Microsoft has launched updates to treat a total of 111 vulnerabilities in its software portfolio, 16 of which were classified as criticism. Among these, there are significant flaws like CVE-2025-53786, which affects the hybrid deployments of Microsoft Exchange Server, and CVE-2025-53779a vulnerability of climbing privileges in Windows Kerberos which was publicly revealed during disclosure.
A solution so that you do not have to suffer from unforeseen events
Badsuccessor vulnerability, recently identified, allows an attacker who already has access to certain attributes of Active Directory to compromise an area, although it only affects about 0.7 % of the areas in circulation. Specialists stress that this flaw can facilitate an attacker, starting from limited administrative rights, to obtain total domain control, using techniques such as kerberoasting or the silver tick.
In addition, Microsoft has corrected four remote code execution vulnerabilities, which allowed attackers to execute arbitrary orders and compromise systems without intervention by the customer. Check Point has revealed a defect linked to a rust -based component of the Windows kernel which can cause system failures And warned that this could represent a considerable risk for companies with large teams or remote employees.
A relevant aspect is the CVE-2025-50154 vulnerability, which allows an attacker to extract NTLM hocks without requiring user interaction, even on fully updated systems. This facilitates relay attacks and unauthorized access, arousing concerns about security in corporate environments.
Updates are not content to treat existing vulnerabilities, But they also strengthen security measures in applications like Azure Openai and Microsoft 365 Copilot Bizchat, which have already been attenuated without requiring users on the part of users.
