Stay updated with the latest Cybersecurity News on our TecnetBlog.

Patch Tuesday August 2025: Microsoft Fixes 107 Vulnerabilities

Written by Zoilijee Quero | Aug 12, 2025 6:32:15 PM

Today is Patch Tuesday, and Microsoft is coming in with a security-heavy update. In this August 2025 Patch Tuesday, the company has released fixes for 107 security flaws, including a zero-day vulnerability in Windows Kerberos that had already been publicly disclosed.

But that’s not all: among these fixes, 13 vulnerabilities are classified as critical. Of those:

 

  1. 9 are remote code execution vulnerabilities (the most dangerous, as they allow an attacker to run malicious software without your permission).

  2. 3 are information disclosure vulnerabilities.

  3. 1 is a privilege escalation vulnerability.

 

Looking at the bigger picture, the flaws break down as follows:

 

  1. 44 privilege escalation vulnerabilities.

  2. 35 remote code execution vulnerabilities.

  3. 18 information disclosure vulnerabilities.

  4. 4 denial of service vulnerabilities.

  5. 9 spoofing vulnerabilities.

 

It’s important to note that this count only includes the updates released today as part of Patch Tuesday. It does not include fixes Microsoft had already released earlier this month for other products such as Mariner, Azure, or Microsoft Edge.

In short: this is not the month to postpone updates. Especially with a zero-day in play, every day without installing patches is an opportunity for attackers to find a hole in your system.

 

A zero-day vulnerability that can’t be ignored

 

This month’s Patch Tuesday has a clear headline act: the fix for a zero-day vulnerability in Windows Kerberos, already publicly disclosed and posing a serious risk to enterprise networks.

To put it simply: Microsoft considers a “zero-day” to be a flaw that has already been disclosed or exploited before an official patch is available. In this case, we’re talking about CVE-2025-53779, a privilege escalation flaw that allowed an authenticated attacker to gain domain administrator rights.

Microsoft explained that the issue was due to a relative path traversal within Windows Kerberos. With this flaw, someone with valid credentials could exploit it to escalate privileges on the network and take control of critical resources.

The attack required advanced access to two managed account attributes (dMSA):

 

  1. msds-groupMSAMembership → Allows the user to use the dMSA.

  2. msds-ManagedAccountPrecededByLink → If the attacker has write permission here, they can specify a user on whose behalf the dMSA will act.

 

In plain terms: if you manage Windows networks and haven’t applied this patch yet, you’re leaving a door wide open for anyone with internal access to become the absolute ruler of your domain.

 

Read more: What is patch management?

 

August 2025 Patch Tuesday Security Updates

 

Here’s the full list of vulnerabilities that Microsoft has addressed with the August 2025 Patch Tuesday updates.

