Microsoft’s Patch Tuesday for September 2025, released on September 9, addressed a total of 81 vulnerabilities, including two publicly disclosed zero-day flaws. Here is a breakdown of the key highlights:
Zero-Day Vulnerabilities Fixed
CVE-2025-55234 – Windows SMB Elevation of Privilege
- Exploitable via relay attacks.
- Microsoft recommends enabling.
- MB Server Signing and Extended Protection for Authentication (EPA) to mitigate risks.
CVE-2024-21907 – Denial of Service in Newtonsoft.Json (used in SQL Server)
Triggered via crafted data passed to JsonConvert.DeserializeObject, causing a StackOverflow exception.
Vulnerability Breakdown
- 41 Elevation of Privilege
- 22 Remote Code Execution
- 16 Information Disclosure
- 3 Denial of Service
- 2 Security Feature Bypass
- 1 Spoofing
Critical Vulnerabilities
CVE-2025-54918 – Windows NTLM Authentication Protocol
- Allows attackers to gain SYSTEM-level privileges over the network.
- Rated “Exploitation More Likely”.
CVE-2025-54916 – Windows NTFS Remote Code Execution
- Exploitable via social engineering (e.g., malicious file execution).
- Affects all modern Windows versions.
CVE-2025-54910 – Microsoft Office Preview Pane
Allows code execution without user interaction, especially dangerous for Outlook users.
Windows Update KB Details
KB5065431 – For Windows 11 (OS Builds 22621.5909 and 22631.5909)
- Includes security fixes and servicing stack updates (KB5064743).
- No known issues reported with this update.
Summary Table of the Vulnerabilities Addressed in Microsoft Patch Tuesday – September 2025
At Dual Layer managed IT services, we develop automated patching plans to suit the client needs. Connect with us to learn more about software updates patching practices.