Microsoft September 2025 Security Updates

Discussion in 'Software' started by NICK ADSL UK, Sep 9, 2025.

Thread Status:
Not open for further replies.
  1. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    September 2025 Security Updates

    This release consists of the following 86 Microsoft CVEs:

    Tag CVE Base Score CVSS Vector Exploitability FAQs? Workarounds? Mitigations?
    SQL Server CVE-2025-47997
    Azure Windows Virtual Machine Agent CVE-2025-49692
    Windows PowerShell CVE-2025-49734
    Microsoft Edge (Chromium-based) CVE-2025-53791
    Windows Routing and Remote Access Service (RRAS) CVE-2025-53796
    Windows Routing and Remote Access Service (RRAS) CVE-2025-53797
    Windows Routing and Remote Access Service (RRAS) CVE-2025-53798
    Windows Imaging Component CVE-2025-53799
    Microsoft Graphics Component CVE-2025-53800
    Windows DWM CVE-2025-53801
    Windows Bluetooth Service CVE-2025-53802
    Windows Kernel CVE-2025-53803
    Windows Kernel CVE-2025-53804
    Windows Internet Information Services CVE-2025-53805
    Windows Routing and Remote Access Service (RRAS) CVE-2025-53806
    Microsoft Graphics Component CVE-2025-53807
    Windows Defender Firewall Service CVE-2025-53808
    Windows Local Security Authority Subsystem Service (LSASS) CVE-2025-53809
    Windows Defender Firewall Service CVE-2025-53810
    Role: Windows Hyper-V CVE-2025-54091
    Role: Windows Hyper-V CVE-2025-54092
    Windows TCP/IP CVE-2025-54093
    Windows Defender Firewall Service CVE-2025-54094
    Windows Routing and Remote Access Service (RRAS) CVE-2025-54095
    Windows Routing and Remote Access Service (RRAS) CVE-2025-54096
    Windows Routing and Remote Access Service (RRAS) CVE-2025-54097
    Role: Windows Hyper-V CVE-2025-54098
    Windows Ancillary Function Driver for WinSock CVE-2025-54099
    Windows SMBv3 Client CVE-2025-54101
    Windows Connected Devices Platform Service CVE-2025-54102
    Windows Management Services CVE-2025-54103
    Windows Defender Firewall Service CVE-2025-54104
    Microsoft Brokering File System CVE-2025-54105
    Windows Routing and Remote Access Service (RRAS) CVE-2025-54106
    Windows MapUrlToZone CVE-2025-54107
    Capability Access Management Service (camsvc) CVE-2025-54108
    Windows Defender Firewall Service CVE-2025-54109
    Windows Kernel CVE-2025-54110
    Windows UI XAML Phone DatePickerFlyout CVE-2025-54111
    Microsoft Virtual Hard Drive CVE-2025-54112
    Windows Routing and Remote Access Service (RRAS) CVE-2025-54113
    Windows Connected Devices Platform Service CVE-2025-54114
    Role: Windows Hyper-V CVE-2025-54115
    Windows MultiPoint Services CVE-2025-54116
    Windows Local Security Authority Subsystem Service (LSASS) CVE-2025-54894
    Windows SPNEGO Extended Negotiation CVE-2025-54895
    Microsoft Office Excel CVE-2025-54896
    Microsoft Office SharePoint CVE-2025-54897
    Microsoft Office Excel CVE-2025-54898
    Microsoft Office Excel CVE-2025-54899
    Microsoft Office Excel CVE-2025-54900
    Microsoft Office Excel CVE-2025-54901
    Microsoft Office Excel CVE-2025-54902
    Microsoft Office Excel CVE-2025-54903
    Microsoft Office Excel CVE-2025-54904
    Microsoft Office Word CVE-2025-54905
    Microsoft Office CVE-2025-54906
    Microsoft Office Visio CVE-2025-54907
    Microsoft Office PowerPoint CVE-2025-54908
    Microsoft Office CVE-2025-54910
    Windows BitLocker CVE-2025-54911
    Windows BitLocker CVE-2025-54912
    Windows UI XAML Maps MapControlSettings CVE-2025-54913
    Windows Defender Firewall Service CVE-2025-54915
    Windows NTFS CVE-2025-54916
    Windows MapUrlToZone CVE-2025-54917
    Windows NTLM CVE-2025-54918
    Windows Win32K - GRFX CVE-2025-54919
    Graphics Kernel CVE-2025-55223
    Windows Win32K - GRFX CVE-2025-55224
    Windows Routing and Remote Access Service (RRAS) CVE-2025-55225
    Graphics Kernel CVE-2025-55226
    SQL Server CVE-2025-55227
    Windows Win32K - GRFX CVE-2025-55228
    Microsoft High Performance Compute Pack (HPC) CVE-2025-55232
    Windows SMB CVE-2025-55234
    Graphics Kernel CVE-2025-55236
    Microsoft Office CVE-2025-55243
    Xbox CVE-2025-55245
    Azure Arc CVE-2025-55316
    Microsoft AutoUpdate (MAU) CVE-2025-55317

    We are republishing 5 non-Microsoft CVEs:
    CNA Tag CVE FAQs? Workarounds? Mitigations?
    VulnCheck SQL Server CVE-2024-21907
    Chrome Microsoft Edge (Chromium-based) CVE-2025-9864
    Chrome Microsoft Edge (Chromium-based) CVE-2025-9865
    Chrome Microsoft Edge (Chromium-based) CVE-2025-9866
    Chrome Microsoft Edge (Chromium-based) CVE-2025-9867

    Security Update Guide Blog Posts
    Date Blog Post
    November 12, 2024 Toward greater transparency: Publishing machine-readable CSAF files
    June 27, 2024 Toward greater transparency: Unveiling Cloud Service CVEs
    April 9, 2024 Toward greater transparency: Security Update Guide now shares CWEs for CVEs
    January 6, 2023 Publishing CBL-Mariner CVEs on the Security Update Guide CVRF API
    January 11, 2022 Coming Soon: New Security Update Guide Notification System
    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
    December 8, 2020 Security Update Guide: Let’s keep the conversation going
    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide

    Relevant Resources
    • The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
    • Windows 10 and Windows 11 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10 and Windows 11, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 and Windows 11 operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.

    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    5065306 Windows Server 2022 Hotpatch
    5065426 Windows 11, version 24H2
    5065432 Windows Server 2022
    5065474 Windows Server 2025 Hotpatch
    5065508 Windows Server 2008 (Monthly Rollup)
    5065511 Windows Server 2008 (Security-only update)
    Released: Sep 9, 2025

    September 2025 Security Updates - Release Notes - Security Update Guide - Microsoft
     
    NICK ADSL UK, Sep 9, 2025
    #1
Thread Status:
Not open for further replies.

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds