborhood attacker to execute arbitrary code. Some of these vulnerabilities are significantly harmful as they’ll typically be exploited to realize preliminary entry or transfer laterally inside a community.
Widespread Elevation of Privilege and Different Flaws
A good portion of the September replace is devoted to fixing Elevation of Privilege vulnerabilities throughout the Home windows ecosystem. A essential EoP flaw in Home windows NTLM (CVE-2025-54918) might enable a certified attacker to raise their privileges over the community.
Different necessary EoP vulnerabilities have been patched in PowerShell Direct (CVE-2025-49734), Home windows Ancillary Operate Driver for WinSock (CVE-2025-54099), and the Home windows Kernel (CVE-2025-54110).
The replace additionally addresses quite a few data disclosure vulnerabilities, significantly within the Home windows Routing and Distant Entry Service (RRAS), with six distinct CVEs (CVE-2025-53797, CVE-2025-53798, CVE-2025-54095, CVE-2025-54096, CVE-2025-54097, CVE-2025-55225) associated to buffer over-read and out-of-bounds learn points.
Whereas not as extreme as RCEs, these flaws can leak delicate reminiscence data that aids attackers in crafting extra complicated exploits.
Patches for SharePoint, Azure, and Excel
Past the core working system, Microsoft has patched essential and necessary flaws in its enterprise and productiveness software program.
A major RCE vulnerability in Microsoft SharePoint (CVE-2025-54897) was addressed, which could possibly be exploited by a certified attacker over the community by way of the deserialization of untrusted knowledge.
Microsoft Excel acquired a barrage of fixes for seven totally different RCE vulnerabilities (CVE-2025-54896, CVE-2025-54898, CVE-2025-54899, CVE-2025-54900, CVE-2025-54902, CVE-2025-54903, CVE-2025-54904).
These flaws, principally associated to use-after-free and out-of-bounds learn points, enable an attacker to execute code domestically if a consumer opens a specifically crafted file.
A number of Elevation of Privilege vulnerabilities have been additionally patched in Azure providers, together with Azure Arc (CVE-2025-55316) and the Azure Related Machine Agent (CVE-2025-49692).
Microsoft urges all prospects to use the September 2025 safety updates promptly to guard their methods from potential exploitation. Directors ought to prioritize patching the essential RCE and Elevation of Privilege vulnerabilities to mitigate probably the most extreme dangers.
Of the 81 vulnerabilities addressed in Microsoft’s September 2025 Patch Tuesday, none have been reported as publicly disclosed or actively exploited. The discharge contains patches for 8 Vital and 73 Vital severity flaws.
Under is a complete desk of all vulnerabilities mounted on this replace, with hyperlinks to the official Microsoft Safety Response Heart (MSRC) advisories.
CVEVulnerability DetailsActively ExploitedTypeSeverityCritical VulnerabilitiesCVE-2025-54918Improper authentication in Home windows NTLM permits for network-based privilege elevation.NoElevation of PrivilegeCriticalCVE-2025-55226A race situation within the Graphics Kernel might be exploited for native code execution.NoRemote Code ExecutionCriticalCVE-2025-55228A race situation within the Home windows Graphics Element permits native code execution.NoRemote Code ExecutionCriticalCVE-2025-55236A race situation within the Graphics Kernel might result in native code execution.NoRemote Code ExecutionCriticalCVE-2025-53799Use of an uninitialized useful resource within the Home windows Imaging Element results in data disclosure.NoInformation DisclosureCriticalCVE-2025-53800A flaw within the Microsoft Graphics Element can be utilized for native privilege elevation.NoElevation of PrivilegeCriticalCVE-2025-54910A heap-based buffer overflow in Microsoft Workplace permits for native distant code execution.NoRemote Code ExecutionCriticalCVE-2025-55224A race situation in Home windows Hyper-V can be utilized for native code execution.NoRemote Code ExecutionCriticalImportant VulnerabilitiesCVE-2024-21907A flaw in Newtonsoft.Json utilized by SQL Server can result in a denial-of-service situation.NoDenial of ServiceImportantCVE-2025-49734A flaw in PowerShell Direct permits for native privilege escalation.NoElevation of PrivilegeImportantCVE-2025-53797A buffer over-read in RRAS permits for data disclosure over a community.NoInformation DisclosureImportantCVE-2025-53798A buffer over-read in RRAS permits for data disclosure over a community.NoInformation DisclosureImportantCVE-2025-54095An out-of-bounds learn in RRAS permits for network-based data disclosure.NoInformation DisclosureImportantCVE-2025-54096An out-of-bounds learn in RRAS permits for network-based data disclosure.NoInformation