Microsoft August 2025 Patch Tuesday, (Tue, Aug 12th)

This month’s Microsoft patch update addresses a total of 111 vulnerabilities, with 17 classified as critical. Among these, one vulnerability was disclosed prior to the patch release, marking it as a zero-day. While none of the vulnerabilities have been exploited in the wild, the critical ones pose significant risks, including remote code execution and elevation of privilege. Users are strongly advised to apply the updates promptly to safeguard their systems against potential threats.\

\

**Windows Kerberos Elevation of Privilege Vulnerability** (CVE-2025-53779) is a disclosed zero-day vulnerability with a CVSS score of 7.2, rated as Moderate in severity. Although it has not been exploited in the wild, it poses a significant risk as it allows an attacker to gain domain administrator privileges. To exploit this vulnerability, an attacker would need high privileges, specifically access to certain attributes of the dMSA, such as msds-groupMSAMembership and msds-ManagedAccountPrecededByLink. These attributes enable the attacker to utilize the dMSA and specify a user that the dMSA can act on behalf of, potentially compromising the security of the domain.\

\

**Windows Graphics Component Remote Code Execution Vulnerability** (CVE-2025-50165) is a critical vulnerability with a CVSS score of 9.8, which has not been exploited in the wild nor disclosed publicly as a zero-day. This vulnerability allows for remote code execution, posing a significant threat due to its ability to be exploited without any user interaction. The attack vector is network-based, and the vulnerability arises from an uninitialized function pointer being called when decoding a JPEG image, which can be embedded in Office and third-party documents or files. Successful exploitation could enable an attacker to execute arbitrary code remotely, highlighting the critical need for immediate attention and remediation to prevent potential exploitation.\

\

**GDI+ Remote Code Execution Vulnerability** (CVE-2025-53766) is a critical vulnerability with a CVSS score of 9.8, which has not been exploited in the wild nor disclosed publicly as a zero-day. This vulnerability allows for remote code execution on web services parsing documents with specially crafted metafiles, without requiring any user interaction or privileges from the attacker. The attack vector is network-based, meaning an attacker could exploit this vulnerability by uploading such documents to web services, potentially leading to significant security breaches. The Preview Pane is not considered an attack vector for this vulnerability, and mitigation strategies should focus on securing web services against unauthorized document uploads.\

\

**Azure Portal Elevation of Privilege Vulnerability** (CVE-2025-53792) is a critical vulnerability with a CVSS score of 9.1, which has not been exploited in the wild nor disclosed publicly, thus not qualifying as a zero-day. This vulnerability allows for elevation of privilege, potentially enabling unauthorized access to sensitive resources within the Azure Portal. Despite its critical severity, Microsoft has already fully mitigated this vulnerability, and no further action is required from users of the service. The CVE was issued to provide transparency regarding the vulnerability and its resolution, aligning with Microsoft’s commitment to greater transparency in cloud service security.\

\

**Windows NTLM Elevation of Privilege Vulnerability** (CVE-2025-53778) is a critical vulnerability, identified as CVE-2025-53778, has not been exploited in the wild nor disclosed publicly as a zero-day. It carries a CVSS score of 8.8, indicating its high severity. The vulnerability allows an attacker to elevate their privileges to SYSTEM level, posing a significant risk to affected systems. Although currently not exploited, organizations are advised to implement mitigation strategies to prevent potential exploitation and ensure the security of their systems.\

\

**Microsoft Office Remote Code Execution Vulnerability** (CVE-2025-53731) is a critical vulnerability with a CVSS score of 8.4, which has neither been exploited in the wild nor disclosed as a zero-day. This vulnerability allows for remote code execution, meaning an attacker can execute arbitrary code on the affected system, although the attack must be initiated locally. The Preview Pane in Microsoft Office serves as an attack vector, enabling the execution of malicious code when a user previews a compromised document. Despite the remote nature of the attacker’s location, the exploit requires local execution, posing significant security risks if not addressed. Users are advised to apply necessary patches and updates to mitigate potential threats.

