Monthly Patch
August 2025 Monthly Patch
14 August 2025
Microsoft has released security patches to address multiple vulnerabilities in their software and products.
Microsoft has released security patches to address multiple vulnerabilities in their software and products.
The vulnerabilities that have been classified as Critical in severity are listed in the table below.
For the full list of security patches released by Microsoft, please refer to https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2025-Aug
CRITICAL VULNERABILITIES
Table caption
CVE Number | CVE Name | Base Score | Reference |
|---|---|---|---|
CVE-2025-53767 | Azure OpenAI Elevation of Privilege Vulnerability | 10.0 | https://msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2025-53767 |
CVE-2025-50165 | Windows Graphics Component Remote Code Execution Vulnerability | 9.8 | https://msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2025-50165 |
CVE-2025-53766 | GDI+ Remote Code Execution Vulnerability | 9.8 | https://msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2025-53766 |
CVE-2025-53792 | Azure Portal Elevation of Privilege Vulnerability | 9.1 | https://msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2025-53792 |
CVE-2025-53778 | Windows NTLM Elevation of Privilege Vulnerability | 8.8 | https://msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2025-53778 |
CVE-2025-53784 | Microsoft Word Remote Code Execution Vulnerability | 8.4 | https://msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2025-53784 |
CVE-2025-53733 | Microsoft Word Remote Code Execution Vulnerability | 8.4 | https://msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2025-53733 |
CVE-2025-53740 | Microsoft Office Remote Code Execution Vulnerability | 8.4 | https://msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2025-53740 |
CVE-2025-53731 | Microsoft Office Remote Code Execution Vulnerability | 8.4 | https://msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2025-53731 |
CVE-2025-53787 | Microsoft 365 Copilot BizChat Information Disclosure Vulnerability | 8.2 | https://msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2025-53787 |
CVE-2025-50177 | Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | 8.1 | https://msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2025-50177 |
CVE-2025-49707 | Azure Virtual Machines Spoofing Vulnerability | 7.9 | https://msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2025-49707 |
CVE-2025-50176 | DirectX Graphics Kernel Remote Code Execution Vulnerability | 7.8 | https://msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2025-50176 |
CVE-2025-53781 | Azure Virtual Machines Information Disclosure Vulnerability | 7.7 | https://msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2025-53781 |
CVE-2025-48807 | Windows Hyper-V Remote Code Execution Vulnerability | 7.5 | https://msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2025-48807 |
CVE-2025-53793 | Azure Stack Hub Information Disclosure Vulnerability | 7.5 | https://msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2025-53793 |
CVE-2025-53774 | Microsoft 365 Copilot BizChat Information Disclosure Vulnerability | 6.5 | https://msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2025-53774 |