Microsoft Patches 86 Vulnerabilities – SecurityWeek

Microsoft Patches 86 Vulnerabilities – SecurityWeek

Posted on By CWS

Microsoft’s September 2025 Patch Tuesday updates resolve a complete of 86 vulnerabilities throughout Home windows and different merchandise.

The tech big’s launch notes point out that not one of the safety holes patched this month have been exploited within the wild.

Nonetheless, eight of them have an ‘exploitation extra probably’ score, together with info disclosure and privilege escalation points within the Home windows kernel, a distant code execution vulnerability in Home windows NTFS, and privilege escalation bugs within the Home windows TCP/IP driver, Home windows Hyper-V, Home windows NTLM, and Home windows SMB.

A majority of those vulnerabilities have a ‘excessive severity’ score, and the NTLM and SMB points have the very best CVSS rating, 8.8/10. 

Based mostly on CVSS rating, an important safety gap patched by Microsoft this month is CVE-2025-55232, described as a distant code execution situation within the Excessive Efficiency Compute (HPC) pack. CVE-2025-55232 has a CVSS rating of 9.8.

“Prospects ought to make certain the HPC Pack clusters are working in a trusted community secured by firewall guidelines particularly for the TCP port 5999,” Microsoft tells clients.

Different points with a CVSS rating exceeding 8.0 are CVE-2025-54106 and CVE-2025-54113 (each distant code execution flaws in Routing and Distant Entry Service), CVE-2025-54897 (distant code execution in SharePoint), CVE-2025-54910 (distant code execution in Workplace), and CVE-2025-55227 (privilege escalation in SQL Server).

Nonetheless, all of those vulnerabilities, together with the important HPC pack situation, have an exploitability evaluation of ‘exploitation much less probably’ or ‘exploitation unlikely’.Commercial. Scroll to proceed studying.

Adobe’s Patch Tuesday updates for September 2025 deal with almost two dozen vulnerabilities throughout 9 merchandise, together with important ColdFusion and Commerce flaws. 

Associated: Microsoft Patches Over 100 Vulnerabilities

Associated: Organizations Warned of Vulnerability in Microsoft Change Hybrid Deployment

Associated: Microsoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint Servers

Security Week News Tags:, , ,

Related Posts

Hawaiian Airlines Hacked as Aviation Sector Warned of Scattered Spider Attacks Hawaiian Airlines Hacked as Aviation Sector Warned of Scattered Spider Attacks Security Week News
Dutch Intelligence Agencies Say Russian Hackers Stole Police Data in Cyberattack Dutch Intelligence Agencies Say Russian Hackers Stole Police Data in Cyberattack Security Week News
Four-Year Prison Sentence for PowerSchool Hacker Four-Year Prison Sentence for PowerSchool Hacker Security Week News
Proofpoint to Acquire Hornetsecurity in Reported Billion Deal Proofpoint to Acquire Hornetsecurity in Reported $1 Billion Deal Security Week News
Google Finds Data Theft Malware Used by Russian APT in Select Cases Google Finds Data Theft Malware Used by Russian APT in Select Cases Security Week News
Google Discloses Data Breach via Salesforce Hack  Google Discloses Data Breach via Salesforce Hack  Security Week News