Service Notices
Microsoft Releases August 2025 Security Updates
Aug 18, 2025 GMT+08:00
I. Overview
Huawei Cloud noticed that Microsoft has released its August 2025 Security Updates. A total of 107 security vulnerabilities have been disclosed, among which 13 are marked as important vulnerabilities. Attackers can leverage these vulnerabilities to execute remote code, escalate privileges, and breach information. The affected applications include components such as Microsoft Windows, Microsoft Office, Azure, and SQL Server.
For details, visit the Microsoft official website:
https://msrc.microsoft.com/update-guide/releaseNote/2025-Aug
The following vulnerabilities require close attention as their details have been disclosed or they have already been exploited by attackers:
Windows Kerberos privilege escalation vulnerability (CVE-2025-53779): 0-day vulnerability. Relative path traversal in Windows Kerberos allows an authorized attacker to elevate privileges over a network. The vulnerability has been disclosed, and the risk is high.
9 vulnerabilities (such as CVE-2025-53778, CVE-2025-50177, and CVE-2025-53786) are marked as Exploitation More Likely. For details, see the official announcement. Please perform security self-check and security hardening in a timely manner to reduce attack risks.
II. Severity
Severity: important
(Severity: low, moderate, important, and critical)
III. Affected Products
Microsoft Windows, Microsoft Office, Azure, SQL Server, and other products.
IV. Vulnerability Details
CVE ID |
Vulnerability Name |
Severity |
Vulnerability Description |
CVE-2025-53778 |
Windows NTLM Elevation of Privilege Vulnerability |
Important |
Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network. |
CVE-2025-49707 |
Azure Virtual Machines Spoofing Vulnerability |
Important |
Improper access control in Azure Virtual Machines allows an authorized attacker to perform spoofing locally. |
CVE-2025-53793 |
Azure Stack Hub Information Disclosure Vulnerability |
Important |
Improper authentication in Azure Stack allows an unauthorized attacker to disclose information over a network. |
CVE-2025-53766 |
GDI Remote Code Execution Vulnerability |
Important |
An attacker can trigger this vulnerability by inducing a victim to download and open a document that contains a specially crafted metafile. Successful exploitation of this vulnerability can cause remote code execution on the target system. |
CVE-2025-50177 |
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability |
Important |
An attacker can trigger this vulnerability by sending a series of specially crafted MSMQ packets to the MSMQ server in a fast sequence through HTTP. Successful exploitation of this vulnerability can cause remote code execution on the server side. |
CVE-2025-53781 |
Azure Virtual Machines Information Disclosure Vulnerability |
Important |
Exposure of sensitive information to an unauthorized actor in Azure Virtual Machines allows an authorized attacker to disclose information over a network. |
CVE-2025-53733 |
Microsoft Word Remote Code Execution Vulnerability |
Important |
Incorrect conversion between numeric types in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
CVE-2025-53784 |
Microsoft Word Remote Code Execution Vulnerability |
Important |
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
CVE-2025-50176 |
DirectX Graphics Kernel Remote Code Execution Vulnerability |
Important |
Access of resource using incompatible type ('type confusion') in Graphics Kernel allows an authorized attacker to execute code locally. |
CVE-2025-53740 CVE-2025-53731 |
Microsoft Office Remote Code Execution Vulnerability |
Important |
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. |
CVE-2025-48807 |
Windows Hyper-V Remote Code Execution Vulnerability |
Important |
Improper restriction of communication channel to intended endpoints in Windows Hyper-V allows an authorized attacker to execute code locally. |
CVE-2025-50165 |
Windows Graphics Component Remote Code Execution Vulnerability |
Important |
Untrusted pointer dereference in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network. |
(Note: Vulnerabilities listed above are important ones. For more information, refer to the official website of Microsoft.)
V. Security Recommendations
1. Use Windows Update or download patches from the following address to fix the vulnerabilities:
https://msrc.microsoft.com/update-guide
2. Back up data remotely to protect your data.
Note: Before fixing vulnerabilities, back up your files and conduct a thorough test.