Overview

Today is Microsoft’s August 2025 Patch Tuesday, which includes security updates for 107 flaws, including one publicly disclosed zero-day vulnerability in Windows Kerberos.

This Patch Tuesday also fixes thirteen “Critical” vulnerabilities, nine of which are remote code execution vulnerabilities, three are information disclosure, and one is elevation of privileges.

The number of bugs in each vulnerability category is listed below:

  • 44 Elevation of Privilege Vulnerabilities
  • 35 Remote Code Execution Vulnerabilities
  • 18 Information Disclosure Vulnerabilities
  • 4 Denial of Service Vulnerabilities
  • 9 Spoofing Vulnerabilities

 

Publicly Disclosed Zero-Day

CVE-2025-53779 – Windows Kerberos Elevation of Privilege Vulnerability

Microsoft fixes a flaw in Windows Kerberos that allows an authenticated attacker to gain domain administrator privileges. “Relative path traversal in Windows Kerberos allows an authorized attacker to elevate privileges over a network,” explains Microsoft.

Microsoft says that an attacker would need to have elevated access to the following dMSA attributes to exploit the flaw:

  • msds-groupMSAMembership: This attribute allows the user to utilize the dMSA.
  • msds-ManagedAccountPrecededByLink: The attacker needs write access to this attribute, which allows them to specify a user that the dMSA can act on behalf of.

While this vulnerability has been publicly disclosed, there are no current indications that it is actively being exploited.

 

Affected Devices

Windows 10 – Cumulative update versions prior to KB5063709 for Windows 10 22H2 and Windows 10 21H2

Windows 11  – Cumulative update versions prior to KB5063878 and KB5063875 for versions 24H2 and 23H2

 

Recommended Remediations

ctrl:cyber strongly recommends the following actions to mitigate risk of exploitation:

  • Apply Security Updates: Download and apply the latest security patches from Microsoft for all affected systems to mitigate the risk of exploitation. More information on available security patches can be found in the Microsoft Update Guide.
  • Restrict Administrative Privileges: Enforce the principle of least privilege to limit potential impact from privilege escalation exploits.
  • Conduct Regular Audits: Perform routine security assessments to proactively identify and remediate potential vulnerabilities within your systems.

Source