Microsoft Patch Tuesday, August 2025 Edition

Microsoft’s August 2025 Patch Tuesday addresses more than 100 vulnerabilities including multiple critical flaws: an Exchange Server bug that can pivot a compromise into cloud/Office 365 environments (CVE-2025-53786), a Kerberos dMSA privilege escalation dubbed “BadSuccessor” (CVE-2025-53779) that can yield domain admin, several remote code execution bugs in GDI+ and Word, and an NTLM elevation (CVE-2025-53778). Patches and mitigations are available but some fixes require manual configuration; Microsoft reports no confirmed exploitation so far, though the impact and exposure (tens of thousands of vulnerable Exchange hosts) make rapid patching and hardening important. The article also suggests migration options for Windows 10 users reaching end of support.