You are currently viewing 81 Flaws Fixed, Two Zero Days In Microsoft’s September 2025 Patch Tuesday

81 Flaws Fixed, Two Zero Days In Microsoft’s September 2025 Patch Tuesday

  • Post author:
  • Reading time:3 mins read

The biggest day of the month is here! This Patch Tuesday, Microsoft has released patches for 81 flaws, including 9 critical bugs and 2 zero-days.

The chart below displays the types of flaws that have been patched today.

Elevation of Privilege is the most common vulnerability type with 41 patched flaws, and Remote Code Execution is the runner-up with 22.

Vulnerability Details

Two zero days were patched this month, both publicly disclosed.

CVE-2025-55234: A high-severity Windows SMB privilege escalation flaw, this vulnerability exposes misconfigured SMB Servers to relay-based elevation of privilege attacks – enabling unauthorized attackers to elevate their privileges by manipulating network authentication traffic. It stems from improper authentication handling in the SMB Server, particularly when hardening measures (like SMB signing and Extended Protection for Authentication) are not enforced.

As a preventive measure, Microsoft added auditing features in the September 2025 update to help customers assess compatibility before enforcing SMB hardening. Failure to adequately audit or configure SMB mechanisms could allow an adversary to relay authentication attempts and gain elevated access, presenting a serious risk to enterprise network environments.

CVE-2024-21907: A noteworthy deserialization vulnerability in the widely used Newtonsoft.Json (.NET JSON library) before version 13.0.1 enables remote attackers to trigger a Denial-of-Service. Specifically, crafted JSON input with deeply nested structures passed into JsonConvert.DeserializeObject it can provoke a StackOverflowException or resource exhaustion, depending on the call context. This flaw stems from improper handling of exceptional conditions (CWE-755), allowing untrusted JSON to crash applications (especially web services and APIs) by overwhelming their stacks or CPU.

The issue was spotlighted back in 2018 by Aleph Security, but only recently incorporated into Microsoft’s security updates. Mitigating this threat requires upgrading to version 13.0.1 (which adds depth protections) or setting a safer MaxDepth in JsonSerializerSettings as a stopgap.

Affected Products and Solution

If you have any of the following products installed, update them! Microsoft’s Security Update Guide details mitigations and patches for each vulnerability. You can also use tools to help you apply said patches.

  • Azure – Networking
  • Azure Arc
  • Azure Bot Service
  • Azure Entra
  • Azure Windows Virtual Machine Agent
  • Capability Access Management Service (camsvc)
  • Dynamics 365 FastTrack Implementation Assets
  • Graphics Kernel
  • Microsoft AutoUpdate (MAU)
  • Microsoft Brokering File System
  • Microsoft Edge (Chromium-based)
  • Microsoft Graphics Component
  • Microsoft High Performance Compute Pack (HPC)
  • Microsoft Office
  • Microsoft Office Excel
  • Microsoft Office PowerPoint
  • Microsoft Office SharePoint
  • Microsoft Office Visio
  • Microsoft Office Word
  • Microsoft Virtual Hard Drive
  • Windows Hyper-V
  • SQL Server
  • Windows Ancillary Function Driver for WinSock
  • Windows BitLocker
  • Windows Bluetooth Service
  • Windows Connected Devices Platform Service
  • Windows Defender Firewall Service
  • Windows DWM
  • Windows Imaging Component
  • Windows Internet Information Services
  • Windows Kernel
  • Windows Local Security Authority Subsystem Service (LSASS)
  • Windows Management Services
  • Windows MapUrlToZone
  • Windows MultiPoint Services
  • Windows NTFS
  • Windows NTLM
  • Windows PowerShell
  • Windows Routing and Remote Access Service (RRAS)
  • Windows SMB
  • Windows SMBv3 Client
  • Windows SPNEGO Extended Negotiation
  • Windows TCP/IP
  • Windows UI XAML Maps MapControlSettings
  • Windows UI XAML Phone DatePickerFlyout
  • Windows Win32K – GRFX
  • XBox Gaming Services

Instantly Fix Risks with Saner Patch Management

Saner patch management is a continuous, automated, and integrated software that instantly fixes risks exploited in the wild. The software supports major operating systems like Windows, Linux, and macOS, as well as 550+ third-party applications.

It also allows you to set up a safe testing area to test patches before deploying them in a primary production environment. Saner patch management additionally supports a patch rollback feature in case of patch failure or a system malfunction.

Experience the fastest and most accurate patching software here.