Patch Tuesday

Microsoft Patch Tuesday – August 2025

7 min. read

12/08/2025

By Esben Dochy

Windows NTLM Elevation of Privilege Vulnerability
MSMQ Remote Code Execution Vulnerability
Microsoft Office Remote Code Execution
Run the Patch Tuesday August 2025 Audit
Patch Tuesday August 2025 CVE Codes & Titles

⚡ TL;DR | Go Straight to the August 2025 Patch Tuesday Audit Report

Patch Tuesday is once again upon us. As always, our team has put together the monthly Patch Tuesday Report to help you manage your update progress. The audit report gives you a quick and clear overview of your Windows machines and their patching status. The August 2025 edition of Patch Tuesday brings us 107 new fixes, with 13 rated as critical. We’ve listed the most important changes below.

Windows NTLM Elevation of Privilege Vulnerability

CVE-2025-53778 is arguable the most critical vulnerability this month as we are lucky that there are no exploited vulnerabilities this time. This NTLM EoP vulnerability has a CVSS base score of 8.8 and Microsoft does list it has being “more likely” to be exploited.

If successfully exploited an attacker could gain SYSTEM privileges. Microsoft has not provided additional details as usual to prevent exploitation.

MSMQ Remote Code Execution Vulnerability

The second critical vulnerability this month that is more likely to be exploited is CVE-2025-50177. This RCE has a CVSS base score of 8.1. Exploitation of this vulnerability requires an attacker to send a series of specially crafted MSMQ packets in a rapid sequence over HTTP to a MSMQ server.

This means that only MSMQ servers are vulnerable, you can easily get an overview of your MSMQ servers by running our MSMQ Server Audit.

Microsoft Office Remote Code Execution

There are a total of three RCE vulnerabilities that got fixed in Office this month, CVE-2025-53740, CVE-2025-53732, and CVE-2025-53731. While Microsoft does list them as less likely to be exploited, since the attacker or victim needs to execute code from the local machine to exploit the vulnerability. CVSS scores range between 8.4 and 7.8.

Run the Patch Tuesday August 2025 Audit

To help manage your update progress, we’ve created the Patch Tuesday Audit that checks if the assets in your network are on the latest patch updates. The report has been color-coded to see which machines are up-to-date and which ones still need to be updated. As always, system administrators are urged to update their environment as soon as possible to ensure all endpoints are secured.

The Lansweeper Patch Tuesday report is automatically added to your Lansweeper Site. Lansweeper Sites is included in all our licenses without any additional cost and allows you to federate all your installations into one single view so all you need to do is look at one report, automatically added every patch Tuesday!

