Microsoft has released its September 2025 Patch Tuesday update, addressing a total of 81 security vulnerabilities across its product portfolio. This extensive release includes fixes for two zero-day vulnerabilities that are actively being exploited. Among the patched flaws, ten are rated as “Critical,” while the remaining 71 are classified as “Important.” The updates cover a […]
The post Microsoft September 2025 Patch Tuesday – 81 Vulnerabilities and 2 Zero Days Fixed appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
By integrating SonarQube's industry-leading automated code review with JFrog's new AppTrust governance platform, together we are providing the essential framework for software engineering teams to embrace AI-driven speed without compromising on control.
The post Analysis evidence from SonarQube now available in JFrog AppTrust appeared first on Security Boulevard.
By integrating SonarQube's industry-leading automated code review with JFrog's new AppTrust governance platform, together we are providing the essential framework for software engineering teams to embrace AI-driven speed without compromising on control.
The post Analysis evidence from SonarQube now available in JFrog AppTrust appeared first on Security Boulevard.
Attaullah Baig alleges that the social media giant fired him for raising security concerns about its WhatsApp messaging platform.
The post Former WhatsApp security manager sues company for privacy violations, professional retaliation appeared first on CyberScoop.
Every SOC analyst knows the frustration. Your SIEM generates hundreds, sometimes thousands of alerts daily. Each alert demands attention, but with limited time and resources, how do you prioritize effectively? Investigating each alert in isolation leaves teams reactive, overwhelmed, and ultimately vulnerable to sophisticated attacks that blend into the background noise. The Alert Triage Dilemma: […]
The post How to Enrich Alerts with Live Attack Data From 15K SOCs appeared first on Cyber Security News.
Microsoft addresses 80 CVEs, including eight flaws rated critical with one publicly disclosed.
Microsoft addresses 80 CVEs in its September 2025 Patch Tuesday release, with eight rated critical, and 72 rated important. Our counts omitted one vulnerability reported by VulnCheck.
This month’s update includes patches for:
Elevation of Privilege (EoP) vulnerabilities accounted for 47.5% of the vulnerabilities patched this month, followed by Remote Code Execution (RCE) vulnerabilities at 27.5%.
Important CVE-2025-55234 | Windows SMB Elevation of Privilege VulnerabilityCVE-2025-55234 is an EoP vulnerability affecting Windows Server Message Block (SMB). It was assigned a CVSSv3 score of 8.8 and rated as important. Successful exploitation would allow an unauthenticated attacker to elevate their privileges to that of the compromised user's account. According to Microsoft, this vulnerability was publicly disclosed prior to a patch being made available.
CVE-2025-55234 appears to have been released to help customers audit and assess their environment and identify incompatibility issues prior to utilizing some of the hardening capabilities for SMB Servers.
CVE-2025-55234 is the fifth Windows SMB vulnerability patched in 2025 and the third Windows SMB EoP disclosed this year. In the June 2025 Patch Tuesday release, Microsoft patched CVE-2025-33073, another publicly disclosed Windows SMB EoP vulnerability. A day after the June 2025 Patch Tuesday release, researchers from RedTeam Pentesting GmbH, one of many researchers credited with reporting the flaw to Microsoft, released a blog post detailing the vulnerability, including proof-of-concept details.
Critical CVE-2025-54918 | Windows NTLM Elevation of Privilege VulnerabilityCVE-2025-54918 is an EoP vulnerability in Windows New Technology LAN Manager (NTLM). It was assigned a CVSSv3 score of 8.8 and is rated critical. It was assessed as “Exploitation More Likely” according to Microsoft’s Exploitability Index. According to the advisory, successful exploitation would allow an attacker to elevate their privileges to SYSTEM.
This is the second month in a row that a critical NTLM EoP vulnerability was patched and the third in 2025. In the August 2025 Patch Tuesday release, Microsoft patched CVE-2025-53778, and CVE-2025-21311 in the January 2025 Patch Tuesday release.
Important CVE-2025-54916 | Windows NTFS Remote Code Execution VulnerabilityCVE-2025-54916 is a RCE in Microsoft Windows New Technology File System (NTFS). It was assigned a CVSSv3 score of 7.8 and is rated important and assessed as “Exploitation More Likely.” An attacker that successfully exploits this flaw would gain RCE on the targeted system. According to the advisory, any authenticated attacker could leverage this vulnerability.
Since 2022, the bulk of NTFS vulnerabilities patched across Patch Tuesday have been EoP or Information Disclosure vulnerabilities. However, this is the second NTFS RCE vulnerability since 2022 and the second in 2025. The first, CVE-2025-24993, patched in the March 2025 Patch Tuesday release, was exploited in the wild as a zero-day.
Critical CVE-2025-54910 | Microsoft Office Remote Code Execution VulnerabilityCVE-2025-54910 is a RCE in Microsoft Office. It was assigned a CVSSv3 score of 8.4 and is rated critical and assessed as “Exploitation Less Likely.” An attacker could exploit this vulnerability by convincing a target to open a specially crafted Office document. Additionally, the advisory notes that exploitation is possible through Microsoft Outlook’s Preview Pane. Successful exploitation would grant the attacker RCE privileges on the target system. For users of Microsoft Office LTSC for Mac 2021 and 2024, the advisory states that updates are not yet available, but will be released soon.
