Fortra's August 2025 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Google.
First on the list are patches for Chromium and Microsoft Edge (Chromium-based) that resolve use-after-free and inappropriate implementation vulnerabilities.
Next on the list are patches for Microsoft Office, Word, Excel, PowerPoint, and Visio. These patches resolve 15 issues, including remote code execution and information disclosure vulnerabilities.
Up next are patches that affect components of the core Windows operating system. These patches resolve over 60 vulnerabilities, including elevation of privilege, denial of service, information disclosure, and remote code execution vulnerabilities. These vulnerabilities affect Kernel, Imaging, Remote Desktop, Media, SMB, Kernel, RRAS, Web Deploy, GDI+, Ancillary Function Driver for WinSock, DirectX, File Explorer, Graphics, MSMQ, and various others.
Lastly, administrators should focus on server-side patches for Exchange, SQL Server, SharePoint, Hyper-V, SharePoint, and Dynamics that resolve 19 issues including remote code execution, elevation of privilege, denial of service, information disclosure, tampering, cross-site scripting, and spoofing vulnerabilities.
| BULLETIN | CVE |
|---|---|
| Microsoft Edge (Chromium-based) | CVE-2025-8576, CVE-2025-8577, CVE-2025-8578, CVE-2025-8579, CVE-2025-8580, CVE-2025-8581, CVE-2025-8582, CVE-2025-8583 |
| Microsoft Office Word | CVE-2025-53736, CVE-2025-53733, CVE-2025-53784, CVE-2025-53738 |
| Microsoft Office | CVE-2025-53740, CVE-2025-53732, CVE-2025-53731 |
| Microsoft Office PowerPoint | CVE-2025-53761 |
| Microsoft Office Visio | CVE-2025-53734, CVE-2025-53730 |
| Microsoft Office Excel | CVE-2025-53741, CVE-2025-53759, CVE-2025-53739, CVE-2025-53737, CVE-2025-53735 |
| Windows I | CVE-2025-53148, CVE-2025-50157, CVE-2025-53153, CVE-2025-53719, CVE-2025-53138, CVE-2025-50156, CVE-2025-50163, CVE-2025-50162, CVE-2025-50160, CVE-2025-50164, CVE-2025-49757, CVE-2025-53720, CVE-2025-53772, CVE-2025-53766, CVE-2025-53142, CVE-2025-53131, CVE-2025-50173, CVE-2025-49762, CVE-2025-53147, CVE-2025-53141, CVE-2025-53154, CVE-2025-53718, CVE-2025-53134, CVE-2025-53137, CVE-2025-50172, CVE-2025-53135, CVE-2025-53149, CVE-2025-53140, CVE-2025-50154, CVE-2025-50155, CVE-2025-53724, CVE-2025-53725, CVE-2025-53726, CVE-2025-50168, CVE-2025-49743, CVE-2025-50165 |
| Windows II | CVE-2025-50177, CVE-2025-53144, CVE-2025-53145, CVE-2025-53143, CVE-2025-50161, CVE-2025-53132, CVE-2025-49761, CVE-2025-53151, CVE-2025-50153, CVE-2025-53152, CVE-2025-53716, CVE-2025-53721, CVE-2025-53778, CVE-2025-53788, CVE-2025-53133, CVE-2025-50159, CVE-2025-53722, CVE-2025-53156, CVE-2025-53769, CVE-2025-53789, CVE-2025-50171, CVE-2025-50176, CVE-2025-53779, CVE-2025-50166, CVE-2025-53136, CVE-2025-50170, CVE-2025-50169, CVE-2025-50158 |
| Microsoft Exchange Server | CVE-2025-53786, CVE-2025-33051, CVE-2025-25006, CVE-2025-25007, CVE-2025-25005 |
| SQL Server | CVE-2025-24999, CVE-2025-49758, CVE-2025-49759, CVE-2025-47954, CVE-2025-53727 |
| Microsoft Office SharePoint | CVE-2025-53760, CVE-2025-49712 |
| Microsoft Dynamics 365 (on-premises) | CVE-2025-53728, CVE-2025-49745 |
| Windows Hyper-V | CVE-2025-49751, CVE-2025-50167, CVE-2025-53155, CVE-2025-53723, CVE-2025-48807 |
Cybercrime Intelligence Shouldn't Be Siloed
Fortra® experts are dedicated to protecting organizations and the public by delivering the latest insights, data, and defenses to strengthen security against emerging cyber threats.
