Breaking
iPhone Fold rumor: iPad-like multitasking, but no iPad apps and no Face ID
Some of the best horror games ever made are included in Humble’s latest $15 bundle
The EasySMX S10 Gamepad Has All the Features of the Nintendo Switch 2 Pro for Less Than Half the Price
1080p at 30fps – Valve Finally Details Steam Machine’s Verified Program
‘It Is More Fun to Destroy That Which Is Beautiful’ – Nintendo Crammed More Than 340 Million Voxels Into Just One of Donkey Kong Bananza’s Layers
The Project Hail Mary Audiobook Is the Best Way to Prepare for the Movie Adaptation
Abilene Zoo welcomes new animal ambassador & maned wolf
Valve says it will fight New York’s loot box lawsuit
Get a Pair of FED Fitness 52.5lb Adjustable Dumbbells for Half the Price of the Bowflex SelectTech
The Voice of Scream’s Ghostface Joins Winnie the Pooh: Blood and Honey 3
11 Mar 2026, Wed
Launch Your Site in 5 Minutes
Cyber Security News

Microsoft Patch Tuesday August 2025 Released – 107 Vulnerabilities Fixed Including 36 RCE

By rssfeeds-admin No Comments
Microsoft Patch Tuesday August 2025 Released – 107 Vulnerabilities Fixed Including 36 RCE
Microsoft Patch Tuesday August 2025 Released – 107 Vulnerabilities Fixed Including 36 RCE
Microsoft released its August Patch Tuesday security updates, addressing a total of 107 vulnerabilities across its product ecosystem.

The update includes fixes for 90 vulnerabilities, classified as follows: 13 are Critical, 76 are Important, one is Moderate, and one is Low. Notably, none of these vulnerabilities are listed as actively exploited zero-days, which provides some relief for IT administrators.

The vulnerabilities fall into multiple categories, including Remote Code Execution (RCE), Elevation of Privilege (EoP), Information Disclosure, Spoofing, Denial of Service (DoS), and Tampering. Below is a detailed breakdown of the vulnerabilities by category, along with key insights for organizations to prioritize their patching efforts.

Severity / Impact Remote Code Execution (RCE) Elevation of Privilege (EoP) Information Disclosure Spoofing Denial of Service (DoS) Tampering Total
Critical 9 1 2 1 0 0 13
Important 26 38 14 7 5 1 91
Moderate 0 1 0 1 0 0 2
Low 0 0 0 1 0 0 1
Total 35 40 16 10 5 1 107

On August 12, 2025, Microsoft released its monthly Patch Tuesday security updates, addressing a significant number of vulnerabilities across its product ecosystem.

Remote Code Execution (RCE) Vulnerabilities: 36 Total

Remote Code Execution vulnerabilities dominate this month’s Patch Tuesday, with 36 vulnerabilities patched, 10 of which are rated Critical. These flaws could allow attackers to execute arbitrary code, potentially compromising entire systems. Key RCE vulnerabilities include:

Windows Graphics Component (CVE-2025-50165, Critical): An untrusted pointer dereference in the Microsoft Graphics Component allows unauthorized attackers to execute code over a network.

DirectX Graphics Kernel (CVE-2025-50176, Critical): A type confusion flaw in the Graphics Kernel enables local code execution by an authorized attacker.

Microsoft Office (CVE-2025-53731, CVE-2025-53740, Critical): Multiple use-after-free vulnerabilities in Microsoft Office allow unauthorized attackers to execute code locally.

Microsoft Word (CVE-2025-53733, CVE-2025-53784, Critical): Flaws in Microsoft Word, including incorrect numeric type conversion and use-after-free issues, permit local code execution.

GDI+ (CVE-2025-53766, Critical): A heap-based buffer overflow in Windows GDI+ allows network-based code execution.

Windows Hyper-V (CVE-2025-48807, Critical): An improper restriction of communication channels in Hyper-V enables local code execution.

Microsoft Message Queuing (MSMQ) (CVE-2025-50177, Critical; CVE-2025-53143, CVE-2025-53144, CVE-2025-53145, Important): Multiple vulnerabilities, including use-after-free and type confusion flaws, affect MSMQ, allowing network-based code execution.

