Microsoft Patch Tuesday : Key points:

119 vulnerabilities discovered & 13 are classified as Critical rating meaning as per Microsoft’ they could be abused by malware or malcontents to gain remote access to a Windows system with little or no help from users.

CVE-2025-53779 is Windows Kerberos Elevation of Privilege Vulnerability

The vulnerabilities fall into multiple categories, including Remote Code Execution (RCE), Elevation of Privilege (EoP), Information Disclosure, Spoofing, Denial of Service (DoS), and Tampering. Below is a detailed breakdown of the vulnerabilities by category, along with key insights for organizations to prioritize their patching efforts.

OEM	Microsoft
Severity	Critical
Date of Announcement	2025-08-12
No. of Patches	119
Actively Exploited	No
Exploited in Wild	No
Advisory Version	1.0

Overview 

Microsoft has released security updates addressing 119 vulnerabilities in the August 2025 Patch Tuesday cycle, including one publicly disclosed zero-day in Windows Kerberos. Of these, 13 are classified as Critical, covering a wide range of products such as Windows components, Office, Azure, Exchange and SharePoint. 

• 111 Microsoft CVEs addressed 

• 8 non-Microsoft CVEs addressed 

Breakdown of August 2025 Vulnerabilities 

• 44 Elevation of Privilege Vulnerabilities 

• 35 Remote Code Execution Vulnerabilities 

• 18 Information Disclosure Vulnerabilities 

• 9 Spoofing Vulnerabilities 

• 4 Denial of Service Vulnerabilities 

• 1 Tampering vulnerabilities 

Vulnerability Name	CVE ID	Product Affected	Severity	CVSS Score
Windows Kerberos Elevation of Privilege Vulnerability	CVE-2025-53779	Windows Server 2025	High	7.2

Technical Summary 

The August 2025 Patch Tuesday addresses a publicly disclosed zero-day vulnerability CVE-2025-53779 in Windows Kerberos.

This elevation of privilege flaw, related to improper path handling in domain-managed service accounts (dMSA), could allow a local attacker to gain domain administrator privileges.

Microsoft also patched several critical Remote Code Execution (RCE) vulnerabilities across Windows Graphics, GDI+, Office, DirectX, and Hyper-V. Many of these vulnerabilities require minimal or no user interaction, such as simply opening a file in the preview pane or processing crafted image or network messages, making them high-risk for enterprise environments. 

CVE ID	System Affected	Vulnerability Details	Impact
CVE-2025-53779	Microsoft Windows Server 2025	Relative path traversal in Windows Kerberos allows an authorized attacker to elevate privileges over a network.	Privilege escalation

Source: Microsoft and NVD 

In addition to the publicly disclosed vulnerability, several other critical and high-severity issues were addressed: 

• CVE‑2025‑50165 and CVE‑2025‑53766: Graphics-related RCEs, particularly vulnerable due to their ability to execute code without user interaction and potential wormable behavior. 

• CVE‑2025‑53792: Azure Portal, privilege escalation vulnerability, critical impact on cloud administration surface. 

• CVE‑2025‑50171: Remote Desktop Server, allows remote code execution over RDP. 

• CVE‑2025‑53778: Windows NTLM, elevation of privilege exploitation includes lateral movement across enterprise networks. 

• CVE‑2025‑53786: Microsoft Exchange Server, hybrid environment vulnerability with potential for cloud environment hijacking. 

Key Affected Products and Services 

The vulnerabilities addressed in August 2025 impact a wide range of Microsoft products and services, including: 

• Windows Core and Authentication Systems 

Includes fixes in Windows Server (Kerberos), Windows Graphics Component, GDI+, DirectX Graphics Kernel, NTLM, Hyper‑V, MSMQ, Remote Desktop and more. 

• Microsoft Office Suite and Productivity Tools 

Microsoft Office and Word, notably through Preview Pane RCE flaws, as well as SharePoint (RCE and EoP), Exchange Server (Privilege Escalation in hybrid setups) and Teams. 

• Cloud and Azure Ecosystem 

Critical issues in Azure Virtual Machines (spoofing and info disclosure), Azure Stack Hub and potentially Azure Portal. 

• Virtualization and Hypervisor Technologies 

Updates include vulnerabilities in Hyper‑V (RCE and privilege escalation) and DirectX graphics kernel components relevant to virtualization. 

• Development Tools 

Fixes include vulnerabilities affecting Visual Studio and GitHub Copilot, reinforcing development environments. 

• Messaging and Queuing Services 

Includes a critical RCE in Microsoft Message Queuing (MSMQ). 

• Browsers: 
  Microsoft Edge (Chromium-based). 

Remediation: 

• Apply Patches Promptly: Install the August 2025 security updates immediately to mitigate risks. 

Conclusion: 

Microsoft’s August 2025 Patch Tuesday, disclosed zero-day CVE-2025-53779 is another privilege escalation flaw in Windows Kerberos that stems from a case of relative path traversal. Akamai researcher Yuval Gordon has been credited with discovering and reporting the bug.

Aside from the vulnerabilities patched and disclosed in the regular monthly patch release for August, it is worth noting that one week ahead of the monthly update, Microsoft disclosed 4 vulnerabilities affecting Microsoft cloud services.

References: 

• https://msrc.microsoft.com/update-guide/releaseNote/2025-Aug 

• https://www.bleepingcomputer.com/news/microsoft/microsoft-august-2025-patch-tuesday-fixes-one-zero-day-107-flaws 

• https://www.rapid7.com/blog/post/patch-tuesday-august-2025/