Microsoft’s September 2025 Patch Tuesday fixed 86 vulnerabilities across Windows and other products, with none exploited in the wild but several rated highly likely for exploitation. Key patches include critical remote code execution and privilege escalation flaws affecting Windows components, SharePoint, Office, and SQL Server. #CVE20255232 #WindowsKernel #SharePointVulnerabilities
Keypoints
- Microsoft released patches resolving 86 vulnerabilities for Windows and other products in September 2025.
- None of these vulnerabilities have been exploited in the wild at the time of release.
- Eight vulnerabilities are rated as ‘exploitation more likely’, including issues in Windows kernel, NTFS, TCP/IP, and Hyper-V.
- The most critical vulnerability is CVE-2025-55232, a remote code execution flaw in the HPC pack with a CVSS score of 9.8.
- Other high-severity vulnerabilities include remote code execution flaws in Routing and Remote Access, SharePoint, Office, and privilege escalation in SQL Server.
Read More: https://www.securityweek.com/microsoft-patches-86-vulnerabilities/