Microsoft Excel (CVE-2025-53741, CVE-2025-53759, CVE-2025-53737, CVE-2025-53739, Important): Heap-based buffer overflows and use-after-free issues in Excel enable local code execution.

Windows Routing and Remote Access Service (RRAS) (CVE-2025-49757, CVE-2025-50160, CVE-2025-50162, CVE-2025-50163, CVE-2025-50164, CVE-2025-53720, Important): Heap-based buffer overflows in RRAS allow network-based code execution.

Microsoft Patch Tuesday August 2025 – Vulnerabilities list

CVE Vulnerability Details Actively Exploit Type Severity
CVE-2025-53781 Azure Virtual Machines Information Disclosure Vulnerability No Information Disclosure Critical
CVE-2025-50165 Windows Graphics Component Remote Code Execution Vulnerability No Remote Code Execution Critical
CVE-2025-50176 DirectX Graphics Kernel Remote Code Execution Vulnerability No Remote Code Execution Critical
CVE-2025-50177 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability No Remote Code Execution Critical
CVE-2025-53731 Microsoft Office Remote Code Execution Vulnerability No Remote Code Execution Critical
CVE-2025-53733 Microsoft Word Remote Code Execution Vulnerability No Remote Code Execution Critical
CVE-2025-53740 Microsoft Office Remote Code Execution Vulnerability No Remote Code Execution Critical
CVE-2025-53766 GDI+ Remote Code Execution Vulnerability No Remote Code Execution Critical
CVE-2025-53778 Windows NTLM Elevation of Privilege Vulnerability No Elevation of Privilege Critical
CVE-2025-53784 Microsoft Word Remote Code Execution Vulnerability No Remote Code Execution Critical
CVE-2025-53793 Azure Stack Hub Information Disclosure Vulnerability No Information Disclosure Critical
CVE-2025-48807 Windows Hyper-V Remote Code Execution Vulnerability No Remote Code Execution Critical
CVE-2025-49707 Azure Virtual Machines Spoofing Vulnerability No Spoofing Critical
CVE-2025-53786 Microsoft Exchange Server Hybrid Deployment Elevation of Privilege Vulnerability No Elevation of Privilege Important
CVE-2025-49751 Windows Hyper-V Denial of Service Vulnerability No Denial of Service Important
CVE-2025-49745 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability No Spoofing Important
CVE-2025-49758 Microsoft SQL Server Elevation of Privilege Vulnerability No Elevation of Privilege Important
CVE-2025-53727 Microsoft SQL Server Elevation of Privilege Vulnerability No Elevation of Privilege Important
CVE-2025-53729 Microsoft Azure File Sync Elevation of Privilege Vulnerability No Elevation of Privilege Important
CVE-2025-33051 Microsoft Exchange Server Information Disclosure Vulnerability No Information Disclosure Important
CVE-2025-53730 Microsoft Office Visio Remote Code Execution Vulnerability No Remote Code Execution Important
CVE-2025-53741 Microsoft Excel Remote Code Execution Vulnerability No Remote Code Execution Important
CVE-2025-53759 Microsoft Excel Remote Code Execution Vulnerability No Remote Code Execution Important
CVE-2025-53760 Microsoft SharePoint Elevation of Privilege Vulnerability No Elevation of Privilege Important
CVE-2025-53761 Microsoft PowerPoint Remote Code Execution Vulnerability No Remote Code Execution Important
CVE-2025-24999 Microsoft SQL Server Elevation of Privilege Vulnerability No Elevation of Privilege Important
CVE-2025-53772 Web Deploy Remote Code Execution Vulnerability No Remote Code Execution Important
CVE-2025-53773 GitHub Copilot and Visual Studio Remote Code Execution Vulnerability No Remote Code Execution Important
CVE-2025-25005 Microsoft Exchange Server Tampering Vulnerability No Tampering Important
CVE-2025-25006 Microsoft Exchange Server Spoofing Vulnerability No Spoofing Important
CVE-2025-25007 Microsoft Exchange Server Spoofing Vulnerability No Spoofing Important
CVE-2025-49743 Windows Graphics Component Elevation of Privilege Vulnerability No Elevation of Privilege Important
CVE-2025-49757 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability No Remote Code Execution Important
CVE-2025-49759 Microsoft SQL Server Elevation of Privilege Vulnerability No Elevation of Privilege Important
CVE-2025-49761 Windows Kernel Elevation of Privilege Vulnerability No Elevation of Privilege Important
CVE-2025-49762 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability No Elevation of Privilege Important
CVE-2025-50153 Desktop Windows Manager Elevation of Privilege Vulnerability No Elevation of Privilege Important
