Skip to main content
Customer Support Customer Support

Microsoft security update summary's for September 2025

  • September 5, 2025
  • 9 replies
  • 310 views
TripleHelix
Moderator
Forum|alt.badge.img+63

CVEs have been published or revised in the Security Update Guide

September 4, 2025

These common vulnerabilities and exposures (CVEs) were recently published or revised in the Microsoft Security Update Guide:

CVE-2025-54914

  • Title: Azure Networking Elevation of Privilege Vulnerability
  • Version: 1.0
  • Reason for revision: Information published.
  • Originally released: September 4, 2025
  • Last updated: September 4, 2025
  • Aggregate CVE severity rating: Critical
  • Customer action required: No

CVE-2025-55238

  • Title: Dynamics 365 FastTrack Implementation Assets Information Disclosure Vulnerability
  • Version: 1.0
  • Reason for revision: Information published.
  • Originally released: September 4, 2025
  • Last updated: September 4, 2025
  • Aggregate CVE severity rating: Critical
  • Customer action required: No

CVE-2025-55241

  • Title: Azure Entra Elevation of Privilege Vulnerability
  • Version: 1.0
  • Reason for revision: Information published.
  • Originally released: September 4, 2025
  • Last updated: September 4, 2025
  • Aggregate CVE severity rating: Critical
  • Customer action required: No

CVE-2025-55242

  • Title: Xbox Certification Bug Copilot Djando Information Disclosure Vulnerability
  • Version: 1.0
  • Reason for revision: Information published.
  • Originally released: September 4, 2025
  • Last updated: September 4, 2025
  • Aggregate CVE severity rating: Critical
  • Customer action required: No

CVE-2025-55244

  • Title: Azure Bot Service Elevation of Privilege Vulnerability
  • Version: 1.0
  • Reason for revision: Information published.
  • Originally released: September 4, 2025
  • Last updated: September 4, 2025
  • Aggregate CVE severity rating: Critical

Customer action required: No

Daniel - Microsoft MVP Consumer Security (2012-2016) Windows 10 Pro x64 for Workstations 22H2 on my Alienware 17R2 and Windows 11 Pro x64 for Workstations on my Alienware 17R5 Laptops with Webroot SecureAnywhere Complete Beta Tester for PC & Android Samsung Galaxy A16 5G OS 16.
ProTruckDriver
Ssherjj
TripleHelix

9 replies

TripleHelix
Moderator
Forum|alt.badge.img+63
  • TripleHelix
  • Author
  • Moderator
  • September 9, 2025

Happy Patch Tuesday!

Daniel - Microsoft MVP Consumer Security (2012-2016) Windows 10 Pro x64 for Workstations 22H2 on my Alienware 17R2 and Windows 11 Pro x64 for Workstations on my Alienware 17R5 Laptops with Webroot SecureAnywhere Complete Beta Tester for PC & Android Samsung Galaxy A16 5G OS 16.
ProTruckDriver
Ssherjj
TripleHelix
TripleHelix
Moderator
Forum|alt.badge.img+63
  • TripleHelix
  • Author
  • Moderator
  • September 9, 2025

September 2025 Security Updates

This release consists of the following 86 Microsoft CVEs:

