Microsoft Fixed 2 Zero-Days With September 2025 Patch Tuesday

79

Hey there, tech enthusiasts! Microsoft has just rolled out the latest Patch Tuesday updates for September 2025, tackling a total of 81 security vulnerabilities across its range of products. What’s interesting is that this batch includes fixes for not one, but two zero-day vulnerabilities, one of which had been making waves since 2024.

Diving Into the Zero-Day Vulnerabilities Addressed This September by Microsoft

The highlight of this month’s security update is the resolution of two zero-day vulnerabilities. While Microsoft is no stranger to addressing zero-day flaws on Patch Tuesday, what sets this update apart is the closure of a year-old vulnerability. Let’s take a closer look at these two zero-day vulnerabilities.

• CVE-2024-21907: This vulnerability first came to light back in January 2024, identified as a stack overflow vulnerability in Newtonsoft.Json resulting from the mishandling of exceptional conditions. By exploiting this flaw, an attacker could trigger a denial of service attack on the target system by feeding manipulated data to the JsonConvert.DeserializeObject method. Microsoft acknowledged the public disclosure of this vulnerability and has addressed it in the latest SQL Server version.
• CVE-2025-55234 (important severity; CVSS 8.8): This vulnerability pertains to a privilege escalation issue in SMB Server that could be exploited by an attacker for relay attacks. While Microsoft confirmed the public disclosure of this vulnerability, no active exploitation attempts have been reported. The tech giant noted that Windows already offers protection against relay attacks, but caution is advised when implementing SMB Server hardening measures to avoid compatibility issues with older devices.

Addressing 8 Critical and 71 Important Severity Vulnerabilities

In addition to the zero-day flaws, Microsoft’s latest update also tackles eight critical vulnerabilities spanning six products, along with 71 important severity flaws. These include 3 denial of service vulnerabilities, 37 privilege escalation issues, 14 information disclosure vulnerabilities, 22 remote code execution vulnerabilities, 1 spoofing vulnerability, and 2 security feature bypasses. Some of the standout vulnerabilities are as follows:

• CVE-2025-54918 (critical severity; CVSS 8.8): This privilege escalation vulnerability in Windows NTLM stems from improper authentication, enabling an authorized attacker to elevate their privileges to SYSTEM level on the target network.
• CVE-2025-54910 (critical severity; CVSS 8.4): A heap-based buffer overflow vulnerability in Microsoft Office could be exploited by a remote unauthorized attacker to execute arbitrary code locally on a targeted device. Microsoft specifically highlighted the Preview Pane as a potential attack vector for this flaw and credited researchers Li Shuang, willJ, and Guang Gong for reporting it.
• CVE-2025-55232 (important severity; CVSS 9.8): This remote code execution vulnerability in the Microsoft High Performance Compute Pack (HPC) arises from the deserialization of untrusted data. Exploiting this flaw could allow the execution of arbitrary code on the target network without user interaction. Microsoft recommends safeguarding HPC Pack clusters behind a secure network, with firewall rules configured for TCP port 5999.
• CVE-2025-53799 (critical severity; CVSS 5.5): An information disclosure vulnerability in Windows Imaging Component is attributed to the use of uninitialized resources. An unauthorized attacker could exploit this flaw by enticing the victim to open a maliciously crafted file, allowing them to access “small portions of heap memory.” Microsoft clarified that the Preview Pane does not pose a threat vector for this vulnerability.

Microsoft ensures that these updates are automatically deployed to eligible systems. However, it’s always wise for users to manually check for updates to stay ahead of potential threats and ensure timely security fixes.

We’d love to hear your thoughts on these latest updates. Share your comments below!