A week in security (August 11 – August 17)

Last week on Malwarebytes Labs: Italian hotels breached for tens of thousands of scanned IDs National Public Data returns after massive Social Security Number leak Romance scammers in Ghana charged with more than $100 million in theft Netflix scammers target jobseekers to trick them into handing...

August Microsoft Patch Tuesday

August Microsoft Patch Tuesday. A total of 132 vulnerabilities, 20 fewer than in July. Of these, 25 were added between the July and August MSPT. Three are actively exploited, including two related to the trending SharePoint "ToolShell" flaw, exploited since July 17. RCE - Microsoft SharePoint...

Microsoft patches some very important vulnerabilities in August’s patch Tuesday

In the August 2025 patch Tuesday round Microsoft fixed a total of 111 Microsoft vulnerabilities. A few of them are very important for people to apply. Even if you’re not a tech expert, keeping your Windows system up to date is one of the simplest and most effective ways to protect yourself from...

Microsoft August 2025 Patch Tuesday Fixes Kerberos Zero-Day Among 111 Total New Flaws

Microsoft on Tuesday rolled out fixes for a massive set of 111 security flaws across its software portfolio, including one flaw that has been disclosed as publicly known at the time of the release. Of the 111 vulnerabilities, 16 are rated Critical, 92 are rated Important, two are rated Moderate,...

Patch Tuesday: Microsoft Fixes 107 Vulnerabilities, Including 13 RCE Flaws

Microsoft’s August Patch Tuesday fixes 107 vulnerabilities, including 13 critical RCE flaws, impacting Windows, Office, Azure, and more,…...

Microsoft Patch Tuesday, August 2025 Edition

Microsoft today released updates to fix more than 100 security flaws in its Windows operating systems and other software. At least 13 of the bugs received Microsoft's most-dire "critical" rating, meaning they could be abused by malware or malcontents to gain remote access to a Windows system with...

Patch Tuesday - August 2025

Microsoft is addressing 111 vulnerabilities this August 2025 Patch Tuesday, a volume which is around the recent average. In a neat parallel with last month, Microsoft is aware of public disclosure for a single one of the vulnerabilities published today, and claims no evidence of in-the-wild...

Microsoft Patch Tuesday for August 2025 — Snort rules and prominent vulnerabilities

Microsoft has released its monthly security update for August 2025, which includes 111 vulnerabilities affecting a range of products, including 13 that Microsoft marked as "critical". In this month's release, Microsoft observed none of the included vulnerabilities being actively exploited in the...

Microsoft and Adobe Patch Tuesday, August 2025 Security Update Review

It's the second Tuesday of August, and Microsoft has rolled out its latest security updates. Microsoft's August 2025 Patch Tuesday has arrived, bringing a fresh wave of security fixes to help organizations stay ahead of evolving threats. Here's a quick breakdown of what you need to know. Microsof...

CVE-2025-53779

creationtimestamp| type| source ---|---|--- 2025-08-12 16:01:32+00:00| seen| https://www.thezdi.com/blog/2025/8/12/the-august-2025-security-update-review 2025-08-12 17:14:03+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115016914865011965 2025-08-12 18:14:44+00:00| seen|...

CVE-2025-53766

creationtimestamp| type| source ---|---|--- 2025-08-12 16:01:32+00:00| seen| https://www.thezdi.com/blog/2025/8/12/the-august-2025-security-update-review 2025-08-12 20:14:41+00:00| seen| https://krebsonsecurity.com/2025/08/microsoft-patch-tuesday-august-2025-edition/ 2025-08-12 20:19:28+00:00|...

CVE-2025-53733

creationtimestamp| type| source ---|---|--- 2025-08-12 16:01:32+00:00| seen| https://www.thezdi.com/blog/2025/8/12/the-august-2025-security-update-review 2025-08-12 17:21:21+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115016943578757951 2025-08-12 20:14:41+00:00| seen|...

CVE-2025-50165

creationtimestamp| type| source ---|---|--- 2025-08-12 16:01:32+00:00| seen| https://www.thezdi.com/blog/2025/8/12/the-august-2025-security-update-review 2025-08-12 20:14:41+00:00| seen| https://krebsonsecurity.com/2025/08/microsoft-patch-tuesday-august-2025-edition/ 2025-08-13 08:34:11+00:00|...

PT-2025-32857

Name of the Vulnerable Software and Affected Versions: Microsoft Teams versions prior to 25122.1415.3698.6812 Description: A heap-based buffer overflow exists in Microsoft Teams, potentially allowing an unauthorized attacker to execute code over a network. Exploitation may involve malicious links...

PT-2025-32850

Name of the Vulnerable Software and Affected Versions: Windows GDI+ affected versions not specified Description: A heap-based buffer overflow exists in Windows GDI+. This allows an unauthorized attacker to execute code over a network. The vulnerability enables remote attackers to execute arbitrar...

Qualys has introduced Agentic AI, a solution for autonomous cyber risk management

Qualys hasintroducedAgentic AI, a solution for autonomous cyber risk management. As part of this solution, Qualys provides ready-to-use Cyber Risk Agents that operate autonomously and act as an additional skilled digital workforce. Agentic AI not only detects issues and provides analytics but als...

July Microsoft Patch Tuesday

July Microsoft Patch Tuesday. A total of 152 vulnerabilities - twice as many as in June. Of these, 15 vulnerabilities were added between the June and July MSPT. One vulnerability is exploited in the wild: Memory Corruption - Chromium CVE-2025-6554 One vulnerability has an exploit available on...

Patch Tuesday - July 2025

Microsoft is addressing 137 vulnerabilities this July 2025 Patch Tuesday, which is above average. Microsoft is aware of public disclosure for just one of the vulnerabilities published today, and Microsoft isn’t aware of in-the-wild exploitation for any of today’s batch. This is the tenth...

Microsoft Patches 130 Vulnerabilities, Including Critical Flaws in SPNEGO and SQL Server

For the first time in 2025, Microsoft's Patch Tuesday updates did not bundle fixes for exploited security vulnerabilities, but the company acknowledged one of the addressed flaws had been publicly known. The patches resolve a whopping 130 vulnerabilities, along with 10 other non-Microsoft CVEs th...

Microsoft and Adobe Patch Tuesday, July 2025 Security Update Review

With cybersecurity threats continuing to evolve, Microsoft's July 2025 Patch Tuesday highlights the need for consistent patching — this month's release includes key fixes for actively exploited vulnerabilities. Here's a quick breakdown of what you need to know. Microsoft Patch Tuesday for July 20...