Tag CVE Base Score CVSS Vector Exploitability FAQs? Workarounds? Mitigations?
SQL Server CVE-2025-47997
Azure Windows Virtual Machine Agent CVE-2025-49692
Windows PowerShell CVE-2025-49734
Microsoft Edge (Chromium-based) CVE-2025-53791
Windows Routing and Remote Access Service (RRAS) CVE-2025-53796
Windows Routing and Remote Access Service (RRAS) CVE-2025-53797
Windows Routing and Remote Access Service (RRAS) CVE-2025-53798
Windows Imaging Component CVE-2025-53799
Microsoft Graphics Component CVE-2025-53800
Windows DWM CVE-2025-53801
Windows Bluetooth Service CVE-2025-53802
Windows Kernel CVE-2025-53803
Windows Kernel CVE-2025-53804
Windows Internet Information Services CVE-2025-53805
Windows Routing and Remote Access Service (RRAS) CVE-2025-53806
Microsoft Graphics Component CVE-2025-53807
Windows Defender Firewall Service CVE-2025-53808
Windows Local Security Authority Subsystem Service (LSASS) CVE-2025-53809
Windows Defender Firewall Service CVE-2025-53810
Role: Windows Hyper-V CVE-2025-54091
Role: Windows Hyper-V CVE-2025-54092
Windows TCP/IP CVE-2025-54093
Windows Defender Firewall Service CVE-2025-54094
Windows Routing and Remote Access Service (RRAS) CVE-2025-54095
Windows Routing and Remote Access Service (RRAS) CVE-2025-54096
Windows Routing and Remote Access Service (RRAS) CVE-2025-54097
Role: Windows Hyper-V CVE-2025-54098
Windows Ancillary Function Driver for WinSock CVE-2025-54099
Windows SMBv3 Client CVE-2025-54101
Windows Connected Devices Platform Service CVE-2025-54102
Windows Management Services CVE-2025-54103
Windows Defender Firewall Service CVE-2025-54104
Microsoft Brokering File System CVE-2025-54105
Windows Routing and Remote Access Service (RRAS) CVE-2025-54106
Windows MapUrlToZone CVE-2025-54107
Capability Access Management Service (camsvc) CVE-2025-54108
Windows Defender Firewall Service CVE-2025-54109
Windows Kernel CVE-2025-54110
Windows UI XAML Phone DatePickerFlyout CVE-2025-54111
Microsoft Virtual Hard Drive CVE-2025-54112
Windows Routing and Remote Access Service (RRAS) CVE-2025-54113
Windows Connected Devices Platform Service CVE-2025-54114
Role: Windows Hyper-V CVE-2025-54115
Windows MultiPoint Services CVE-2025-54116
Windows Local Security Authority Subsystem Service (LSASS) CVE-2025-54894
Windows SPNEGO Extended Negotiation CVE-2025-54895
Microsoft Office Excel CVE-2025-54896
Microsoft Office SharePoint CVE-2025-54897
Microsoft Office Excel CVE-2025-54898
Microsoft Office Excel CVE-2025-54899
Microsoft Office Excel CVE-2025-54900
Microsoft Office Excel CVE-2025-54901
Microsoft Office Excel CVE-2025-54902
Microsoft Office Excel CVE-2025-54903
Microsoft Office Excel CVE-2025-54904
Microsoft Office Word CVE-2025-54905
Microsoft Office CVE-2025-54906
Microsoft Office Visio CVE-2025-54907
Microsoft Office PowerPoint CVE-2025-54908
Microsoft Office CVE-2025-54910
Windows BitLocker CVE-2025-54911
Windows BitLocker CVE-2025-54912
Windows UI XAML Maps MapControlSettings CVE-2025-54913
Windows Defender Firewall Service CVE-2025-54915
Windows NTFS CVE-2025-54916
Windows MapUrlToZone CVE-2025-54917
Windows NTLM CVE-2025-54918
Windows Win32K - GRFX CVE-2025-54919
Graphics Kernel CVE-2025-55223
Windows Win32K - GRFX CVE-2025-55224
Windows Routing and Remote Access Service (RRAS) CVE-2025-55225
Graphics Kernel CVE-2025-55226
SQL Server CVE-2025-55227
Windows Win32K - GRFX CVE-2025-55228
Microsoft High Performance Compute Pack (HPC) CVE-2025-55232
Windows SMB CVE-2025-55234
Graphics Kernel CVE-2025-55236
Microsoft Office CVE-2025-55243
Xbox CVE-2025-55245
Azure Arc CVE-2025-55316
Microsoft AutoUpdate (MAU) CVE-2025-55317

We are republishing 5 non-Microsoft CVEs:
CNA Tag CVE FAQs? Workarounds? Mitigations?
VulnCheck SQL Server CVE-2024-21907
Chrome Microsoft Edge (Chromium-based) CVE-2025-9864
Chrome Microsoft Edge (Chromium-based) CVE-2025-9865
Chrome Microsoft Edge (Chromium-based) CVE-2025-9866
Chrome Microsoft Edge (Chromium-based) CVE-2025-9867

Security Update Guide Blog Posts
Date Blog Post
November 12, 2024 Toward greater transparency: Publishing machine-readable CSAF files
June 27, 2024 Toward greater transparency: Unveiling Cloud Service CVEs
April 9, 2024 Toward greater transparency: Security Update Guide now shares CWEs for CVEs
January 6, 2023 Publishing CBL-Mariner CVEs on the Security Update Guide CVRF API
January 11, 2022 Coming Soon: New Security Update Guide Notification System
February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
December 8, 2020 Security Update Guide: Let’s keep the conversation going
November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide

Relevant Resources

  • The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
  • Windows 10 and Windows 11 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10 and Windows 11, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 and Windows 11 operating systems, please see Windows Lifecycle Facts Sheet.
  • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
  • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
  • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
  • Customers running Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.