CVE-2025-50154 Microsoft Windows File Explorer Spoofing Vulnerability No Spoofing Important
CVE-2025-50156 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability No Information Disclosure Important
CVE-2025-50158 Windows NTFS Information Disclosure Vulnerability No Information Disclosure Important
CVE-2025-50159 Remote Access Point-to-Point Protocol (PPP) EAP-TLS Elevation of Privilege Vulnerability No Elevation of Privilege Important
CVE-2025-50160 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability No Remote Code Execution Important
CVE-2025-50161 Win32k Elevation of Privilege Vulnerability No Elevation of Privilege Important
CVE-2025-50162 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability No Remote Code Execution Important
CVE-2025-50163 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability No Remote Code Execution Important
CVE-2025-50164 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability No Remote Code Execution Important
CVE-2025-50166 Windows Distributed Transaction Coordinator (MSDTC) Information Disclosure Vulnerability No Information Disclosure Important
CVE-2025-50167 Windows Hyper-V Elevation of Privilege Vulnerability No Elevation of Privilege Important
CVE-2025-50168 Win32k Elevation of Privilege Vulnerability No Elevation of Privilege Important
CVE-2025-50169 Windows SMB Remote Code Execution Vulnerability No Remote Code Execution Important
CVE-2025-50170 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability No Elevation of Privilege Important
CVE-2025-50171 Remote Desktop Spoofing Vulnerability No Spoofing Important
CVE-2025-50172 DirectX Graphics Kernel Denial of Service Vulnerability No Denial of Service Important
CVE-2025-50173 Windows Installer Elevation of Privilege Vulnerability No Elevation of Privilege Important
CVE-2025-53131 Windows Media Remote Code Execution Vulnerability No Remote Code Execution Important
CVE-2025-53132 Win32k Elevation of Privilege Vulnerability No Elevation of Privilege Important
CVE-2025-53133 Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability No Elevation of Privilege Important
CVE-2025-53134 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability No Elevation of Privilege Important
CVE-2025-53135 DirectX Graphics Kernel Elevation of Privilege Vulnerability No Elevation of Privilege Important
CVE-2025-53136 NT OS Kernel Information Disclosure Vulnerability No Information Disclosure Important
CVE-2025-53137 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability No Elevation of Privilege Important
CVE-2025-53138 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability No Information Disclosure Important
CVE-2025-53140 Windows Kernel Transaction Manager Elevation of Privilege Vulnerability No Elevation of Privilege Important
CVE-2025-53141 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability No Elevation of Privilege Important
CVE-2025-53142 Microsoft Brokering File System Elevation of Privilege Vulnerability No Elevation of Privilege Important
CVE-2025-53143 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability No Remote Code Execution Important
CVE-2025-53144 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability No Remote Code Execution Important
CVE-2025-53145 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability No Remote Code Execution Important
CVE-2025-53147 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability No Elevation of Privilege Important
CVE-2025-53148 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability No Information Disclosure Important
CVE-2025-53149 Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability No Elevation of Privilege Important
CVE-2025-53151 Windows Kernel Elevation of Privilege Vulnerability No Elevation of Privilege Important
CVE-2025-53152 Desktop Windows Manager Remote Code Execution Vulnerability No Remote Code Execution Important
CVE-2025-53153 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability No Information Disclosure Important
CVE-2025-53154 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability No Elevation of Privilege Important
CVE-2025-53155 Windows Hyper-V Elevation of Privilege Vulnerability No Elevation of Privilege Important
CVE-2025-53156 Windows Storage Port Driver Information Disclosure Vulnerability No Information Disclosure Important
