Microsoft Patches 86 Vulnerabilities – SecurityWeek

Posted on By CWS

Microsoft’s September 2025 Patch Tuesday updates resolve a complete of 86 vulnerabilities throughout Home windows and different merchandise.

The tech big’s launch notes point out that not one of the safety holes patched this month have been exploited within the wild.

Nonetheless, eight of them have an ‘exploitation extra probably’ score, together with info disclosure and privilege escalation points within the Home windows kernel, a distant code execution vulnerability in Home windows NTFS, and privilege escalation bugs within the Home windows TCP/IP driver, Home windows Hyper-V, Home windows NTLM, and Home windows SMB.

A majority of those vulnerabilities have a ‘excessive severity’ score, and the NTLM and SMB points have the very best CVSS rating, 8.8/10. 

Based mostly on CVSS rating, an important safety gap patched by Microsoft this month is CVE-2025-55232, described as a distant code execution situation within the Excessive Efficiency Compute (HPC) pack. CVE-2025-55232 has a CVSS rating of 9.8.

“Prospects ought to make certain the HPC Pack clusters are working in a trusted community secured by firewall guidelines particularly for the TCP port 5999,” Microsoft tells clients.

Different points with a CVSS rating exceeding 8.0 are CVE-2025-54106 and CVE-2025-54113 (each distant code execution flaws in Routing and Distant Entry Service), CVE-2025-54897 (distant code execution in SharePoint), CVE-2025-54910 (distant code execution in Workplace), and CVE-2025-55227 (privilege escalation in SQL Server).

Nonetheless, all of those vulnerabilities, together with the important HPC pack situation, have an exploitability evaluation of ‘exploitation much less probably’ or ‘exploitation unlikely’.Commercial. Scroll to proceed studying.

Adobe’s Patch Tuesday updates for September 2025 deal with almost two dozen vulnerabilities throughout 9 merchandise, together with important ColdFusion and Commerce flaws. 

Associated: Microsoft Patches Over 100 Vulnerabilities

Associated: Organizations Warned of Vulnerability in Microsoft Change Hybrid Deployment

Associated: Microsoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint Servers

Security Week News Tags:, , ,

Related Posts

OT Networks Targeted in Widespread Exploitation of Erlang/OTP Vulnerability Security Week News
Security Theater or Real Defense? The KPIs That Tell the Truth Security Week News
Code Execution Vulnerability Patched in GitHub Enterprise Server Security Week News
Chinese Hackers Hit Drone Sector in Supply Chain Attacks Security Week News
State-Sponsored Hackers Stole SonicWall Cloud Backups in Recent Attack Security Week News
Red Hat Confirms GitLab Instance Hack, Data Theft Security Week News