Skip to content
BLOG

Patch Tuesday August 2025

Brock Bingham candid headshot
Brock Bingham|August 12, 2025
Patch Tuesday October 2023
Patch Tuesday October 2023
Sections

WinRar and SharePoint and SonicWall, oh my! Between the WinRAR zero-day, the SharePoint zero-day, and the SonicWall zero-day (that SonicWall claims totally wasn’t actually a zero-day), it’s been a very busy month for bad guys on the internet. Thankfully, Microsoft’s Patch Tuesday is here to fix all our problems (and potentially break a few things in the process). Here are the deets! 

Severity

  • Total exploits patched: 107 

  • Critical patches: 13 

  • Important: 91 

  • Moderate: 2 

  • Low: 1 

Vulnerability impact

  • Remote code execution: 35 

  • Elevation of privilege: 42 

  • Information disclosure: 16 

  • Spoofing: 9 

  • Tampering: 1 

  • Denial of service: 4 

Availability 

  • Publicly disclosed: 1 

  • Actively exploited: 0 

Some highlights (or lowlights) 

  • CVE-2025-50165: CVE-2025-50165 is a 9.8 rated critical remote code execution vulnerability in the Windows Graphics Component affecting Windows Server 2025 and Windows 11 24H2. As if we needed more reasons to dislike 24H2. What’s worse is this can all happen over the network without any user interaction or privileges. Thankfully, the PoC is still publicly unavailable at this time. 

  • CVE-2025-53766: Also coming in at a 9.8 is CVE-2025-53766. This vulnerability takes advantage of a heap-based buffer overflow exploit in the GDI+ subsystem. An attacker could use a malicious metafile to gain remote code execution and information disclosure on affected systems.

  • CVE-2025-53779: Our lone zero-day CVE for today is CVE-2025-53779, which is a relative path traversal exploit impacting Windows Kerberos on Server 2025 and could lead to an elevation of privilege and potentially domain administrator access. To take advantage of this vulnerability, an attacker would need to have elevated access to the following delegated managed service accounts (dMSA) attributes: 

    • msds-groupMSAMembership 

    • msds-ManagedAccountPrecededByLink 

Wrapping up

It seems like exploits, both old and new, have been making headlines more frequently these days. Maybe it’s code complexity. Maybe it’s AI-powered cybervillains. Or maybe the universe just really wants sysadmins to lose sleep (it’s definitely not the caffeine). Whatever the cause, don’t let your company make the next cyberattack news headline. Get PDQ Connect and automate your patch deployments. 
 
Until next month, stay safe, stay patched, and stay out of the spotlight. 

ConnectIcon CTA

Automate your patching

Keep devices patched and secure from the cloud.

Start a free trial

Loading...

Brock Bingham candid headshot
Brock Bingham

Brock Bingham is a systems administrator with 15 years of experience managing endpoints and servers, with a strong focus on automation, patching, security, and maintaining stable environments at scale. After years of hands-on IT work, he now creates content and teaches, helping other admins learn through practical, real-world guidance.

Related articles

Image of a doctor's kit and bandaid.

Patch Tuesday February 2026

SECURITY

Dog drooling while reading content on laptop

How AI fits into the sysadmin workflow (without replacing it)

GENERAL IT

Security grey

What the Notepad++ supply chain attack teaches about update trust

SECURITY