Microsoft’s September 2025 Patch Tuesday updates resolve a complete of 86 vulnerabilities throughout Home windows and different merchandise.
The tech large’s launch notes point out that not one of the security holes patched this month have been exploited within the wild.
Nonetheless, eight of them have an ‘exploitation extra doubtless’ ranking, together with data disclosure and privilege escalation points within the Home windows kernel, a distant code execution vulnerability in Home windows NTFS, and privilege escalation bugs within the Home windows TCP/IP driver, Home windows Hyper-V, Home windows NTLM, and Home windows SMB.
A majority of those vulnerabilities have a ‘excessive severity’ ranking, and the NTLM and SMB points have the best CVSS rating, 8.8/10.
Primarily based on CVSS rating, crucial security gap patched by Microsoft this month is CVE-2025-55232, described as a distant code execution problem within the Excessive Efficiency Compute (HPC) pack. CVE-2025-55232 has a CVSS rating of 9.8.
“Prospects ought to ensure that the HPC Pack clusters are operating in a trusted community secured by firewall guidelines particularly for the TCP port 5999,” Microsoft tells prospects.
Different points with a CVSS rating exceeding 8.0 are CVE-2025-54106 and CVE-2025-54113 (each distant code execution flaws in Routing and Distant Entry Service), CVE-2025-54897 (distant code execution in SharePoint), CVE-2025-54910 (distant code execution in Workplace), and CVE-2025-55227 (privilege escalation in SQL Server).
Nonetheless, all of those vulnerabilities, together with the crucial HPC pack problem, have an exploitability evaluation of ‘exploitation much less doubtless’ or ‘exploitation unlikely’.
Adobe’s Patch Tuesday updates for September 2025 tackle almost two dozen vulnerabilities throughout 9 merchandise, together with crucial ColdFusion and Commerce flaws.