Known Issues
You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

KB Article Applies To
5065306 Windows Server 2022 Hotpatch
5065426 Windows 11, version 24H2
5065432 Windows Server 2022
5065474 Windows Server 2025 Hotpatch
5065508 Windows Server 2008 (Monthly Rollup)
5065511 Windows Server 2008 (Security-only update)
Released: Sep 9, 2025

September 2025 Security Updates - Release Notes - Security Update Guide - Microsoft

Daniel - Microsoft MVP Consumer Security (2012-2016) Windows 10 Pro x64 for Workstations 22H2 on my Alienware 17R2 and Windows 11 Pro x64 for Workstations on my Alienware 17R5 Laptops with Webroot SecureAnywhere Complete Beta Tester for PC & Android Samsung Galaxy A16 5G OS 16.
ProTruckDriver
Jasper_The_Rasper
TripleHelix
TripleHelix
Moderator
Forum|alt.badge.img+63
  • TripleHelix
  • Author
  • Moderator
  • September 10, 2025

CVEs have been published or revised in the Security Update Guide

September 9, 2025

These common vulnerabilities and exposures (CVEs) were recently published or revised in the Microsoft Security Update Guide:

CVE-2025-48807

  • Title: Windows Hyper-V Remote Code Execution Vulnerability
  • Version: 2.0
  • Reason for revision: To comprehensively address CVE-2025-48807, Microsoft has released September 2025 security updates for the following versions of Windows: Windows Server 2016 and newer, x64-based editions of Windows 10 Version 1607 and Windows 10 Version 1809, and all supported versions of Windows 10 Version 21H2 and newer and Windows 11 Version 22H2 and newer. Microsoft recommends that customers install the update to be fully protected from the vulnerability. Customers whose systems are configured to receive automatic updates do not need to take any further action.
  • Originally released: August 12, 2025
  • Last updated: September 9, 2025
  • Aggregate CVE severity rating: Critical

Customer action required: Yes

Daniel - Microsoft MVP Consumer Security (2012-2016) Windows 10 Pro x64 for Workstations 22H2 on my Alienware 17R2 and Windows 11 Pro x64 for Workstations on my Alienware 17R5 Laptops with Webroot SecureAnywhere Complete Beta Tester for PC & Android Samsung Galaxy A16 5G OS 16.
ProTruckDriver
Jasper_The_Rasper
TripleHelix
TripleHelix
Moderator
Forum|alt.badge.img+63
  • TripleHelix
  • Author
  • Moderator
  • September 10, 2025

CVEs have been published or revised in the Security Update Guide

September 10, 2025

These common vulnerabilities and exposures (CVEs) were recently published or revised in the Microsoft Security Update Guide:

CVE-2025-21264

  • Title: Visual Studio Code Security Feature Bypass Vulnerability
  • Version: 2.0
  • Reason for revision: In the Security Updates Table, added Microsoft Visual Studio CoPilot Chat Extension as it is also affected by this vulnerability. Microsoft recommends that customers install the update to be fully protected from the vulnerability.
  • Originally released: May 13, 2025
  • Last updated: June 17, 2025
  • Aggregate CVE severity rating: Important
  • Customer action required: Yes

CVE-2025-29833

  • Title: Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability
  • Version: 1.1
  • Reason for revision: Added an FAQ and updated the CVSS score. This is an informational change only.
  • Originally released: May 13, 2025
  • Last updated: May 14, 2025
  • Aggregate CVE severity rating: Critical
  • Customer action required: Yes

CVE-2025-29954

  • Title: Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability
  • Version: 1.2
  • Reason for revision: Added an FAQ to provide a link to [KB5066014—Netlogon RPC Hardening (CVE-2025-49716) - Microsoft Support](https://support.microsoft.com/en-us/topic/kb5066014-netlogon-rpc-hardening-cve-2025-49716-38a0bc06-507c-47d4-be0f-ca1acab02c68). The article provides further guidance for hardening systems against unauthenticated RPC calls. This is an informational change only.
  • Originally released: May 13, 2025
  • Last updated: September 9, 2025
  • Aggregate CVE severity rating: Important
  • Customer action required: Yes
  
Daniel - Microsoft MVP Consumer Security (2012-2016) Windows 10 Pro x64 for Workstations 22H2 on my Alienware 17R2 and Windows 11 Pro x64 for Workstations on my Alienware 17R5 Laptops with Webroot SecureAnywhere Complete Beta Tester for PC & Android Samsung Galaxy A16 5G OS 16.
ProTruckDriver
Jasper_The_Rasper
TripleHelix
TripleHelix
Moderator
Forum|alt.badge.img+63
  • TripleHelix
  • Author
  • Moderator
  • September 10, 2025