Important CVE-2025-54897 | Microsoft SharePoint Remote Code Execution VulnerabilityCVE-2025-54897 is a RCE vulnerability in Microsoft SharePoint. It was assigned a CVSSv3 score of 8.8 and is rated important and assessed as “Exploitation Less Likely.” In order to exploit this flaw, an attacker would need to be authenticated as any user and privileged accounts, such as admin or other elevated privileges are not necessary to exploit this flaw. Once authenticated, an attacker could either write arbitrary code or use code injection to execute code on a vulnerable SharePoint Server to gain RCE.
Critical CVE-2025-55224 | Windows Hyper-V Remote Code Execution VulnerabilityCVE-2025-55224 is a RCE in Windows Hyper-V. It was assigned a CVSSv3 score of 7.8, rated as critical and assessed as “Exploitation Less Likely.” According to the advisory, an attacker who is able to win a race condition could traverse from the guest hosts security boundary in order to execute arbitrary code on the Hyper-V host machine. While the attack complexity for this vulnerability is high, the impact would be significant for an attacker who is able to successfully exploit this vulnerability.
Important CVE-2025-54091, CVE-2025-54092, CVE-2025-54098, CVE-2025-54115 | Windows Hyper-V Elevation of Privilege VulnerabilitiesCVE-2025-54091, CVE-2025-54092, CVE-2025-54098, CVE-2025-54115 are EoP vulnerabilities in Windows Hyper-V, Microsoft’s virtualization product. CVE-2025-54091, CVE-2025-54092, CVE-2025-54098 were assigned a CVSSv3 score of 7.8 while CVE-2025-54115 was assigned a CVSSv3 score of 7.0. CVE-2025-54098 was assessed as “Exploitation More Likely” while the remaining three flaws were assessed as “Exploitation Less Likely.”
A local, authenticated attacker could exploit these vulnerabilities to elevate to SYSTEM privileges, though in order to exploit CVE-2025-54115, an attacker would first need to win a race condition, which is what contributed to its lower CVSS score.
Tenable SolutionsA list of all the plugins released for Microsoft’s September 2025 Patch Tuesday update can be found here. As always, we recommend patching systems as soon as possible and regularly scanning your environment to identify those systems yet to be patched.
For more specific guidance on best practices for vulnerability assessments, please refer to our blog post on How to Perform Efficient Vulnerability Assessments with Tenable.
Get more informationJoin Tenable's Research Special Operations (RSO) Team on the Tenable Community.
Learn more about Tenable One, the Exposure Management Platform for the modern attack surface.202X Patch Tuesday release.
The post Microsoft’s September 2025 Patch Tuesday Addresses 80 CVEs (CVE-2025-55234) appeared first on Security Boulevard.
Microsoft addresses 80 CVEs, including eight flaws rated critical with one publicly disclosed.
Microsoft addresses 80 CVEs in its September 2025 Patch Tuesday release, with eight rated critical, and 72 rated important. Our counts omitted one vulnerability reported by VulnCheck.
This month’s update includes patches for:
Elevation of Privilege (EoP) vulnerabilities accounted for 47.5% of the vulnerabilities patched this month, followed by Remote Code Execution (RCE) vulnerabilities at 27.5%.
ImportantCVE-2025-55234 | Windows SMB Elevation of Privilege VulnerabilityCVE-2025-55234 is an EoP vulnerability affecting Windows Server Message Block (SMB). It was assigned a CVSSv3 score of 8.8 and rated as important. Successful exploitation would allow an unauthenticated attacker to elevate their privileges to that of the compromised user's account. According to Microsoft, this vulnerability was publicly disclosed prior to a patch being made available.
CVE-2025-55234 appears to have been released to help customers audit and assess their environment and identify incompatibility issues prior to utilizing some of the hardening capabilities for SMB Servers.
CVE-2025-55234 is the fifth Windows SMB vulnerability patched in 2025 and the third Windows SMB EoP disclosed this year. In the June 2025 Patch Tuesday release, Microsoft patched CVE-2025-33073, another publicly disclosed Windows SMB EoP vulnerability. A day after the June 2025 Patch Tuesday release, researchers from RedTeam Pentesting GmbH, one of many researchers credited with reporting the flaw to Microsoft, released a blog post detailing the vulnerability, including proof-of-concept details.
CriticalCVE-2025-54918 | Windows NTLM Elevation of Privilege VulnerabilityCVE-2025-54918 is an EoP vulnerability in Windows New Technology LAN Manager (NTLM). It was assigned a CVSSv3 score of 8.8 and is rated critical. It was assessed as “Exploitation More Likely” according to Microsoft’s Exploitability Index. According to the advisory, successful exploitation would allow an attacker to elevate their privileges to SYSTEM.
