Microsoft Patches 86 Vulnerabilities – SecurityWeek

Posted on By CWS

Microsoft’s September 2025 Patch Tuesday updates resolve a complete of 86 vulnerabilities throughout Home windows and different merchandise.

The tech big’s launch notes point out that not one of the safety holes patched this month have been exploited within the wild.

Nonetheless, eight of them have an ‘exploitation extra probably’ score, together with info disclosure and privilege escalation points within the Home windows kernel, a distant code execution vulnerability in Home windows NTFS, and privilege escalation bugs within the Home windows TCP/IP driver, Home windows Hyper-V, Home windows NTLM, and Home windows SMB.

A majority of those vulnerabilities have a ‘excessive severity’ score, and the NTLM and SMB points have the very best CVSS rating, 8.8/10. 

Based mostly on CVSS rating, an important safety gap patched by Microsoft this month is CVE-2025-55232, described as a distant code execution situation within the Excessive Efficiency Compute (HPC) pack. CVE-2025-55232 has a CVSS rating of 9.8.

“Prospects ought to make certain the HPC Pack clusters are working in a trusted community secured by firewall guidelines particularly for the TCP port 5999,” Microsoft tells clients.

Different points with a CVSS rating exceeding 8.0 are CVE-2025-54106 and CVE-2025-54113 (each distant code execution flaws in Routing and Distant Entry Service), CVE-2025-54897 (distant code execution in SharePoint), CVE-2025-54910 (distant code execution in Workplace), and CVE-2025-55227 (privilege escalation in SQL Server).

Nonetheless, all of those vulnerabilities, together with the important HPC pack situation, have an exploitability evaluation of ‘exploitation much less probably’ or ‘exploitation unlikely’.Commercial. Scroll to proceed studying.

Adobe’s Patch Tuesday updates for September 2025 deal with almost two dozen vulnerabilities throughout 9 merchandise, together with important ColdFusion and Commerce flaws. 

Associated: Microsoft Patches Over 100 Vulnerabilities

Associated: Organizations Warned of Vulnerability in Microsoft Change Hybrid Deployment

Associated: Microsoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint Servers

Security Week News Tags:, , ,

Related Posts

Mondoo Raises $17.5 Million for Vulnerability Management Platform Security Week News
Japan Issues OT Security Guidance for Semiconductor Factories Security Week News
ServiceNow to Acquire Identity Security Firm Veza in Reported $1 Billion Deal  Security Week News
Output Messenger Zero-Day Exploited by Turkish Hackers for Iraq Spying  Security Week News
Critical Vulnerability Exposes Many Mitel MiCollab Instances to Remote Hacking Security Week News
Chrome Extensions With 900,000 Downloads Caught Stealing AI Chats Security Week News