- August 2025 Patch Tuesday update addresses 111 flaws
- These include multiple critical-severity flaws and a zero-day issue
- Users should apply the patch immediately, or risk attack
Microsoft has released its August 2025 Patch Tuesday package, a cumulative set of updates addressing more than 100 vulnerabilities across a host of its products.
Among them was a known zero-day vulnerability in Windows Kerberos, the company’s implementation of the Kerberos authentication protocol, which securely verifies user identities in a Windows network using tickets instead of sending passwords over the network.
Kerberos was found to contain a “relative path traversal” flaw which allows an authorized threat actor to elevate privileges over a network.
Critical severity flaws
Besides the zero-day, Microsoft fixed another 106 flaws, including 13 bugs labeled “critical”.
Of those, nine are remote code execution (RCE) flaws that can be abused in device takeover attacks, information disclosure flaws that can be used in data exfiltration attacks, and an elevation of privilege bug.
Some of the more notable vulnerabilities fixed in the release include a 10/10, critical flaw in Azure OpenAI, tracked as CVE-2025-53767 which could allow unauthenticated threat actors to remotely access sensitive information in AI environments.
Another notable mention is a remote code execution bug in Microsoft Graphics Component that can be exploited through malicious files or images. It is tracked as CVE-2025-50165, and was given a severity score of 9.8/10 (critical).
There are also CVE-2025-53766, CVE-50171, and CVE-2025-53792, all of which have a severity score of 9.1 and higher, making them critical.
In total, 111 vulnerabilities were addressed by Microsoft, and although none are marked as being actively exploited in the wild, admins would be wise to apply the fix without delay.
Via BleepingComputer
You might also like
- Microsoft patches three worrying security flaws in its latest critical update, so update now
- Take a look at our guide to the best authenticator app
- We’ve rounded up the best password managers