CVE-2025-53716 Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability No Denial of Service Important
CVE-2025-53718 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability No Elevation of Privilege Important
CVE-2025-53719 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability No Information Disclosure Important
CVE-2025-53720 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability No Remote Code Execution Important
CVE-2025-53721 Windows Connected Devices Platform Service Elevation of Privilege Vulnerability No Elevation of Privilege Important
CVE-2025-53722 Windows Remote Desktop Services Denial of Service Vulnerability No Denial of Service Important
CVE-2025-53723 Windows Hyper-V Elevation of Privilege Vulnerability No Elevation of Privilege Important
CVE-2025-53724 Windows Push Notifications Apps Elevation of Privilege Vulnerability No Elevation of Privilege Important
CVE-2025-53725 Windows Push Notifications Apps Elevation of Privilege Vulnerability No Elevation of Privilege Important
CVE-2025-53726 Windows Push Notifications Apps Elevation of Privilege Vulnerability No Elevation of Privilege Important
CVE-2025-53728 Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability No Information Disclosure Important
CVE-2025-47954 Microsoft SQL Server Elevation of Privilege Vulnerability No Elevation of Privilege Important
CVE-2025-53732 Microsoft Office Remote Code Execution Vulnerability No Remote Code Execution Important
CVE-2025-53734 Microsoft Office Visio Remote Code Execution Vulnerability No Remote Code Execution Important
CVE-2025-53735 Microsoft Excel Remote Code Execution Vulnerability No Remote Code Execution Important
CVE-2025-53736 Microsoft Word Information Disclosure Vulnerability No Information Disclosure Important
CVE-2025-53737 Microsoft Excel Remote Code Execution Vulnerability No Remote Code Execution Important
CVE-2025-53738 Microsoft Word Remote Code Execution Vulnerability No Remote Code Execution Important
CVE-2025-53739 Microsoft Excel Remote Code Execution Vulnerability No Remote Code Execution Important
CVE-2025-53765 Azure Stack Hub Information Disclosure Vulnerability No Information Disclosure Important
CVE-2025-53769 Windows Security App Spoofing Vulnerability No Spoofing Important
CVE-2025-50157 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability No Information Disclosure Important
CVE-2025-50155 Windows Push Notifications Apps Elevation of Privilege Vulnerability No Elevation of Privilege Important
CVE-2025-53783 Microsoft Teams Remote Code Execution Vulnerability No Remote Code Execution Important
CVE-2025-53788 Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability No Elevation of Privilege Important
CVE-2025-53789 Windows StateRepository API Server file Elevation of Privilege Vulnerability No Elevation of Privilege Important
CVE-2025-49712 Microsoft SharePoint Remote Code Execution Vulnerability No Remote Code Execution Important
CVE-2025-49755 Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability No Spoofing Low
CVE-2025-53779 Windows Kerberos Elevation of Privilege Vulnerability No Elevation of Privilege Moderate
CVE-2025-49736 Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability No Spoofing Moderate

The post Microsoft Patch Tuesday August 2025 Released – 107 Vulnerabilities Fixed Including 36 RCE appeared first on Cyber Security News.

Discover more from RSS Feeds Cloud

Subscribe to get the latest posts sent to your email.

By rssfeeds-admin

Related Posts

Cyber Security News

Critical Microsoft Office Vulnerability Enables Remote Code Execution Attacks

rssfeeds-admin
Cyber Security News

BlackSanta EDR Killer Malware Targets HR Workflows In Multi-Layered Attack

rssfeeds-admin
Cyber Security News

Red Alert App Trojan Targets Israeli Users, Steals Sensitive Data Through SMS

rssfeeds-admin

You Missed

The Verge

iPhone Fold rumor: iPad-like multitasking, but no iPad apps and no Face ID

The Verge

Some of the best horror games ever made are included in Humble’s latest $15 bundle

IGN

The EasySMX S10 Gamepad Has All the Features of the Nintendo Switch 2 Pro for Less Than Half the Price

IGN

1080p at 30fps – Valve Finally Details Steam Machine’s Verified Program

Discover more from RSS Feeds Cloud

Subscribe now to keep reading and get access to the full archive.

Continue reading