Subj : Microsoft's latest major patch fixes a serious zero-day flaw, and
To   : All
From : TechnologyDaily
Date : Wed Aug 13 2025 14:45:08

Microsoft's latest major patch fixes a serious zero-day flaw, and a host of 
other issues - so update now

Date:
Wed, 13 Aug 2025 13:34:57 +0000

Description:
The August 2025 Patch Tuesday release fixes a broad mix of vulnerabilities 
across different services.

FULL STORY
======================================================================August 
2025 Patch Tuesday update addresses 111 flaws These include multiple 
critical-severity flaws and a zero-day issue Users should apply the patch 
immediately, or risk attack 

Microsoft has released its August 2025 Patch Tuesday package, a cumulative 
set of updates addressing more than 100 vulnerabilities across a host of its 
products. 

Among them was a known zero-day vulnerability in Windows Kerberos, the 
company's implementation of the Kerberos authentication protocol, which 
securely verifies user identities in a Windows network using tickets instead 
of sending passwords over the network. 

Kerberos was found to contain a relative path traversal flaw which allows an 
authorized threat actor to elevate privileges over a network. Critical 
severity flaws 

Besides the zero-day, Microsoft fixed another 106 flaws, including 13 bugs 
labeled critical. 

Of those, nine are remote code execution (RCE) flaws that can be abused in 
device takeover attacks, information disclosure flaws that can be used in 
data exfiltration attacks, and an elevation of privilege bug. 

Some of the more notable vulnerabilities fixed in the release include a 
10/10, critical flaw in Azure OpenAI, tracked as CVE-2025-53767 which could 
allow unauthenticated threat actors to remotely access sensitive information 
in AI environments. 

Another notable mention is a remote code execution bug in Microsoft Graphics 
Component that can be exploited through malicious files or images. It is 
tracked as CVE-2025-50165, and was given a severity score of 9.8/10 
(critical). 

There are also CVE-2025-53766, CVE-50171, and CVE-2025-53792, all of which 
have a severity score of 9.1 and higher, making them critical. 

In total, 111 vulnerabilities were addressed by Microsoft, and although none 
are marked as being actively exploited in the wild, admins would be wise to 
apply the fix without delay. 

 Via BleepingComputer You might also like Microsoft patches three worrying 
security flaws in its latest critical update, so update now Take a look at 
our guide to the best authenticator app We've rounded up the best password 
managers



======================================================================
Link to news story:
https://www.techradar.com/pro/security/microsofts-latest-major-patch-fixes-a-s
erious-zero-day-flaw-and-a-host-of-other-issues-so-update-now


--- Mystic BBS v1.12 A49 (Linux/64)
 * Origin: tqwNet Technology News (1337:1/100)

.