Randy Franklin Smith's Ultimate Windows Security

Upcoming Webinars

Webinar Library

Latest Blogs

How to Detect Pass-the-Hash Attacks Blog Series

Come meet Randy in Orlando at Microsoft Ignite at Quest's Booth #1818

Detecting Pass-the-Hash with Honeypots

Catch Malware Hiding in WMI with Sysmon

For of all sad words of tongue or pen, the saddest are these: 'We weren’t logging’

Experimenting with Windows Security: Controls for Enforcing Policies

Sysmon Event IDs 1, 6, 7 Report All the Binary Code Executing on Your Network

Yet Another Ransomware Can That Can be Immediately Detected with Process Tracking on Workstations

Cracking AD Passwords with NTDSXtract, Dsusers.py and John the Ripper

Cracking local windows passwords with Mimikatz, LSA dump and Hashcat

Top Resources

Security Log

Additional Resources

August, 2025: Patch Tuesday - Two Zero Days and Large Number of Critical Updates

Welcome to my August Patch Tuesday newsletter. Today Microsoft released 107 updates and an additional 25 in the past month for a total of 132 updates.

We have two zero-days to look at. One from today's release of updates and another big one from the previous 30 days.

First is CVE-2025-53779 released today. This Elevation of Privilege vulnerability is rated moderate. Microsoft reports that this relative path traversal in Windows Kerberos allows an authorized attacker to elevate privileges over the network. Microsoft says exploitation is less likely. Due to the fact this exploit is publicly disclosed, I still recommend this gets updated ASAP.

Next is CVE-2025-53770 which was released on July 19. Most likely you have already heard about this in the news since it received widespread coverage last month. This critical rated Remote Code Execution affects the flavors of SharePoint listed in the chart below. Keep in mind that SharePoint Online is not affected. As of the latest update from Microsoft on August 6th, this exploit is still being detected in the wild. If you have enabled the AMSI integration feature and use Microsoft Defender across your SharePoint farm servers then you are already protected from this vulnerability.

Besides this one, there are another 22 updates that are rated "Critical". I've highlighted these in bold in the chart below.

So, we do have a good bit of updating that needs to be done. You will want to download, update and reboot those systems. See you next month!

Happy patching!

