In August 2023, Microsoft hosted its monthly Patch Tuesday, addressing a staggering total of 111 vulnerabilities across its product range. Among these, a dozen of the identified flaws are classified as critical, while one moderate-severity vulnerability is highlighted as publicly known. Fortunately, Microsoft has confirmed that none of the security holes disclosed this month are currently being exploited in the wild. However, it’s essential to remain vigilant, as previous patches, such as those released in July, also claimed no active exploits, only to later reveal vulnerabilities like those found in SharePoint.
One of the notable vulnerabilities identified is an elevation of privilege flaw within the Windows Kerberos network authentication protocol, tracked as CVE-2025-53779. Microsoft rates this vulnerability at 7.2 on the ten-point CVSS scale, suggesting that exploitation is less likely. This may be due to the requirement for an attacker to be authenticated with explicit permissions to the delegated Managed Service Account (dMSA). Specifically, the attributes msds-groupMSAMembership and msds-ManagedAccountPrecededByLink must be manipulated, thereby complicating potential attacks. If successfully exploited, this flaw could grant attackers domain administrator privileges.
Moving on to the critical flaws, CVE-2025-50165 and CVE-2025-53766 both pose significant risks, as they can lead to remote code execution (RCE) and have received a high severity score of 9.8/10. CVE-2025-53766 is a result of a heap-based buffer overflow in the Windows Graphics Device Interface (GDI+), allowing unauthorized attackers to execute code via a network. This vulnerability was reported by Gábor Selján from Check Point Research. Although exploitation is deemed less likely, an attacker could execute this attack merely by visiting a malicious webpage, potentially leading to severe consequences.
On the other hand, CVE-2025-50165 represents an RCE flaw in the Windows Graphics Component that necessitates no user interaction; simply viewing a specially crafted JPEG image embedded in Office or third-party files could trigger the vulnerability. Microsoft has also rated this flaw as less likely to be exploited, but the risk remains as the disclosure of the flaw could lead to unforeseen attacks. Zscaler researcher Arjun G U is credited with identifying this vulnerability.
As for SharePoint, a critical RCE vulnerability tracked as CVE-2025-49712 has emerged, with a severity rating of 8.8. This flaw allows any authenticated user to exploit the vulnerability remotely. While there are currently no active attacks associated with this flaw, it is similar to a bug utilized in existing exploits. According to Dustin Childs of Trend Micro's Zero Day Initiative, this vulnerability requires authentication, yet several authentication bypasses are publicly known and patched. Users are advised to ensure all SharePoint patches are up to date and to reconsider the necessity of public internet access to the application.
Here’s a brief overview of other critical flaws addressed this month:
CVE-2025-50177 – A Microsoft Message Queuing RCE CVE-2025-53731 and CVE-2025-53740 – A pair of Office RCEs CVE-2025-53733 and CVE-2025-53784 – Windows RCEs CVE-2025-53781 – A Hyper-V information disclosure vulnerability CVE-2025-49707 – A Hyper-V spoofing flaw CVE-2025-48807 – A Hyper-V RCE CVE-2025-53778 – A Windows New Technology LAN Manager (NTLM) elevation of privilege vulnerability CVE-2025-53793 – An Azure Stack Hub information disclosure bugIn addition to Microsoft's updates, Adobe has released patches for 68 CVEs this month. Notably, the updates for InCopy address eight critical vulnerabilities, all enabling RCE. Furthermore, there are six critical and important bug fixes included in the Commerce patch collection. Adobe has categorized 12 out of 14 patches for InDesign as critical, while updates for Substance 3D Modeler rectify 13 critical and important CVEs and Substance 3D Painter addresses nine critical and important flaws.
Moreover, the Substance 3D Stager has two bugs fixed, with one classified as critical, and the Substance 3D Sampler update resolves one important-rated flaw. The Substance 3D Viewer update also includes two critical CVEs. Additionally, critical flaws have been patched in Animate, Illustrator, and Photoshop, emphasizing the importance of regular updates to ensure security across Adobe products.
In the realm of other security updates, CISA has flagged another Exchange server vulnerability that could lead to a total domain compromise, while also releasing a malware analysis for a SharePoint Server attack. Microsoft has also spotlighted an Apple bug that was patched in March as SharePoint exploits continue to be a concern.
In the ongoing efforts to enhance security, SAP released 15 new security notes along with four updates to previously released notes. Among these, three critical flaws rated 9.9 require immediate attention, specifically addressing code injection vulnerabilities in SAP S/4HANA and its Landscape Transformation analysis platform.
Intel has also joined the patching efforts this month, issuing 34 advisories that address 66 vulnerabilities across its firmware, hardware, and software products. Noteworthy among these are high-severity vulnerabilities affecting some Xeon 6 processors that may lead to escalation of privileges, as well as critical bugs in some Intel Ethernet Drivers for Linux.
As technology continues to evolve, staying informed about security vulnerabilities and applying necessary patches is crucial for maintaining the integrity of systems and protecting sensitive data. Regular updates from tech giants like Microsoft and Adobe are essential in the ongoing battle against cyber threats.