This is the second month in a row that a critical NTLM EoP vulnerability was patched and the third in 2025. In the August 2025 Patch Tuesday release, Microsoft patched CVE-2025-53778, and CVE-2025-21311 in the January 2025 Patch Tuesday release.
ImportantCVE-2025-54916 | Windows NTFS Remote Code Execution VulnerabilityCVE-2025-54916 is a RCE in Microsoft Windows New Technology File System (NTFS). It was assigned a CVSSv3 score of 7.8 and is rated important and assessed as “Exploitation More Likely.” An attacker that successfully exploits this flaw would gain RCE on the targeted system. According to the advisory, any authenticated attacker could leverage this vulnerability.
Since 2022, the bulk of NTFS vulnerabilities patched across Patch Tuesday have been EoP or Information Disclosure vulnerabilities. However, this is the second NTFS RCE vulnerability since 2022 and the second in 2025. The first, CVE-2025-24993, patched in the March 2025 Patch Tuesday release, was exploited in the wild as a zero-day.
CriticalCVE-2025-54910 | Microsoft Office Remote Code Execution VulnerabilityCVE-2025-54910 is a RCE in Microsoft Office. It was assigned a CVSSv3 score of 8.4 and is rated critical and assessed as “Exploitation Less Likely.” An attacker could exploit this vulnerability by convincing a target to open a specially crafted Office document. Additionally, the advisory notes that exploitation is possible through Microsoft Outlook’s Preview Pane. Successful exploitation would grant the attacker RCE privileges on the target system. For users of Microsoft Office LTSC for Mac 2021 and 2024, the advisory states that updates are not yet available, but will be released soon.
ImportantCVE-2025-54897 | Microsoft SharePoint Remote Code Execution VulnerabilityCVE-2025-54897 is a RCE vulnerability in Microsoft SharePoint. It was assigned a CVSSv3 score of 8.8 and is rated important and assessed as “Exploitation Less Likely.” In order to exploit this flaw, an attacker would need to be authenticated as any user and privileged accounts, such as admin or other elevated privileges are not necessary to exploit this flaw. Once authenticated, an attacker could either write arbitrary code or use code injection to execute code on a vulnerable SharePoint Server to gain RCE.
CriticalCVE-2025-55224 | Windows Hyper-V Remote Code Execution VulnerabilityCVE-2025-55224 is a RCE in Windows Hyper-V. It was assigned a CVSSv3 score of 7.8, rated as critical and assessed as “Exploitation Less Likely.” According to the advisory, an attacker who is able to win a race condition could traverse from the guest hosts security boundary in order to execute arbitrary code on the Hyper-V host machine. While the attack complexity for this vulnerability is high, the impact would be significant for an attacker who is able to successfully exploit this vulnerability.
ImportantCVE-2025-54091, CVE-2025-54092, CVE-2025-54098, CVE-2025-54115 | Windows Hyper-V Elevation of Privilege VulnerabilitiesCVE-2025-54091, CVE-2025-54092, CVE-2025-54098, CVE-2025-54115 are EoP vulnerabilities in Windows Hyper-V, Microsoft’s virtualization product. CVE-2025-54091, CVE-2025-54092, CVE-2025-54098 were assigned a CVSSv3 score of 7.8 while CVE-2025-54115 was assigned a CVSSv3 score of 7.0. CVE-2025-54098 was assessed as “Exploitation More Likely” while the remaining three flaws were assessed as “Exploitation Less Likely.”
A local, authenticated attacker could exploit these vulnerabilities to elevate to SYSTEM privileges, though in order to exploit CVE-2025-54115, an attacker would first need to win a race condition, which is what contributed to its lower CVSS score.
Tenable SolutionsA list of all the plugins released for Microsoft’s September 2025 Patch Tuesday update can be found here. As always, we recommend patching systems as soon as possible and regularly scanning your environment to identify those systems yet to be patched.
For more specific guidance on best practices for vulnerability assessments, please refer to our blog post on How to Perform Efficient Vulnerability Assessments with Tenable.
Get more informationJoin Tenable's Research Special Operations (RSO) Team on the Tenable Community.
Learn more about Tenable One, the Exposure Management Platform for the modern attack surface.202X Patch Tuesday release.
Microsoft has released its September 2025 Patch Tuesday updates, addressing a total of 81 security vulnerabilities across its product suite. The security patches cover a wide range of software, including Windows, Microsoft Office, Azure, and SQL Server. Among the fixes are 22 Remote Code Execution (RCE) vulnerabilities, making this a significant update for system administrators. […]
The post Microsoft September 2025 Patch Tuesday – 81 Vulnerabilities Fixed Including 22 RCE appeared first on Cyber Security News.
Media streaming company Plex has suffered a data breach and is urging users to reset their account password and enable two-factor authentication. “An unauthorized third party accessed a limited subset of customer data from one of our databases. While we quickly contained the incident, information that was accessed included emails, usernames, securely hashed passwords and authentication data,” the company said in an announcement published on the company’s forums on Monday and sent out via email … More →
The post Plex tells users to change passwords due to data breach, pushes server owners to upgrade appeared first on Help Net Security.