Microsoft has released updates to address a total of 111 vulnerabilities in its software portfolio, of which 16 have been classified as critical. Among these are significant flaws such as CVE-2025-53786, which affects hybrid implementations of Microsoft Exchange Server, and CVE-2025-53779, a privilege escalation vulnerability in Windows Kerberos that was publicly disclosed during the announcement.
A solution so you don’t have to suffer from unforeseen events
The BadSuccessor vulnerability, recently identified, allows an attacker who already has access to certain attributes of Active Directory to compromise a domain, although it only affects 0.7% of the domains in circulation. Experts point out that this flaw can enable an attacker, starting from limited administrative rights, to gain full control of the domain, using techniques such as Kerberoasting or Silver Ticket.
In addition, Microsoft has fixed four remote code execution vulnerabilities that allowed attackers to execute arbitrary commands and compromise systems without client intervention. The firm Check Point has revealed a flaw related to a Rust-based component of the Windows kernel that can cause system crashes and has warned that it could pose a significant risk for companies with large or remote templates.
A relevant aspect is the vulnerability CVE-2025-50154, which allows an attacker to extract NTLM hashes without user interaction, even on fully updated systems. This facilitates relay attacks and unauthorized access, raising concerns about security in corporate environments.
The updates not only address existing vulnerabilities, but also strengthen security measures in applications like Azure OpenAI and Microsoft 365 Copilot BizChat, which have already been mitigated without any action required from users.
