Microsoft Patch Tuesday, September 2025 Edition

Microsoft released security updates fixing more than 80 vulnerabilities — including 13 critical flaws — across Windows and related components; notable CVEs discussed include CVE-2025-54918 (NTLM privilege escalation, network-exploitable), CVE-2025-55234 (SMB client replay attack with potential code execution), and CVE-2025-54916 (NTFS RCE requiring user interaction). The report also notes Apple and Google patched actively exploited zero-days (including an exploit chain involving WhatsApp used to deliver advanced spyware), and urges administrators to test and deploy updates and maintain backups.