Skip to content
BLOG

Patch Tuesday August 2025

Brock Bingham candid headshot
Brock Bingham|August 12, 2025
Patch Tuesday October 2023
Patch Tuesday October 2023
Sections

WinRar and SharePoint and SonicWall, oh my! Between the WinRAR zero-day, the SharePoint zero-day, and the SonicWall zero-day (that SonicWall claims totally wasn’t actually a zero-day), it’s been a very busy month for bad guys on the internet. Thankfully, Microsoft’s Patch Tuesday is here to fix all our problems (and potentially break a few things in the process). Here are the deets! 

Severity

  • Total exploits patched: 107 

  • Critical patches: 13 

  • Important: 91 

  • Moderate: 2 

  • Low: 1 

Vulnerability impact

  • Remote code execution: 35 

  • Elevation of privilege: 42 

  • Information disclosure: 16 

  • Spoofing: 9 

  • Tampering: 1 

  • Denial of service: 4 

Availability 

  • Publicly disclosed: 1 

  • Actively exploited: 0 

Some highlights (or lowlights) 

  • CVE-2025-50165: CVE-2025-50165 is a 9.8 rated critical remote code execution vulnerability in the Windows Graphics Component affecting Windows Server 2025 and Windows 11 24H2. As if we needed more reasons to dislike 24H2. What’s worse is this can all happen over the network without any user interaction or privileges. Thankfully, the PoC is still publicly unavailable at this time. 

  • CVE-2025-53766: Also coming in at a 9.8 is CVE-2025-53766. This vulnerability takes advantage of a heap-based buffer overflow exploit in the GDI+ subsystem. An attacker could use a malicious metafile to gain remote code execution and information disclosure on affected systems.

  • CVE-2025-53779: Our lone zero-day CVE for today is CVE-2025-53779, which is a relative path traversal exploit impacting Windows Kerberos on Server 2025 and could lead to an elevation of privilege and potentially domain administrator access. To take advantage of this vulnerability, an attacker would need to have elevated access to the following delegated managed service accounts (dMSA) attributes: 

    • msds-groupMSAMembership 

    • msds-ManagedAccountPrecededByLink 

Wrapping up

It seems like exploits, both old and new, have been making headlines more frequently these days. Maybe it’s code complexity. Maybe it’s AI-powered cybervillains. Or maybe the universe just really wants sysadmins to lose sleep (it’s definitely not the caffeine). Whatever the cause, don’t let your company make the next cyberattack news headline. Get PDQ Connect and automate your patch deployments. 
 
Until next month, stay safe, stay patched, and stay out of the spotlight. 

ConnectIcon CTA

Automate your patching

Keep Windows devices patched and secure from the cloud.

Start a free trial

Loading...

Brock Bingham candid headshot
Brock Bingham

Born in the '80s and raised by his NES, Brock quickly fell in love with everything tech. With over 15 years of IT experience, Brock now enjoys the life of luxury as a renowned tech blogger and receiver of many Dundie Awards. In his free time, Brock enjoys adventuring with his wife, kids, and dogs, while dreaming of retirement.

Related articles

General grey

How to disable Windows telemetry

PRODUCT

PDQ then and now: Lessons from the founders and the road ahead

PDQ then and now: Lessons from the founders and the road ahead

PRODUCT

Illustration of computer with shield and lock that represents security

Incident response starter guide for sysadmins

SECURITY