Microsoft released its August 2025 Patch Tuesday update addressing a massive 111 security vulnerabilities across its software portfolio, including one zero-day flaw that was already publicly disclosed.
The security update includes 16 critical-severity bugs, 92 important flaws, and addresses issues ranging from privilege escalation to remote code execution.
Among the most significant patches is CVE-2025-53779, a Windows Kerberos privilege escalation vulnerability with a CVSS score of 7.2.
This zero-day, discovered by Akamai researcher Yuval Gordon, relates to the "BadSuccessor" attack technique that allows threat actors to compromise Active Directory domains by misusing delegated Managed Service Account objects.
The vulnerability requires attackers to have existing privileges but can lead to full domain control.
Key Critical Vulnerabilities Fixed:
- CVE-2025-53767 (CVSS 10.0): Azure OpenAI privilege escalation.
- CVE-2025-53766 (CVSS 9.8): GDI+ remote code execution.
- CVE-2025-50165 (CVSS 9.8): Windows Graphics component RCE.
- CVE-2025-53792 (CVSS 9.1): Azure Portal privilege escalation.
Microsoft noted that cloud service vulnerabilities affecting Azure OpenAI, Azure Portal, and Microsoft 365 Copilot have already been remediated automatically and require no customer action.
The update also includes 16 additional fixes for Microsoft Edge browser vulnerabilities.
Security researchers recommend immediate patching, particularly for organizations using Active Directory environments where the Kerberos flaw poses the greatest risk.

How to Download HEVC Video Extension for Free
Still works July 2026!
Read More →VBR vs CBR MP3: Better Sound at Half the Size...
Best encoding MP3 only ABR. Audio Quality: ABR>VBR>CBR but for some reason they are trying to hide ...
Read More →How to play FLAC files in Windows Media Playe...
@Drasko What is the error message you're seeing? Can you provide more details?
Read More →