Patch data provided by:
Technology	Products Affected	Severity	Reference	Workaround/ Exploited / Publicly Disclosed	Vulnerability Info
Windows	Windows 10, 11 2008 SP2, 2008 R2 SP1, 2012, 2012 R2, 2016, 2019, 2022, 2025 including Server Core Installations Windows Security App	Critical	CVE-2025-48807 CVE-2025-49743 CVE-2025-49751 CVE-2025-49757 CVE-2025-49761 CVE-2025-49762 CVE-2025-50153 CVE-2025-50154 CVE-2025-50155 CVE-2025-50156 CVE-2025-50157 CVE-2025-50158 CVE-2025-50159 CVE-2025-50160 CVE-2025-50161 CVE-2025-50162 CVE-2025-50163 CVE-2025-50164 CVE-2025-50165 CVE-2025-50166 CVE-2025-50167 CVE-2025-50168 CVE-2025-50169 CVE-2025-50170 CVE-2025-50171 CVE-2025-50172 CVE-2025-50173 CVE-2025-50176 CVE-2025-50177 CVE-2025-53131 CVE-2025-53132 CVE-2025-53133 CVE-2025-53134 CVE-2025-53135 CVE-2025-53136 CVE-2025-53137 CVE-2025-53138 CVE-2025-53140 CVE-2025-53141 CVE-2025-53142 CVE-2025-53143 CVE-2025-53144 CVE-2025-53145 CVE-2025-53147 CVE-2025-53148 CVE-2025-53149 CVE-2025-53151 CVE-2025-53152 CVE-2025-53153 CVE-2025-53154 CVE-2025-53155 CVE-2025-53156 CVE-2025-53716 CVE-2025-53718 CVE-2025-53719 CVE-2025-53720 CVE-2025-53721 CVE-2025-53722 CVE-2025-53723 CVE-2025-53724 CVE-2025-53725 CVE-2025-53726 CVE-2025-53766 CVE-2025-53769 CVE-2025-53778 CVE-2025-53779** CVE-2025-53789	Workaround: No Exploited: No Public: Yes**	Denial of Service Elevation of Privilege Information Disclosure Remote Code Execution Spoofing
Edge	Chromium-based Edge for Android	Moderate	CVE-2025-49736 CVE-2025-49755 CVE-2025-6558 CVE-2025-7656 CVE-2025-7657 CVE-2025-8010 CVE-2025-8011 CVE-2025-8292 CVE-2025-8576 CVE-2025-8577 CVE-2025-8578 CVE-2025-8579 CVE-2025-8580 CVE-2025-8581 CVE-2025-8582 CVE-2025-8583	Workaround: No Exploited: No Public: No	Spoofing
Office	365 Apps for Enterprise Excel/PowerPoint/Word 2016 Office 2016, 2019 LTSC 2021, 2024 including for Mac Office for Android and Universal Teams for Android/Desktop/iOS/Mac Office Online Server Purview	Critical	CVE-2025-53730 CVE-2025-53731 CVE-2025-53732 CVE-2025-53733 CVE-2025-53734 CVE-2025-53735 CVE-2025-53736 CVE-2025-53737 CVE-2025-53738 CVE-2025-53739 CVE-2025-53740 CVE-2025-53741 CVE-2025-53759 CVE-2025-53761 CVE-2025-53762 CVE-2025-53766 CVE-2025-53783 CVE-2025-53784	Workaround: No Exploited: No Public: No	Elevation of Privilege Information Disclosure Remote Code Execution
SharePoint	Enterprise Server 2016 Server 2019 Server Subscription Edition	Critical	CVE-2025-49712 CVE-2025-53733 CVE-2025-53736 CVE-2025-53760 CVE-2025-53770** CVE-2025-53771	Workaround: No Exploited: Yes** Public: No	Elevation of Privilege Information Disclosure Remote Code Execution Spoofing
SQL Server	2016 SP3 GDR 2016 SP3 Azure Connect Feature Pack 2017 CU31/GDR 2019 CU32/GDR 2022 CU20/GDR	Important	CVE-2025-24999 CVE-2025-47954 CVE-2025-49758 CVE-2025-49759 CVE-2025-53727	Workaround: No Exploited: No Public: No	Elevation of Privilege
Azure	File Sync v18-21 Machine Learning Open AI Portal Stack Hub (2406, 2408, 2501) Azure VM (DCadsv5, DCasv5, DCedsv5, DCesv5, DCesv6, ECadsv5, ECasv5, ECedsv5, ECesv5, ECesv6, NCCadsH100v5)	Critical	CVE-2025-47995 CVE-2025-49707 CVE-2025-49746 CVE-2025-49747 CVE-2025-53729 CVE-2025-53765 CVE-2025-53767 CVE-2025-53781 CVE-2025-53792 CVE-2025-53793	Workaround: No Exploited: No Public: No	Elevation of Privilege Information Disclosure Spoofing
Developer Tools	Azure DevOps Visual Studio 2022 17.14 Web Deploy 4.0	Critical	CVE-2025-47158 CVE-2025-53772 CVE-2025-53773	Workaround: No Exploited: No Public: No	Elevation of Privilege Remote Code Execution
Apps	Microsoft 365 Copilot's Business Chat	Critical	CVE-2025-53774 CVE-2025-53787	Workaround: No Exploited: No Public: No	Information Disclosure
Device	Teams for D365 Guides Hololens, D365 Remote Assist Hololens Teams Phones, Panels	Important	CVE-2025-53783	Workaround: No Exploited: No Public: No	Remote Code Execution
Dynamics	365 (on-premises) 9.1	Important	CVE-2025-49745 CVE-2025-53728	Workaround: No Exploited: No Public: No	Information Disclosure Spoofing
Exchange	2016 CU23 2019 CU14 and CU15 Server Subscription Edition RTM	Important	CVE-2025-25005 CVE-2025-25006 CVE-2025-25007 CVE-2025-33051 CVE-2025-53786	Workaround: No Exploited: No Public: No	Elevation of Privilege Information Disclosure Spoofing Tampering
Open Source Software	Windows Subsystem for Linux (WSL2)	Important	CVE-2025-53788	Workaround: No Exploited: No Public: No	Elevation of Privilege

Send me this chart next Patch Tuesday.

User name:
Password:
	/ Forgot?
	Register

August 2025 Patch Tuesday	"Patch Tuesday - Two Zero Days and Large Number of Critical Updates " - sponsored by LOGbinder and Supercharger

Follow @randyfsmith

About | Newsletter | Contact

Ultimate IT Security is a division of Monterey Technology Group, Inc. ©2006-2025 Monterey Technology Group, Inc. All rights reserved.
Disclaimer: We do our best to provide quality information and expert commentary but use all information at your own risk. For complaints, please contact abuse@ultimatewindowssecurity.com.