Microsoft Patch Tuesday, September 2025 Edition

Microsoft Corp. today issued security updates to fix more than 80 vulnerabilities in its Windows operating systems and software. There are no known "zero-day" or actively exploited vulnerabilities in this month's bundle from Redmond, which nevertheless includes patches for 13 flaws that earned...

CVE-2025-53778

CVE-2025-53778 is a Windows NTLM elevation-of-privilege flaw caused by improper authentication in NTLM that can enable a network-authenticated attacker with low privileges to elevate to SYSTEM. It is discussed in security reports (e.g., KREBS patch-tuesday coverage) and is addressed by August 202...

The vulnerability of the Windows operating system’s Network Authentication Protocol NTLM implementation allows a perpetrator to compromise the confidentiality of protected information.

The vulnerability of the Windows operating system’s Network Authentication Protocol NTLM implementation is related to a flaw in the data protection mechanism. Exploiting this vulnerability allows an attacker to compromise the confidentiality of the protected information...

The vulnerability of the NTLM network authentication protocol for Windows operating systems allows attackers to circumvent security restrictions and gain increased privileges.

The vulnerability of the NTLM network authentication protocol for Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to circumvent security restrictions and enhance their privileges...

The vulnerability of the Windows operating system’s network authentication protocol, NT LAN Manager (NTLM), allows a hacker to access user password hashes.

The vulnerability of the Windows operating system’s Network Authentication Protocol NTLM exists due to the incorrect implementation of the NTLM authentication algorithm. Exploiting this vulnerability allows a malicious actor to obtain access to user password hashes through a specially crafted SCF...