**Microsoft Word Remote Code Execution Vulnerability** (CVE-2025-53733) is a critical vulnerability with a CVSS score of 8.4, which has not been exploited in the wild nor disclosed publicly, thus not qualifying as a zero-day. This vulnerability allows for remote code execution, although the attack vector is local, meaning the attacker or victim must execute code from the local machine. The Preview Pane in Microsoft Word serves as an attack vector for this vulnerability, potentially enabling arbitrary code execution. Users are advised to apply all relevant updates for their software to mitigate this risk, as multiple update packages may be necessary to fully address the vulnerability.\

\

**Microsoft Office Remote Code Execution Vulnerability** (CVE-2025-53740) is a critical vulnerability that has not been exploited in the wild nor disclosed publicly, making it a potential zero-day threat. With a CVSS score of 8.4, this vulnerability allows for remote code execution, posing a significant risk to systems running Microsoft Office. Despite the attack vector being local, the term “Remote” refers to the attacker’s location, indicating that the exploit can be initiated by executing code on the local machine. The Preview Pane in Microsoft Office is identified as a potential attack vector, which could be leveraged by attackers to execute arbitrary code. Users are advised to remain vigilant and apply necessary security measures to mitigate potential risks associated with this vulnerability.\

\

**Microsoft Word Remote Code Execution Vulnerability** (CVE-2025-53784) is a critical vulnerability with a CVSS score of 8.4, which has not been exploited in the wild nor disclosed publicly, thus not qualifying as a zero-day. This vulnerability allows for remote code execution, meaning an attacker can execute arbitrary code on the affected system, although the attack must be initiated locally. The vulnerability is particularly concerning because it can be exploited through the Preview Pane, making it a potential vector for attacks. Despite its critical nature, no active exploitation has been reported, and mitigation strategies should focus on securing local execution environments and monitoring for suspicious activity.\

\

**Microsoft 365 Copilot BizChat Information Disclosure Vulnerability** (CVE-2025-53787) is a critical vulnerability with a CVSS score of 8.2, which has not been exploited in the wild nor disclosed publicly, thus not qualifying as a zero-day. This vulnerability could potentially lead to information disclosure, compromising sensitive data within the Microsoft 365 Copilot BizChat service. Despite its severity, Microsoft has already fully mitigated the issue, and there are no further actions required from users. The CVE was published to enhance transparency regarding cloud service vulnerabilities, ensuring users are informed about past security issues and their resolutions.\

\

This summary of Microsoft’s monthly updates highlights critical vulnerabilities, emphasizing the need for immediate attention to certain threats. Notably, the Windows Graphics Component Remote Code Execution Vulnerability (CVE-2025-50165) and GDI+ Remote Code Execution Vulnerability (CVE-2025-53766) both pose significant risks due to their potential for remote exploitation without user interaction. Users should prioritize patching these vulnerabilities to prevent unauthorized code execution. Additionally, the Windows Kerberos Elevation of Privilege Vulnerability (CVE-2025-53779), a disclosed zero-day, requires high privileges to exploit but could lead to domain administrator access, necessitating careful monitoring and mitigation. While some vulnerabilities, like the Azure Portal Elevation of Privilege, have been fully mitigated by Microsoft, others demand user action to ensure system security.

 

Description

CVE
Disclosed
Exploited
Exploitability (old versions)
current version
Severity
CVSS Base (AVG)
CVSS Temporal (AVG)