Run the August Patch Tuesday Audit

Patch Tuesday August 2025 CVE Codes & Titles

CVE Number	CVE Title
CVE-2025-53793	Azure Stack Hub Information Disclosure Vulnerability
CVE-2025-53789	Windows StateRepository API Server file Elevation of Privilege Vulnerability
CVE-2025-53788	Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability
CVE-2025-53786	Microsoft Exchange Server Hybrid Deployment Elevation of Privilege Vulnerability
CVE-2025-53784	Microsoft Word Remote Code Execution Vulnerability
CVE-2025-53783	Microsoft Teams Remote Code Execution Vulnerability
CVE-2025-53781	Azure Virtual Machines Information Disclosure Vulnerability
CVE-2025-53779	Windows Kerberos Elevation of Privilege Vulnerability
CVE-2025-53778	Windows NTLM Elevation of Privilege Vulnerability
CVE-2025-53773	GitHub Copilot and Visual Studio Remote Code Execution Vulnerability
CVE-2025-53772	Web Deploy Remote Code Execution Vulnerability
CVE-2025-53769	Windows Security App Spoofing Vulnerability
CVE-2025-53766	GDI+ Remote Code Execution Vulnerability
CVE-2025-53765	Azure Stack Hub Information Disclosure Vulnerability
CVE-2025-53761	Microsoft PowerPoint Remote Code Execution Vulnerability
CVE-2025-53760	Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2025-53759	Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-53741	Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-53740	Microsoft Office Remote Code Execution Vulnerability
CVE-2025-53739	Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-53738	Microsoft Word Remote Code Execution Vulnerability
CVE-2025-53737	Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-53736	Microsoft Word Information Disclosure Vulnerability
CVE-2025-53735	Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-53734	Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2025-53733	Microsoft Word Remote Code Execution Vulnerability
CVE-2025-53732	Microsoft Office Remote Code Execution Vulnerability
CVE-2025-53731	Microsoft Office Remote Code Execution Vulnerability
CVE-2025-53730	Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2025-53729	Microsoft Azure File Sync Elevation of Privilege Vulnerability
CVE-2025-53728	Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability
CVE-2025-53727	Microsoft SQL Server Elevation of Privilege Vulnerability
CVE-2025-53726	Windows Push Notifications Apps Elevation of Privilege Vulnerability
CVE-2025-53725	Windows Push Notifications Apps Elevation of Privilege Vulnerability
CVE-2025-53724	Windows Push Notifications Apps Elevation of Privilege Vulnerability
CVE-2025-53723	Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2025-53722	Windows Remote Desktop Services Denial of Service Vulnerability
CVE-2025-53721	Windows Connected Devices Platform Service Elevation of Privilege Vulnerability
CVE-2025-53720	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2025-53719	Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
CVE-2025-53718	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2025-53716	Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability
CVE-2025-53156	Windows Storage Port Driver Information Disclosure Vulnerability
CVE-2025-53155	Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2025-53154	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2025-53153	Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
CVE-2025-53152	Desktop Windows Manager Remote Code Execution Vulnerability
CVE-2025-53151	Windows Kernel Elevation of Privilege Vulnerability
CVE-2025-53149	Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
CVE-2025-53148	Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
CVE-2025-53147	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2025-53145	Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
CVE-2025-53144	Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
CVE-2025-53143	Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
CVE-2025-53142	Microsoft Brokering File System Elevation of Privilege Vulnerability
CVE-2025-53141	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2025-53140	Windows Kernel Transaction Manager Elevation of Privilege Vulnerability
CVE-2025-53138	Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
CVE-2025-53137	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2025-53136	NT OS Kernel Information Disclosure Vulnerability
CVE-2025-53135	DirectX Graphics Kernel Elevation of Privilege Vulnerability
CVE-2025-53134	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2025-53133	Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability
CVE-2025-53132	Win32k Elevation of Privilege Vulnerability
CVE-2025-53131	Windows Media Remote Code Execution Vulnerability
CVE-2025-50177	Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
CVE-2025-50176	DirectX Graphics Kernel Remote Code Execution Vulnerability
CVE-2025-50173	Windows Installer Elevation of Privilege Vulnerability
CVE-2025-50172	DirectX Graphics Kernel Denial of Service Vulnerability
CVE-2025-50171	Remote Desktop Spoofing Vulnerability
CVE-2025-50170	Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2025-50169	Windows SMB Remote Code Execution Vulnerability
CVE-2025-50168	Win32k Elevation of Privilege Vulnerability
CVE-2025-50167	Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2025-50166	Windows Distributed Transaction Coordinator (MSDTC) Information Disclosure Vulnerability
CVE-2025-50165	Windows Graphics Component Remote Code Execution Vulnerability
CVE-2025-50164	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2025-50163	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2025-50162	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2025-50161	Win32k Elevation of Privilege Vulnerability
CVE-2025-50160	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2025-50159	Remote Access Point-to-Point Protocol (PPP) EAP-TLS Elevation of Privilege Vulnerability
CVE-2025-50158	Windows NTFS Information Disclosure Vulnerability
CVE-2025-50157	Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
CVE-2025-50156	Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
CVE-2025-50155	Windows Push Notifications Apps Elevation of Privilege Vulnerability
CVE-2025-50154	Microsoft Windows File Explorer Spoofing Vulnerability
CVE-2025-50153	Desktop Windows Manager Elevation of Privilege Vulnerability
CVE-2025-49762	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2025-49761	Windows Kernel Elevation of Privilege Vulnerability
CVE-2025-49759	Microsoft SQL Server Elevation of Privilege Vulnerability
CVE-2025-49758	Microsoft SQL Server Elevation of Privilege Vulnerability
CVE-2025-49757	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVE-2025-49755	Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability
CVE-2025-49751	Windows Hyper-V Denial of Service Vulnerability
CVE-2025-49745	Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2025-49743	Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2025-49736	Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability
CVE-2025-49712	Microsoft SharePoint Remote Code Execution Vulnerability
CVE-2025-49707	Azure Virtual Machines Spoofing Vulnerability
CVE-2025-48807	Windows Hyper-V Remote Code Execution Vulnerability
CVE-2025-47954	Microsoft SQL Server Elevation of Privilege Vulnerability
CVE-2025-33051	Microsoft Exchange Server Information Disclosure Vulnerability
CVE-2025-25007	Microsoft Exchange Server Spoofing Vulnerability
CVE-2025-25006	Microsoft Exchange Server Spoofing Vulnerability
CVE-2025-25005	Microsoft Exchange Server Tampering Vulnerability
CVE-2025-24999	Microsoft SQL Server Elevation of Privilege Vulnerability

Windows NTLM Elevation of Privilege Vulnerability
MSMQ Remote Code Execution Vulnerability
Microsoft Office Remote Code Execution
Run the Patch Tuesday August 2025 Audit
Patch Tuesday August 2025 CVE Codes & Titles

STAY UPDATED