CVEs have been published or revised in the Security Update Guide

September 9, 2025

These common vulnerabilities and exposures (CVEs) were recently published or revised in the Microsoft Security Update Guide:

CVE-2025-21178

  • Title: Visual Studio Remote Code Execution Vulnerability
  • Version: 3.0
  • Reason for revision: In the Security Updates table, added Visual Studio 2015 Update 3 as it is affected by this vulnerability, and removed Visual Studio 2013 Update 5 as it is not affected by this vulnerability. Microsoft recommends that customers install the update for Visual Studio 2015 Update 3 to be fully protected from the vulnerability. Customers whose systems are configured to receive automatic updates do not need to take any further action.
  • Originally released: January 14, 2025
  • Last updated: February 14, 2025
  • Aggregate CVE severity rating: Important
  • Customer action required: Yes

CVE-2025-21293

  • Title: Active Directory Domain Services Elevation of Privilege Vulnerability
  • Version: 2.0
  • Reason for revision: To comprehensively address CVE-2025-21293, Microsoft has released September 2025 security update KB5065426 for Windows Server 2025, Windows Server 2025 (Server Core installation), Windows 11 Version 24H2 for x64-based Systems, and Windows 11 Version 24H2 for ARM64-based Systems. Microsoft recommends that customers install the updates to be fully protected from the vulnerability. Customers whose systems are configured to receive automatic updates do not need to take any further action. For customers running these versions of Windows and who install the HotPatch updates, Microsoft has released Hotpatch KB5065474. Customers who install the HotPatch updates should install KB5065474 to be protected from this vulnerability.
  • Originally released: January 14, 2025
  • Last updated: September 9, 2025
  • Aggregate CVE severity rating: Important
  • Customer action required: Yes

CVE-2025-21325

  • Title: Windows Secure Kernel Mode Elevation of Privilege Vulnerability
  • Version: 2.0
  • Reason for revision: In the Security Updates table, added Download and Article links for Windows Server 2025 (Server Core installation). Microsoft recommends that customers install the update to be fully protected from the vulnerability. Customers whose systems are configured to receive automatic updates do not need to take any further action.
  • Originally released: January 16, 2025
  • Last updated: February 21, 2025
  • Aggregate CVE severity rating: Important
  • Customer action required: Yes
  
Daniel - Microsoft MVP Consumer Security (2012-2016) Windows 10 Pro x64 for Workstations 22H2 on my Alienware 17R2 and Windows 11 Pro x64 for Workstations on my Alienware 17R5 Laptops with Webroot SecureAnywhere Complete Beta Tester for PC & Android Samsung Galaxy A16 5G OS 16.
ProTruckDriver
Jasper_The_Rasper
TripleHelix
TripleHelix
Moderator
Forum|alt.badge.img+63
  • TripleHelix
  • Author
  • Moderator
  • September 12, 2025

CVEs have been published or revised in the Security Update Guide

September 11, 2025

These common vulnerabilities and exposures (CVEs) were recently published or revised in the Microsoft Security Update Guide:

CVE-2025-49734

  • Title: PowerShell Direct Elevation of Privilege Vulnerability
  • Version: 2.0
  • Reason for revision: Revised the Security Updates table to include PowerShell 7.4 and PowerShell 7.5 because these versions of PowerShell 7 are affected by this vulnerability. See [https://github.com/PowerShell/Announcements/issues/78](https://github.com/PowerShell/Announcements/issues/78) for more information.
  • Originally released: September 9, 2025
  • Last updated: September 11, 2025
  • Aggregate CVE severity rating: Important
  • Customer action required: Yes

CVE-2025-55319

  • Title: Agentic AI and Visual Studio Code Remote Code Execution Vulnerability
  • Version: 1.0
  • Reason for revision: Information published.
  • Originally released: September 11, 2025
  • Last updated: September 11, 2025
  • Aggregate CVE severity rating: Important

Customer action required: Yes

Daniel - Microsoft MVP Consumer Security (2012-2016) Windows 10 Pro x64 for Workstations 22H2 on my Alienware 17R2 and Windows 11 Pro x64 for Workstations on my Alienware 17R5 Laptops with Webroot SecureAnywhere Complete Beta Tester for PC & Android Samsung Galaxy A16 5G OS 16.
Jasper_The_Rasper
Ssherjj
TripleHelix
TripleHelix
Moderator
Forum|alt.badge.img+63
  • TripleHelix
  • Author
  • Moderator
  • September 17, 2025

CVEs have been published or revised in the Security Update Guide

September 17, 2025

These common vulnerabilities and exposures (CVEs) were recently published or revised in the Microsoft Security Update Guide:

