Microsoft Announces Fix for 80 Security Vulnerabilities, Including Critical SMB Privilege Escalation and Azure CVSS 10.0 Issues

On September 10, 2025, Microsoft released patches for 80 security flaws across its software. This update includes one vulnerability that had already been disclosed publicly. Among these, eight are classified as Critical, while 72 are deemed Important. Fortunately, none were exploited in the wild as zero-day vulnerabilities. Similar to the previous month, 38 flaws are linked to privilege escalation, followed by 22 related to remote code execution, 14 concerning information disclosure, and 3 classified as denial-of-service. “For the third time this year, Microsoft has addressed more privilege escalation vulnerabilities than remote code execution issues,” noted Satnam Narang, Senior Staff Research Engineer at Tenable. “Almost half (47.5%) of the vulnerabilities this month are related to privilege escalation.” This patch release also includes updates to 12 vulnerabilities in Microsoft’s Chromium-based Edge browser since August 2025’s Patch Tuesday.

Microsoft Addresses 80 Security Flaws, Including Critical SMB Privilege Escalation and Azure Vulnerabilities

On September 10, 2025, Microsoft released patches for 80 identified security vulnerabilities in its software ecosystem. Among these flaws, eight have been classified as Critical, while the remaining 72 are deemed Important in terms of severity. Notably, one of these vulnerabilities had already been disclosed publicly prior to the release of the patches. Importantly, none of the flaws had been exploited in the wild as zero-day vulnerabilities at the time of this announcement.

The latest patch cycle continues a concerning trend, with 38 of the identified vulnerabilities linked to privilege escalation, while 22 are associated with remote code execution. Information disclosure accounts for 14 vulnerabilities, and three pertain to denial-of-service incidents. According to Satnam Narang, a senior staff research engineer at Tenable, this marks the third occasion within the year when Microsoft has patched more privilege escalation vulnerabilities than those related to remote code execution. In fact, nearly half of the vulnerabilities disclosed in this round—approximately 47.5%—were related to privilege escalation, underscoring a persistent area of risk for organizations.

Additionally, it’s important to note that these recent patches supplement the 12 vulnerabilities already addressed in Microsoft’s Chromium-based Edge browser since the previous month’s Patch Tuesday update. This points to an ongoing effort by Microsoft to bolster the security of its software against emerging threats.

Business owners must take heed of these vulnerabilities, especially those related to privilege escalation, as they directly compromise users’ ability to maintain control over systems and data. Exploits leveraging such weaknesses can enable adversaries to gain unauthorized access and escalate their privileges within a compromised environment. Furthermore, the detected vulnerabilities may have utilized tactics from the MITRE ATT&CK framework, particularly techniques pertaining to initial access and privilege escalation. Such techniques could allow adversaries to infiltrate a system unnoticed and elevate their access rights to execute malicious operations.

Given the prevalence of these vulnerabilities, organizations are urged to apply the latest patches promptly and to routinely assess their security postures. Implementing preventive measures can significantly mitigate the risks stemming from these identified weaknesses.

In conclusion, while Microsoft continues to strengthen its software ecosystem, the discharge of 80 vulnerabilities highlights ongoing challenges in cybersecurity. For business owners, staying informed and practicing vigilance will be crucial in navigating an increasingly complex threat landscape.

Source link

Related Posts

Unlocking Boardroom Communication: Empowering CISOs to Articulate Business Impact

 
Sep 11, 2025
Continuous Threat Exposure Management

CISOs possess deep expertise in their domain—they are well-versed in the threat landscape, capable of building robust and cost-effective security systems, adept at staffing, navigating compliance intricacies, and managing risk. But a recurring challenge arises in discussions with these security leaders: how can they effectively convey the implications of risk to business decision-makers?

Boards focus on how risk influences revenue, governance, and growth, often showing little interest in detailed vulnerability lists or technicalities. When the narrative becomes overly technical, even critical initiatives can stall and miss funding.

CISOs must learn to translate technical challenges into business-friendly language, fostering trust, gaining support, and demonstrating how security decisions tie directly to sustainable growth. This urgent need to bridge the communication divide between CISOs and Boards has driven us to establish a new framework for CISO engagement.

Exploitation of SonicWall SSL VPN Vulnerability and Misconfigurations by Akira Ransomware Group on the Rise

September 11, 2025

Cybersecurity threats linked to the Akira ransomware group have intensified, specifically targeting SonicWall devices for initial breaches. Rapid7 has reported a notable increase in attacks on SonicWall appliances, coinciding with heightened Akira ransomware activity noted since late July 2025. SonicWall recently identified that these SSL VPN attacks exploit a year-old security vulnerability (CVE-2024-40766, CVSS score: 9.3) where local user passwords remained unchanged during migration. “We are seeing a surge in attempts by threat actors to brute-force user credentials,” the company commented. To mitigate risks, they advise enabling Botnet Filtering to block known threats and implementing Account Lockout policies. SonicWall also urged users to review LDAP SSL VPN Default User Groups, highlighting that misconfigurations could represent a “critical weak point.”

Senator Wyden Calls for FTC Investigation into Microsoft Over Ransomware-Related Cybersecurity Failures

U.S. Senator Ron Wyden is urging the Federal Trade Commission (FTC) to investigate Microsoft for what he describes as “gross cybersecurity negligence” that has facilitated ransomware attacks on critical U.S. infrastructure, particularly targeting healthcare networks. In a detailed four-page letter to FTC Chairman Andrew Ferguson, Wyden warned that Microsoft’s lax cybersecurity practices, combined with its near-monopoly in the enterprise operating system market, create a significant national security risk, making further attacks likely. He likened Microsoft’s behavior to that of “an arsonist selling firefighting services to their victims.” This request follows new revelations from the healthcare provider Ascension, which experienced a devastating ransomware attack last year, compromising personal and medical data of nearly 5.6 million individuals.

Security Flaw in Cursor AI Code Editor Allows Covert Code Execution through Malicious Repositories

Sep 12, 2025
AI Security / Vulnerability

A newly identified security vulnerability in the AI-driven code editor, Cursor, may lead to unauthorized code execution when users open compromised repositories. The issue arises from the default disabling of an essential security feature, which permits attackers to execute arbitrary code on a user’s system with their privileges. According to an analysis by Oasis Security, “Cursor ships with Workspace Trust disabled by default, so VS Code-style tasks configured with runOptions.runOn: ‘folderOpen’ auto-execute the moment a developer browses a project. A malicious .vscode/tasks.json sneaks a casual ‘open folder’ into silent code execution within the user’s context.” Cursor, an AI-enhanced adaptation of Visual Studio Code, includes the Workspace Trust feature designed to help developers navigate and edit code safely, regardless of its origin or authorship.