Microsoft rectifies over 100 security vulnerabilities in August's Patch Tuesday update
In a significant move, Microsoft addressed over 100 vulnerabilities in July's Patch Tuesday, making it the only month in 2025 to do so. Among these, 13 vulnerabilities are classified as "critical," and nine are marked as "exploitation more likely" according to Microsoft's Exploitability Index.
One of the critical vulnerabilities is an elevation of privileges (EoP) vulnerability in Windows Kerberos. This bug, CVE-2025-53779, was publicly disclosed and is known as BadSuccessor. It allows an unauthorized attacker to elevate privileges in Windows Server 2025.
Another critical vulnerability is CVE-2025-53778, an improper authentication bug in Windows NTLM that enables an authorized attacker to elevate privileges over a network. Additionally, CVE-2025-53132, an important-rated race condition in Windows Win32K - GRFX, could also allow an authorized attacker to elevate privileges over a network.
The vulnerability related to delegated Managed Service Accounts (dMSAs) could allow an authenticated attacker to gain domain admin privileges. The attributes involved are msds-groupMSAMembership, which determines which users may use credentials for the managed service account, and msds-ManagedAccountPrecededByLink, which contains a list of users on whose behalf the dMSA can act.
Microsoft has also addressed a zero-day bug, CVE-2025-53779, in SQL Server on the latest Patch Tuesday. Successful exploitation of this critical use-after-free bug in Windows Message Queuing allows an unauthorized attacker to execute code over a network.
Brian Donohue, Principal Researcher at Red Canary, urged sysadmins to focus on patching the mentioned vulnerabilities. The motivation for addressing these vulnerabilities, as described by CISA, is to prevent credential harvesting using Kerberoasting.
It's important to note that the other vulnerabilities addressed this Patch Tuesday, aside from the ones mentioned, are not specified in the provided paragraphs. The next Patch Tuesday is scheduled for September 10, 2025.
This is one of the biggest Patch Tuesdays so far in 2025, with over 100 additional CVEs being addressed. System administrators are advised to prioritize patching these vulnerabilities to secure their systems and protect against potential attacks.