DisclosureImportantCVE-2025-54097An out-of-bounds learn in RRAS permits for network-based data disclosure.NoInformation DisclosureImportantCVE-2025-54099A stack-based buffer overflow within the Ancillary Operate Driver for WinSock permits privilege elevation.NoElevation of PrivilegeImportantCVE-2025-54101A use-after-free flaw within the Home windows SMBv3 Consumer permits for distant code execution.NoRemote Code ExecutionImportantCVE-2025-54102A use-after-free flaw within the Related Gadgets Platform Service can be utilized for privilege elevation.NoElevation of PrivilegeImportantCVE-2025-54106An integer overflow in RRAS might enable an attacker to execute code over the community.NoRemote Code ExecutionImportantCVE-2025-54110An integer overflow within the Home windows Kernel can be utilized for native privilege elevation.NoElevation of PrivilegeImportantCVE-2025-54111A use-after-free flaw in Home windows UI XAML permits for native privilege elevation.NoElevation of PrivilegeImportantCVE-2025-54894A vulnerability within the Native Safety Authority Subsystem Service results in privilege elevation.NoElevation of PrivilegeImportantCVE-2025-54895An integer overflow in SPNEGO NEGOEX permits for native privilege elevation.NoElevation of PrivilegeImportantCVE-2025-54896A use-after-free vulnerability in Microsoft Excel permits for native code execution.NoRemote Code ExecutionImportantCVE-2025-54897Deserialization of untrusted knowledge in SharePoint can result in distant code execution.NoRemote Code ExecutionImportantCVE-2025-54898An out-of-bounds learn in Microsoft Excel can be utilized for native code execution.NoRemote Code ExecutionImportantCVE-2025-54899Freeing reminiscence not on the heap in Microsoft Excel can result in native code execution.NoRemote Code ExecutionImportantCVE-2025-54902An out-of-bounds learn in Microsoft Excel permits for native code execution.NoRemote Code ExecutionImportantCVE-2025-54903A use-after-free vulnerability in Microsoft Excel permits for native code execution.NoRemote Code ExecutionImportantCVE-2025-54904A use-after-free vulnerability in Microsoft Excel permits for native code execution.NoRemote Code ExecutionImportantCVE-2025-54905An untrusted pointer dereference in Microsoft Phrase can result in data disclosure.NoInformation DisclosureImportantCVE-2025-54906Freeing reminiscence not on the heap in Microsoft Workplace can result in native code execution.NoRemote Code ExecutionImportantCVE-2025-54907A heap-based buffer overflow in Microsoft Visio permits for native code execution.NoRemote Code ExecutionImportantCVE-2025-54908A use-after-free vulnerability in Microsoft PowerPoint permits for native code execution.NoRemote Code ExecutionImportantCVE-2025-54913A race situation in Home windows UI XAML Maps can be utilized for native privilege elevation.NoElevation of PrivilegeImportantCVE-2025-54916A stack-based buffer overflow in Home windows NTFS permits for native code execution.NoRemote Code ExecutionImportantCVE-2025-54919A race situation within the Home windows Graphics Element results in native code execution.NoRemote Code ExecutionImportantCVE-2025-55223A race situation within the DirectX Graphics Kernel permits for native privilege elevation.NoElevation of PrivilegeImportantCVE-2025-55225An out-of-bounds learn in RRAS permits for network-based data disclosure.NoInformation DisclosureImportantCVE-2025-55232Deserialization of untrusted knowledge in HPC Pack can result in distant code execution.NoRemote Code ExecutionImportantCVE-2025-55245Improper hyperlink decision in Xbox Gaming Providers can result in native privilege elevation.NoElevation of PrivilegeImportantCVE-2025-55243Exposure of delicate data in Microsoft OfficePlus can result in spoofing.NoSpoofingImportantCVE-2025-55316External management of a file identify or path in Azure Arc permits for privilege elevation.NoElevation of PrivilegeImportantCVE-2025-55317Improper hyperlink decision in Microsoft AutoUpdate can be utilized for native privilege elevation.NoElevation of PrivilegeImportantCVE-2025-49692Improper entry management within the Azure Related Machine Agent permits native privilege elevation.NoElevation of PrivilegeImportantCVE-2025-47997A race situation in SQL Server can result in network-based data disclosure.NoInformation DisclosureImportantCVE-2025-53796A buffer over-read in RRAS permits for data disclosure over a community.NoInformation DisclosureImportantCVE-2025-53801An untrusted pointer dereference within the DWM Core Library can result in native privilege elevation.NoElevation of PrivilegeImportantCVE-2025-53802A use-after-free flaw within the Home windows Bluetooth Service can be utilized for native privilege elevation.NoElevation of PrivilegeImportantCVE-2025-53803An error message within