What’s new: Microsoft released updates on August 12, 2025, addressing over 100 security vulnerabilities across its Windows operating systems and other software. Among these, 13 vulnerabilities received a “critical” rating, indicating potential for remote exploitation. Notably, CVE-2025-53786 allows attackers to pivot from compromised Microsoft Exchange Servers to cloud environments, affecting Exchange Server 2016, 2019, and Subscription Edition. CVE-2025-53779, a weakness in Windows Kerberos, enables unauthenticated attackers to gain domain admin privileges. Other critical vulnerabilities include CVE-2025-53766 and CVE-2025-50165 in Windows GDI+, CVE-2025-53733 in Microsoft Word, and CVE-2025-53778 in Windows NTLM, which could allow elevation to SYSTEM-level access.
Who’s affected
Organizations using Microsoft Exchange Server 2016, 2019, and Subscription Edition, as well as those utilizing Windows operating systems with the identified vulnerabilities, are at risk. Approximately 29,000 Exchange servers are publicly exposed and vulnerable to CVE-2025-53786.
What to do
- Apply all relevant patches released on August 12, 2025, particularly for CVE-2025-53786, CVE-2025-53779, CVE-2025-53766, CVE-2025-50165, CVE-2025-53733, and CVE-2025-53778.
- Follow Microsoft’s manual instructions for securing hybrid connections related to CVE-2025-53786.
- Monitor for any issues during the patch installation process and consult resources like the SANS Internet Storm Center for additional guidance.