Azure OpenAI Elevation of Privilege Vulnerability

CVE-2025-53767
No
No
–
–
Critical
10.0
8.7

Azure Portal Elevation of Privilege Vulnerability

CVE-2025-53792
No
No
–
–
Critical
9.1
7.9

Azure Stack Hub Information Disclosure Vulnerability

CVE-2025-53765
No
No
–
–
Important
4.4
3.9

CVE-2025-53793
No
No
–
–
Critical
7.5
6.5

Azure Virtual Machines Information Disclosure Vulnerability

CVE-2025-53781
No
No
–
–
Critical
7.7
6.7

Azure Virtual Machines Spoofing Vulnerability

CVE-2025-49707
No
No
–
–
Critical
7.9
6.9

Desktop Windows Manager Elevation of Privilege Vulnerability

CVE-2025-50153
No
No
–
–
Important
7.8
6.8

Desktop Windows Manager Remote Code Execution Vulnerability

CVE-2025-53152
No
No
–
–
Important
7.8
6.8

DirectX Graphics Kernel Denial of Service Vulnerability

CVE-2025-50172
No
No
–
–
Important
6.5
5.7

DirectX Graphics Kernel Elevation of Privilege Vulnerability

CVE-2025-53135
No
No
–
–
Important
7.0
6.1

DirectX Graphics Kernel Remote Code Execution Vulnerability

CVE-2025-50176
No
No
–
–
Critical
7.8
6.8

GDI+ Remote Code Execution Vulnerability

CVE-2025-53766
No
No
–
–
Critical
9.8
8.5

GitHub Copilot and Visual Studio Remote Code Execution Vulnerability

CVE-2025-53773
No
No
–
–
Important
7.8
6.8

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

CVE-2025-53149
No
No
–
–
Important
7.8
6.8

Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability

CVE-2025-53716
No
No
–
–
Important
6.5
5.7

Microsoft 365 Copilot BizChat Information Disclosure Vulnerability

CVE-2025-53774
No
No
–
–
Critical
6.5
5.7

CVE-2025-53787
No
No
–
–
Critical
8.2
7.1

Microsoft Azure File Sync Elevation of Privilege Vulnerability

CVE-2025-53729
No
No
–
–
Important
7.8
6.8

Microsoft Brokering File System Elevation of Privilege Vulnerability

CVE-2025-53142
No
No
–
–
Important
7.0
6.1

Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability

CVE-2025-53728
No
No
–
–
Important
6.5
5.7

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2025-49745
No
No
–
–
Important
5.4
4.7

Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability

CVE-2025-49755
No
No
–
–
Low
4.3
3.8

CVE-2025-49736
No
No
–
–
Moderate
4.3
3.8

Microsoft Excel Remote Code Execution Vulnerability

CVE-2025-53741
No
No
–
–
Important
7.8
6.8

CVE-2025-53759
No
No
–
–
Important
7.8
6.8

CVE-2025-53735
No
No
–
–
Important
7.8
6.8

CVE-2025-53737
No
No
–
–
Important
7.8
6.8

CVE-2025-53739
No
No
–
–
Important
7.8
6.8

Microsoft Exchange Server Hybrid Deployment Elevation of Privilege Vulnerability

CVE-2025-53786
No
No
–
–
Important
8.0
7.0

Microsoft Exchange Server Information Disclosure Vulnerability

CVE-2025-33051
No
No
–
–
Important
7.5
6.5

Microsoft Exchange Server Spoofing Vulnerability

CVE-2025-25006
No
No
–
–
Important
5.3
4.6

CVE-2025-25007
No
No
–
–
Important
5.3
4.6

Microsoft Exchange Server Tampering Vulnerability

CVE-2025-25005
No
No
–
–
Important
6.5
5.7

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

CVE-2025-50177
No
No
–
–
Critical
8.1
7.1

CVE-2025-53143
No
No
–
–
Important
8.8
7.7

CVE-2025-53144
No
No
–
–
Important
8.8
7.7

CVE-2025-53145
No
No
–
–
Important
8.8
7.7

Microsoft Office Remote Code Execution Vulnerability

CVE-2025-53731
No
No
–
–
Critical
8.4
7.3

CVE-2025-53732
No
No
–
–
Important
7.8
6.8

CVE-2025-53740
No
No
–
–
Critical
8.4
7.3

Microsoft Office Visio Remote Code Execution Vulnerability

CVE-2025-53730
No
No
–
–
Important
7.8
6.8

CVE-2025-53734
No
No
–
–
Important
7.8
6.8

Microsoft PowerPoint Remote Code Execution Vulnerability

CVE-2025-53761
No
No
–
–
Important
7.8
6.8

Microsoft SQL Server Elevation of Privilege Vulnerability

CVE-2025-49758
No
No
–
–
Important
8.8
7.7

CVE-2025-53727
No
No
–
–
Important
8.8
7.7

CVE-2025-24999
No
No
–
–
Important
8.8
7.7

CVE-2025-49759
No
No
–
–
Important
8.8
7.7

CVE-2025-47954
No
No
–
–
Important
8.8
7.7

Microsoft SharePoint Elevation of Privilege Vulnerability

CVE-2025-53760
No
No
–
–
Important
7.1
6.2

Microsoft SharePoint Remote Code Execution Vulnerability

CVE-2025-49712
No
No
–
–
Important
8.8
7.7

Microsoft Teams Remote Code Execution Vulnerability

CVE-2025-53783
No
No
–
–
Important
7.5
6.5

Microsoft Windows File Explorer Spoofing Vulnerability

CVE-2025-50154
No
No
–
–
Important
7.5
6.5

Microsoft Word Information Disclosure Vulnerability

CVE-2025-53736
No
No
–
–
Important
6.8
5.9

Microsoft Word Remote Code Execution Vulnerability

CVE-2025-53733
No
No
–
–
Critical
8.4
7.3

CVE-2025-53738
No
No
–
–
Important
7.8
6.8

CVE-2025-53784
No
No
–
–
Critical
8.4
7.3

NT OS Kernel Information Disclosure Vulnerability

CVE-2025-53136
No
No
–
–
Important
5.5
4.8

Remote Access Point-to-Point Protocol (PPP) EAP-TLS Elevation of Privilege Vulnerability

CVE-2025-50159
No
No
–
–
Important
7.3
6.4

Remote Desktop Spoofing Vulnerability

CVE-2025-50171
No
No
–
–
Important
9.1
7.9

Web Deploy Remote Code Execution Vulnerability

CVE-2025-53772
No
No
–
–
Important
8.8
7.7

Win32k Elevation of Privilege Vulnerability

CVE-2025-50161
No
No
–
–
Important
7.3
6.4

CVE-2025-50168
No
No
–
–
Important
7.8
6.8

CVE-2025-53132
No
No
–
–
Important
8.0
7.0

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

CVE-2025-49762
No
No
–
–
Important
7.0
6.1

CVE-2025-53134
No
No
–
–
Important
7.0
6.1

CVE-2025-53137
No
No
–
–
Important
7.0
6.1

CVE-2025-53141
No
No
–
–
Important
7.8
6.8

CVE-2025-53147
No
No
–
–
Important
7.0
6.1

CVE-2025-53154
No
No
–
–
Important
7.8
6.8

CVE-2025-53718
No
No
–
–
Important
7.0
6.1

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

CVE-2025-50170
No
No
–
–
Important
7.8
6.8

Windows Connected Devices Platform Service Elevation of Privilege Vulnerability

CVE-2025-53721
No
No
–
–
Important
7.0
6.1

Windows Distributed Transaction Coordinator (MSDTC) Information Disclosure Vulnerability