Tag CVE ID CVE Title Severity
Azure File Sync CVE-2025-53729 Microsoft Azure File Sync Elevation of Privilege Vulnerability Important
Azure Stack CVE-2025-53793 Azure Stack Hub Information Disclosure Vulnerability Critical
Azure Stack CVE-2025-53765 Azure Stack Hub Information Disclosure Vulnerability Important
Azure Virtual Machines CVE-2025-49707 Azure Virtual Machines Spoofing Vulnerability Critical
Azure Virtual Machines CVE-2025-53781 Azure Virtual Machines Information Disclosure Vulnerability Critical
Desktop Windows Manager CVE-2025-53152 Desktop Windows Manager Remote Code Execution Vulnerability Important
Desktop Windows Manager CVE-2025-50153 Desktop Windows Manager Elevation of Privilege Vulnerability Important
GitHub Copilot and Visual Studio CVE-2025-53773 GitHub Copilot and Visual Studio Remote Code Execution Vulnerability Important
Graphics Kernel CVE-2025-50176 DirectX Graphics Kernel Remote Code Execution Vulnerability Critical
Kernel Streaming WOW Thunk Service Driver CVE-2025-53149 Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability Important
Kernel Transaction Manager CVE-2025-53140 Windows Kernel Transaction Manager Elevation of Privilege Vulnerability Important
Microsoft Brokering File System CVE-2025-53142 Microsoft Brokering File System Elevation of Privilege Vulnerability Important
Microsoft Dynamics 365 (on-premises) CVE-2025-49745 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Important
Microsoft Dynamics 365 (on-premises) CVE-2025-53728 Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability Important
Microsoft Edge for Android CVE-2025-49755 Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability Low
Microsoft Edge for Android CVE-2025-49736 Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability Moderate
Microsoft Exchange Server CVE-2025-25005 Microsoft Exchange Server Tampering Vulnerability Important
Microsoft Exchange Server CVE-2025-25006 Microsoft Exchange Server Spoofing Vulnerability Important
Microsoft Exchange Server CVE-2025-25007 Microsoft Exchange Server Spoofing Vulnerability Important
Microsoft Exchange Server CVE-2025-53786 Microsoft Exchange Server Hybrid Deployment Elevation of Privilege Vulnerability Important
Microsoft Exchange Server CVE-2025-33051 Microsoft Exchange Server Information Disclosure Vulnerability Important
Microsoft Graphics Component CVE-2025-49743 Windows Graphics Component Elevation of Privilege Vulnerability Important
Microsoft Graphics Component CVE-2025-50165 Windows Graphics Component Remote Code Execution Vulnerability Critical
Microsoft Office CVE-2025-53732 Microsoft Office Remote Code Execution Vulnerability Important
Microsoft Office CVE-2025-53740 Microsoft Office Remote Code Execution Vulnerability Critical
Microsoft Office CVE-2025-53731 Microsoft Office Remote Code Execution Vulnerability Critical
Microsoft Office Excel CVE-2025-53759 Microsoft Excel Remote Code Execution Vulnerability Important
Microsoft Office Excel CVE-2025-53737 Microsoft Excel Remote Code Execution Vulnerability Important
Microsoft Office Excel CVE-2025-53739 Microsoft Excel Remote Code Execution Vulnerability Important
Microsoft Office Excel CVE-2025-53735 Microsoft Excel Remote Code Execution Vulnerability Important
Microsoft Office Excel CVE-2025-53741 Microsoft Excel Remote Code Execution Vulnerability Important
Microsoft Office PowerPoint CVE-2025-53761 Microsoft PowerPoint Remote Code Execution Vulnerability Important
Microsoft Office SharePoint CVE-2025-53760 Microsoft SharePoint Elevation of Privilege Vulnerability Important
Microsoft Office SharePoint CVE-2025-49712 Microsoft SharePoint Remote Code Execution Vulnerability Important
Microsoft Office Visio CVE-2025-53730 Microsoft Office Visio Remote Code Execution Vulnerability Important
Microsoft Office Visio CVE-2025-53734 Microsoft Office Visio Remote Code Execution Vulnerability Important
Microsoft Office Word CVE-2025-53738 Microsoft Word Remote Code Execution Vulnerability Important
Microsoft Office Word CVE-2025-53736 Microsoft Word Information Disclosure Vulnerability Important
Microsoft Office Word CVE-2025-53784 Microsoft Word Remote Code Execution Vulnerability Critical
Microsoft Office Word CVE-2025-53733 Microsoft Word Remote Code Execution Vulnerability Critical
Microsoft Teams CVE-2025-53783 Microsoft Teams Remote Code Execution Vulnerability Important
Remote Access Point-to-Point Protocol (PPP) EAP-TLS CVE-2025-50159 Remote Access Point-to-Point Protocol (PPP) EAP-TLS Elevation of Privilege Vulnerability Important
Remote Desktop Server CVE-2025-50171 Remote Desktop Spoofing Vulnerability Important
Role: Windows Hyper-V CVE-2025-50167 Windows Hyper-V Elevation of Privilege Vulnerability Important
Role: Windows Hyper-V CVE-2025-53155 Windows Hyper-V Elevation of Privilege Vulnerability Important
Role: Windows Hyper-V CVE-2025-49751 Windows Hyper-V Denial of Service Vulnerability Important
Role: Windows Hyper-V CVE-2025-53723 Windows Hyper-V Elevation of Privilege Vulnerability Important
Role: Windows Hyper-V CVE-2025-48807 Windows Hyper-V Remote Code Execution Vulnerability Critical
SQL Server CVE-2025-49758 Microsoft SQL Server Elevation of Privilege Vulnerability Important
SQL Server CVE-2025-24999 Microsoft SQL Server Elevation of Privilege Vulnerability Important
SQL Server CVE-2025-53727 Microsoft SQL Server Elevation of Privilege Vulnerability Important
SQL Server CVE-2025-49759 Microsoft SQL Server Elevation of Privilege Vulnerability Important
SQL Server CVE-2025-47954 Microsoft SQL Server Elevation of Privilege Vulnerability Important
Storage Port Driver CVE-2025-53156 Windows Storage Port Driver Information Disclosure Vulnerability Important
Web Deploy CVE-2025-53772 Web Deploy Remote Code Execution Vulnerability Important
