Today’s Patch Tuesday Alert addresses Microsoft’s August 2025 Security Updates. We are actively working on coverage for these vulnerabilities and expect to ship ASPL-1169 as soon as coverage is completed.
In-The-Wild & Disclosed CVEs
A vulnerability in Windows Server 2025 allows authorized users with access to the msds-groupMSAMembership and msds-ManagedAccountPrecededByLink attributes of Delegated Managed Service Accounts (dMSA) to gain domain administrator privileges. Microsoft has reported this vulnerability as Exploitation Less Likely.
CVE Breakdown by Tag
While historical Microsoft Security Bulletin groupings are gone, Microsoft vulnerabilities are tagged with an identifier. This list provides a breakdown of the CVEs on a per tag basis. Vulnerabilities are also color coded to aid with identifying key issues.
- Traditional Software
- Mobile Software
- Cloud or Cloud Adjacent
- Vulnerabilities that are being exploited or that have been disclosed will be highlighted
| Tag | CVE Count | CVEs |
| Role: Windows Hyper-V | 5 | CVE-2025-49751, CVE-2025-50167, CVE-2025-53155, CVE-2025-53723, CVE-2025-48807 |
| Microsoft Dynamics 365 (on-premises) | 2 | CVE-2025-49745, CVE-2025-53728 |
| SQL Server | 5 | CVE-2025-49758, CVE-2025-53727, CVE-2025-24999, CVE-2025-49759, CVE-2025-47954 |
| Azure File Sync | 1 | CVE-2025-53729 |
| Microsoft Exchange Server | 5 | CVE-2025-33051, CVE-2025-53786, CVE-2025-25005, CVE-2025-25006, CVE-2025-25007 |
| Microsoft Office Visio | 2 | CVE-2025-53730, CVE-2025-53734 |
| Microsoft Office Excel | 5 | CVE-2025-53741, CVE-2025-53759, CVE-2025-53735, CVE-2025-53737, CVE-2025-53739 |
| Microsoft Office SharePoint | 2 | CVE-2025-53760, CVE-2025-49712 |
| Microsoft Office PowerPoint | 1 | CVE-2025-53761 |
| Web Deploy | 1 | CVE-2025-53772 |
| GitHub Copilot and Visual Studio | 1 | CVE-2025-53773 |
| Azure Virtual Machines | 2 | CVE-2025-53781, CVE-2025-49707 |
| Microsoft Edge (Chromium-based) | 8 | CVE-2025-8582, CVE-2025-8581, CVE-2025-8580, CVE-2025-8578, CVE-2025-8576, CVE-2025-8583, CVE-2025-8579, CVE-2025-8577 |
| Microsoft Graphics Component | 2 | CVE-2025-49743, CVE-2025-50165 |
| Windows Routing and Remote Access Service (RRAS) | 12 | CVE-2025-49757, CVE-2025-50156, CVE-2025-50160, CVE-2025-50162, CVE-2025-50163, CVE-2025-50164, CVE-2025-53138, CVE-2025-53148, CVE-2025-53153, CVE-2025-53719, CVE-2025-53720, CVE-2025-50157 |
| Windows Kernel | 2 | CVE-2025-49761, CVE-2025-53151 |
| Windows Ancillary Function Driver for WinSock | 7 | CVE-2025-49762, CVE-2025-53134, CVE-2025-53137, CVE-2025-53141, CVE-2025-53147, CVE-2025-53154, CVE-2025-53718 |
| Desktop Windows Manager | 2 | CVE-2025-50153, CVE-2025-53152 |
| Windows File Explorer | 1 | CVE-2025-50154 |
| Windows NTFS | 1 | CVE-2025-50158 |
| Remote Access Point-to-Point Protocol (PPP) EAP-TLS | 1 | CVE-2025-50159 |
| Windows Win32K - GRFX | 2 | CVE-2025-50161, CVE-2025-53132 |
| Windows Distributed Transaction Coordinator | 1 | CVE-2025-50166 |
| Windows Win32K - ICOMP | 1 | CVE-2025-50168 |
| Windows SMB | 1 | CVE-2025-50169 |
| Windows Cloud Files Mini Filter Driver | 1 | CVE-2025-50170 |
| Remote Desktop Server | 1 | CVE-2025-50171 |
| Windows DirectX | 2 | CVE-2025-50172, CVE-2025-53135 |
| Windows Installer | 1 | CVE-2025-50173 |
| Graphics Kernel | 1 | CVE-2025-50176 |
| Windows Message Queuing | 4 | CVE-2025-50177, CVE-2025-53143, CVE-2025-53144, CVE-2025-53145 |
| Windows Media | 1 | CVE-2025-53131 |
| Windows PrintWorkflowUserSvc | 1 | CVE-2025-53133 |
| Windows NT OS Kernel | 1 | CVE-2025-53136 |
| Kernel Transaction Manager | 1 | CVE-2025-53140 |
| Microsoft Brokering File System | 1 | CVE-2025-53142 |
| Kernel Streaming WOW Thunk Service Driver | 1 | CVE-2025-53149 |
| Storage Port Driver | 1 | CVE-2025-53156 |
| Windows Local Security Authority Subsystem Service (LSASS) | 1 | CVE-2025-53716 |
| Windows Connected Devices Platform Service | 1 | CVE-2025-53721 |
| Windows Remote Desktop Services | 1 | CVE-2025-53722 |
| Windows Push Notifications | 4 | CVE-2025-53724, CVE-2025-53725, CVE-2025-53726, CVE-2025-50155 |
| Microsoft Office | 3 | CVE-2025-53731, CVE-2025-53732, CVE-2025-53740 |
| Microsoft Office Word | 4 | CVE-2025-53733, CVE-2025-53736, CVE-2025-53738, CVE-2025-53784 |
| Azure Stack | 2 | CVE-2025-53765, CVE-2025-53793 |
| Windows GDI+ | 1 | CVE-2025-53766 |
| Windows Security App | 1 | CVE-2025-53769 |
| Windows NTLM | 1 | CVE-2025-53778 |
| Windows Kerberos | 1 | CVE-2025-53779 |
| Microsoft Teams | 1 | CVE-2025-53783 |
| Windows Subsystem for Linux | 1 | CVE-2025-53788 |
| Windows StateRepository API | 1 | CVE-2025-53789 |
| Azure Portal | 1 | CVE-2025-53792 |
| Azure OpenAI | 1 | CVE-2025-53767 |
| Microsoft 365 Copilot's Business Chat | 2 | CVE-2025-53774, CVE-2025-53787 |
| Microsoft Edge for Android | 2 | CVE-2025-49755, CVE-2025-49736 |
Other Information
At the time of publication, there were no new advisories included with the August Security Guidance.