the Home windows Kernel might disclose delicate data domestically.NoInformation DisclosureImportantCVE-2025-53804Exposure of delicate data in a Home windows Kernel-Mode Driver can result in native data disclosure.NoInformation DisclosureImportantCVE-2025-53805An out-of-bounds learn in HTTP.sys can result in a denial of service.NoDenial of ServiceImportantCVE-2025-53806A buffer over-read in RRAS permits for data disclosure over a community.NoInformation DisclosureImportantCVE-2025-53807A race situation within the Microsoft Graphics Element permits for native privilege elevation.NoElevation of PrivilegeImportantCVE-2025-53808A sort confusion flaw within the Home windows Defender Firewall Service can result in native privilege elevation.NoElevation of PrivilegeImportantCVE-2025-53809Improper enter validation in LSASS can result in a denial of service.NoDenial of ServiceImportantCVE-2025-53810A sort confusion flaw within the Home windows Defender Firewall Service can result in native privilege elevation.NoElevation of PrivilegeImportantCVE-2025-54091An integer overflow in Home windows Hyper-V can be utilized for native privilege elevation.NoElevation of PrivilegeImportantCVE-2025-54092A race situation in Home windows Hyper-V can be utilized for native privilege elevation.NoElevation of PrivilegeImportantCVE-2025-54093A race situation within the Home windows TCP/IP Driver permits for native privilege elevation.NoElevation of PrivilegeImportantCVE-2025-54094A sort confusion flaw within the Home windows Defender Firewall Service can result in native privilege elevation.NoElevation of PrivilegeImportantCVE-2025-54098Improper entry management in Home windows Hyper-V can be utilized for native privilege elevation.NoElevation of PrivilegeImportantCVE-2025-54103A use-after-free flaw in Home windows Administration Service can be utilized for native privilege elevation.NoElevation of PrivilegeImportantCVE-2025-54104A sort confusion flaw within the Home windows Defender Firewall Service can result in native privilege elevation.NoElevation of PrivilegeImportantCVE-2025-54105A race situation within the Brokering File System can be utilized for native privilege elevation.NoElevation of PrivilegeImportantCVE-2025-54107Improper path decision in MapUrlToZone can result in a safety function bypass.NoSecurity Characteristic BypassImportantCVE-2025-54108A race situation within the Functionality Entry Administration Service permits for native privilege elevation.NoElevation of PrivilegeImportantCVE-2025-54109A sort confusion flaw within the Home windows Defender Firewall Service can result in native privilege elevation.NoElevation of PrivilegeImportantCVE-2025-54112A use-after-free flaw in Microsoft Digital Arduous Disk can be utilized for native privilege elevation.NoElevation of PrivilegeImportantCVE-2025-54113A heap-based buffer overflow in RRAS permits for distant code execution.NoRemote Code ExecutionImportantCVE-2025-54114A race situation within the Related Gadgets Platform Service can result in a denial of service.NoDenial of ServiceImportantCVE-2025-54115A race situation in Home windows Hyper-V can be utilized for native privilege elevation.NoElevation of PrivilegeImportantCVE-2025-54116Improper entry management in Home windows MultiPoint Providers permits for native privilege elevation.NoElevation of PrivilegeImportantCVE-2025-54900A heap-based buffer overflow in Microsoft Excel permits for native code execution.NoRemote Code ExecutionImportantCVE-2025-54901A buffer over-read in Microsoft Excel can result in native data disclosure.NoInformation DisclosureImportantCVE-2025-54911A use-after-free flaw in Home windows BitLocker can be utilized for native privilege elevation.NoElevation of PrivilegeImportantCVE-2025-54912A use-after-free flaw in Home windows BitLocker can be utilized for native privilege elevation.NoElevation of PrivilegeImportantCVE-2025-54915A sort confusion flaw within the Home windows Defender Firewall Service can result in native privilege elevation.NoElevation of PrivilegeImportantCVE-2025-54917A safety mechanism failure in MapUrlToZone can result in a safety function bypass.NoSecurity Characteristic BypassImportantCVE-2025-55227A command injection vulnerability in SQL Server permits for network-based privilege elevation.NoElevation of PrivilegeImportantCVE-2025-55234A flaw in Home windows SMB might enable an attacker to carry out relay assaults, resulting in privilege elevation.NoElevation of PrivilegeImportant
It is usually important to make sure the newest servicing stack updates, as detailed in advisory ADV990001, are put in to make sure profitable patching.
Discover this Story Attention-grabbing! Observe us on Google Information, LinkedIn, and X to Get Extra Prompt Updates.