CVE-2025-48807

  • Title: Windows Hyper-V Remote Code Execution Vulnerability
  • Version: 2.0
  • Reason for revision: To comprehensively address CVE-2025-48807, Microsoft has released September 2025 security updates for the following versions of Windows: Windows Server 2016 and newer, x64-based editions of Windows 10 Version 1607 and Windows 10 Version 1809, and all supported versions of Windows 10 Version 21H2 and newer and Windows 11 Version 22H2 and newer. Microsoft recommends that customers install the update to be fully protected from the vulnerability. Customers whose systems are configured to receive automatic updates do not need to take any further action.
  • Originally released: August 12, 2025
  • Last updated: September 9, 2025
  • Aggregate CVE severity rating: Critical
  • Customer action required: Yes

CVE-2025-50154

  • Title: Microsoft Windows File Explorer Spoofing Vulnerability
  • Version: 1.1
  • Reason for revision: Updated one or more CVSS scores for the affected products. This is an informational change only.
  • Originally released: August 12, 2025
  • Last updated: September 17, 2025
  • Aggregate CVE severity rating: Important
  • Customer action required: Yes
  
Daniel - Microsoft MVP Consumer Security (2012-2016) Windows 10 Pro x64 for Workstations 22H2 on my Alienware 17R2 and Windows 11 Pro x64 for Workstations on my Alienware 17R5 Laptops with Webroot SecureAnywhere Complete Beta Tester for PC & Android Samsung Galaxy A16 5G OS 16.
Jasper_The_Rasper
Ssherjj
TripleHelix
TripleHelix
Moderator
Forum|alt.badge.img+63
  • TripleHelix
  • Author
  • Moderator
  • September 18, 2025

CVEs have been published or revised in the Security Update Guide

September 18, 2025

These common vulnerabilities and exposures (CVEs) were recently published or revised in the Microsoft Security Update Guide:

CVE-2025-55241

  • Title: Azure Entra Elevation of Privilege Vulnerability
  • Version: 1.1
  • Reason for revision: The CVSS score for this vulnerability has been updated to reflect a change in the **Attack Complexity** metric from **High** to **Low**
  • Originally released: September 4, 2025
  • Last updated: September 18, 2025
  • Aggregate CVE severity rating: Critical

Customer action required: No

Daniel - Microsoft MVP Consumer Security (2012-2016) Windows 10 Pro x64 for Workstations 22H2 on my Alienware 17R2 and Windows 11 Pro x64 for Workstations on my Alienware 17R5 Laptops with Webroot SecureAnywhere Complete Beta Tester for PC & Android Samsung Galaxy A16 5G OS 16.
ProTruckDriver
Jasper_The_Rasper
TripleHelix
TripleHelix
Moderator
Forum|alt.badge.img+63
  • TripleHelix
  • Author
  • Moderator
  • September 25, 2025

CVEs have been published or revised in the Security Update Guide

September 25, 2025

These common vulnerabilities and exposures (CVEs) were recently published or revised in the Microsoft Security Update Guide:

CVE-2025-10890

  • Title: Chromium: CVE-2025-10890 Side-channel information leakage in V8
  • Version: 1.0
  • Reason for revision: Information published.
  • Originally released: September 25, 2025
  • Last updated: September 25, 2025
  • Aggregate CVE severity rating:
  • Customer action required: Yes

CVE-2025-10891

  • Title: Chromium: CVE-2025-10891 Integer overflow in V8
  • Version: 1.0
  • Reason for revision: Information published.
  • Originally released: September 25, 2025
  • Last updated: September 25, 2025
  • Aggregate CVE severity rating:
  • Customer action required: Yes

CVE-2025-10892

  • Title: Chromium: CVE-2025-10892 Integer overflow in V8
  • Version: 1.0
  • Reason for revision: Information published.
  • Originally released: September 25, 2025
  • Last updated: September 25, 2025
  • Aggregate CVE severity rating:
  • Customer action required: Yes

CVE-2025-59251

  • Title: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
  • Version: 1.0
  • Reason for revision: Information published.
  • Originally released: September 25, 2025
  • Last updated: September 25, 2025
  • Aggregate CVE severity rating: Important
  • Customer action required: Yes
  
Daniel - Microsoft MVP Consumer Security (2012-2016) Windows 10 Pro x64 for Workstations 22H2 on my Alienware 17R2 and Windows 11 Pro x64 for Workstations on my Alienware 17R5 Laptops with Webroot SecureAnywhere Complete Beta Tester for PC & Android Samsung Galaxy A16 5G OS 16.
TripleHelix
Terms & ConditionsAccessibility statement