CVE-2025-50166
No
No
–
–
Important
6.5
5.7

Windows Graphics Component Elevation of Privilege Vulnerability

CVE-2025-49743
No
No
–
–
Important
6.7
5.8

Windows Graphics Component Remote Code Execution Vulnerability

CVE-2025-50165
No
No
–
–
Critical
9.8
8.5

Windows Hyper-V Denial of Service Vulnerability

CVE-2025-49751
No
No
–
–
Important
6.8
5.9

Windows Hyper-V Elevation of Privilege Vulnerability

CVE-2025-50167
No
No
–
–
Important
7.0
6.1

CVE-2025-53155
No
No
–
–
Important
7.8
6.8

CVE-2025-53723
No
No
–
–
Important
7.8
6.8

Windows Hyper-V Remote Code Execution Vulnerability

CVE-2025-48807
No
No
–
–
Critical
7.5
6.5

Windows Installer Elevation of Privilege Vulnerability

CVE-2025-50173
No
No
–
–
Important
7.8
6.8

Windows Kerberos Elevation of Privilege Vulnerability

CVE-2025-53779
Yes
No
–
–
Moderate
7.2
6.7

Windows Kernel Elevation of Privilege Vulnerability

CVE-2025-49761
No
No
–
–
Important
7.8
6.8

CVE-2025-53151
No
No
–
–
Important
7.8
6.8

Windows Kernel Transaction Manager Elevation of Privilege Vulnerability

CVE-2025-53140
No
No
–
–
Important
7.0
6.1

Windows Media Remote Code Execution Vulnerability

CVE-2025-53131
No
No
–
–
Important
8.8
7.7

Windows NTFS Information Disclosure Vulnerability

CVE-2025-50158
No
No
–
–
Important
7.0
6.3

Windows NTLM Elevation of Privilege Vulnerability

CVE-2025-53778
No
No
–
–
Critical
8.8
7.7

Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability

CVE-2025-53133
No
No
–
–
Important
7.8
6.8

Windows Push Notifications Apps Elevation of Privilege Vulnerability

CVE-2025-53724
No
No
–
–
Important
7.8
6.8

CVE-2025-53725
No
No
–
–
Important
7.8
6.8

CVE-2025-53726
No
No
–
–
Important
7.8
6.8

CVE-2025-50155
No
No
–
–
Important
7.8
6.8

Windows Remote Desktop ServicesDenial of Service Vulnerability

CVE-2025-53722
No
No
–
–
Important
7.5
6.5

Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

CVE-2025-50156
No
No
–
–
Important
5.7
5.0

CVE-2025-53138
No
No
–
–
Important
5.7
5.0

CVE-2025-53148
No
No
–
–
Important
5.7
5.0

CVE-2025-53153
No
No
–
–
Important
5.7
5.0

CVE-2025-53719
No
No
–
–
Important
5.7
5.0

CVE-2025-50157
No
No
–
–
Important
5.7
5.0

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

CVE-2025-49757
No
No
–
–
Important
8.8
7.7

CVE-2025-50160
No
No
–
–
Important
8.0
7.0

CVE-2025-50162
No
No
–
–
Important
8.0
7.0

CVE-2025-50163
No
No
–
–
Important
8.8
7.7

CVE-2025-50164
No
No
–
–
Important
8.0
7.0

CVE-2025-53720
No
No
–
–
Important
8.0
7.0

Windows SMB Remote Code Execution Vulnerability

CVE-2025-50169
No
No
–
–
Important
7.5
6.5

Windows Security App Spoofing Vulnerability

CVE-2025-53769
No
No
–
–
Important
5.5
4.8

Windows StateRepository API Server file Elevation of Privilege Vulnerability

CVE-2025-53789
No
No
–
–
Important
7.8
6.8

Windows Storage Port Driver Information Disclosure Vulnerability

CVE-2025-53156
No
No
–
–
Important
5.5
4.8

Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability

CVE-2025-53788
No
No
–
–
Important
7.0
6.1

–\

Renato Marinho\

LinkedIn|Twitter

Microsoft Office Remote Code Execution Vulnerability (CVE-2025-53731) is a critical vulnerability with a CVSS score of 8.4, which has neither been exploited in the wild nor disclosed as a zero-day.
The Preview Pane in Microsoft Word serves as an attack vector for this vulnerability, potentially enabling arbitrary code execution.
Microsoft Office Remote Code Execution Vulnerability (CVE-2025-53740) is a critical vulnerability that has not been exploited in the wild nor disclosed publicly, making it a potential zero-day threat.
With a CVSS score of 8.4, this vulnerability allows for remote code execution, posing a significant risk to systems running Microsoft Office.
Notably, the Windows Graphics Component Remote Code Execution Vulnerability (CVE-2025-50165) and GDI+ Remote Code Execution Vulnerability (CVE-2025-53766) both pose significant risks due to their potential for remote exploitation without user interaction.