Windows Ancillary Function Driver for WinSock CVE-2025-53718 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Important
Windows Ancillary Function Driver for WinSock CVE-2025-53134 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Important
Windows Ancillary Function Driver for WinSock CVE-2025-49762 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Important
Windows Ancillary Function Driver for WinSock CVE-2025-53147 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Important
Windows Ancillary Function Driver for WinSock CVE-2025-53154 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Important
Windows Ancillary Function Driver for WinSock CVE-2025-53137 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Important
Windows Ancillary Function Driver for WinSock CVE-2025-53141 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Important
Windows Cloud Files Mini Filter Driver CVE-2025-50170 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Important
Windows Connected Devices Platform Service CVE-2025-53721 Windows Connected Devices Platform Service Elevation of Privilege Vulnerability Important
Windows DirectX CVE-2025-53135 DirectX Graphics Kernel Elevation of Privilege Vulnerability Important
Windows DirectX CVE-2025-50172 DirectX Graphics Kernel Denial of Service Vulnerability Important
Windows Distributed Transaction Coordinator CVE-2025-50166 Windows Distributed Transaction Coordinator (MSDTC) Information Disclosure Vulnerability Important
Windows File Explorer CVE-2025-50154 Microsoft Windows File Explorer Spoofing Vulnerability Important
Windows GDI+ CVE-2025-53766 GDI+ Remote Code Execution Vulnerability Critical
Windows Installer CVE-2025-50173 Windows Installer Elevation of Privilege Vulnerability Important
Windows Kerberos CVE-2025-53779 Windows Kerberos Elevation of Privilege Vulnerability Moderate
Windows Kernel CVE-2025-49761 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Kernel CVE-2025-53151 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Local Security Authority Subsystem Service (LSASS) CVE-2025-53716 Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability Important
Windows Media CVE-2025-53131 Windows Media Remote Code Execution Vulnerability Important
Windows Message Queuing CVE-2025-53145 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Important
Windows Message Queuing CVE-2025-53143 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Important
Windows Message Queuing CVE-2025-50177 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Critical
Windows Message Queuing CVE-2025-53144 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Important
Windows NT OS Kernel CVE-2025-53136 NT OS Kernel Information Disclosure Vulnerability Important
Windows NTFS CVE-2025-50158 Windows NTFS Information Disclosure Vulnerability Important
Windows NTLM CVE-2025-53778 Windows NTLM Elevation of Privilege Vulnerability Critical
Windows PrintWorkflowUserSvc CVE-2025-53133 Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability Important
Windows Push Notifications CVE-2025-53725 Windows Push Notifications Apps Elevation of Privilege Vulnerability Important
Windows Push Notifications CVE-2025-53724 Windows Push Notifications Apps Elevation of Privilege Vulnerability Important
Windows Push Notifications CVE-2025-50155 Windows Push Notifications Apps Elevation of Privilege Vulnerability Important
Windows Push Notifications CVE-2025-53726 Windows Push Notifications Apps Elevation of Privilege Vulnerability Important
Windows Remote Desktop Services CVE-2025-53722 Windows Remote Desktop Services Denial of Service Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2025-50157 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2025-53153 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2025-50163 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2025-50162 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2025-50164 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2025-53148 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2025-53138 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2025-50156 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2025-49757 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2025-53719 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2025-53720 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2025-50160 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Important
Windows Security App CVE-2025-53769 Windows Security App Spoofing Vulnerability Important
Windows SMB CVE-2025-50169 Windows SMB Remote Code Execution Vulnerability Important
Windows StateRepository API CVE-2025-53789 Windows StateRepository API Server file Elevation of Privilege Vulnerability Important
Windows Subsystem for Linux CVE-2025-53788 Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability Important
Windows Win32K - GRFX CVE-2025-50161 Win32k Elevation of Privilege Vulnerability Important
Windows Win32K - GRFX CVE-2025-53132 Win32k Elevation of Privilege Vulnerability Important
Windows Win32K - ICOMP CVE-2025-50168 Win32k Elevation of Privilege Vulnerability Important

 

Read more: +29,000 Servidores Exchange Siguen Vulnerables a una Falla Crítica

 

Conclusion

 

At TecnetOne, we believe cybersecurity is not something you can put off until tomorrow. Every patch Microsoft releases is another barrier between your systems and attackers, and in a month like this— with over a hundred vulnerabilities fixed and an active zero-day—speed in applying updates is key.

Our recommendation is clear: install the patches immediately, verify they’ve been applied correctly, and maintain a consistent update plan. This not only protects your information but also ensures business continuity and preserves your customers’ trust.
View full post