Eight essential RCE flaws make Microsoft’s newest Patch Tuesday listing
No fewer than eight essential flaws that might permit a risk actor to realize distant code execution (RCE) on a focused system are listed in Microsoft’s August Patch Tuesday replace, which as soon as once more tops out at over 100 widespread vulnerabilities and exposures (CVEs).
Alongside the essential RCE bugs, which happen in quite a lot of Microsoft services together with DirectX Graphics Kernel, GDI+, Hyper-V, Message Queuing, Workplace and Phrase, are a solitary elevation of privilege (EoP) flaw in Home windows NTLM, two info disclosure vulnerabilities in Hyper-V and Azure Stack Hub, and a spoofing vulnerability in Hyper-V.
The newest month-to-month drop incorporates no full zero-day exploits, bar one EoP vulnerability in Home windows Kerberos, CVE-2025-53779, that by itself doesn’t fairly meet all the factors as whereas exploit code has been made public, there is no such thing as a proof any risk actor has but taken benefit of it.
This stems from a path traversal flaw wherein Kerberos improperly validates path inputs when dealing with the comparatively new delegated Managed Service Account (dMSA) characteristic in Home windows Server 2025. This in flip allows an attacker to create improper delegation relationships, impersonate privileged accounts, escalate to area admin privileges, and doubtlessly achieve management of the Lively Listing area.
Nevertheless so as to take action they would wish to have already got elevated entry to sure attributes of the dMSA, so exploitation is supposedly much less doubtless, in response to Microsoft.
This mentioned, Mike Walters, president and co-founder of Action1, mentioned the hazard from CVE-2025-53779 grows when mixed with different methods and as such, massive organisations with advanced Lively Listing environments, people who lean into dMSAs for service account administration, and high-risk targets like banks, authorities businesses or hospitals, ought to take heed.
“The mixture of a path traversal challenge in a core authentication part like Kerberos and its potential excessive influence is regarding,” mentioned Walters.
“The necessity for top privileges could create a false sense of safety, as accounts with these rights are widespread in decentralised IT environments. As soon as compromised, they will rapidly result in full area takeover.
“The presence of purposeful exploit code means attackers could pursue this flaw regardless of Microsoft’s evaluation. Vulnerabilities in core authentication mechanisms are engaging additions to superior assault chains, particularly in concentrating on high-value environments,” he warned.
SharePoint flaws ought to be addressed
Though much less instantly harmful of their scope, defenders may additionally want to take note of a pair of vulnerabilities in SharePoint, CVE-2025-53760, which allows EoP, and CVE-2025-49712, which allows RCE.
These come scorching on the heels of the so-called ToolShell vulnerabilities in SharePoint – which have been so severe they acquired an out-of-synch patch in July, and have been exploited in short-order by China-linked risk actors towards authorities targets.
Qualys Risk Unit senior supervisor for safety analysis, Saeed Abbasi, mentioned CVE-2025-49712 particularly warranted some concern.
“This RCE calls for authentication however pairs dangerously with identified auth bypasses,” defined Abbasi.
“Attackers chaining this with prior flaws may obtain full server compromise, and knowledge exfiltration. It is not but exploited within the wild, however historical past reveals these evolve quick. Uncovered SharePoint cases are prime footholds for lateral motion.
“Prioritise and patch all SharePoint updates, rotate keys, and get rid of web publicity. Delaying invitations regulatory scrutiny and breaches since SharePoint’s exploit streak is not over,” added Abbasi.
