Microsoft August 2025 Patch Tuesday Fixes A 0-Day And Over 100 Security Flaws

This month's edition of Microsoft Patch Tuesday fixes hundreds of security flaws, including 13 critical flaws and a zero-day vulnerability. It also contains security updates to vulnerabilities initially patched in July's Patch Tuesday.

One of the issues addressed is tracked as CVE-2025-53786, which impacts Microsoft Exchange Server. When exploited, attackers could access a company's cloud through a hacked Exchange Server. Another critical issue in Microsoft Word could let attackers access your PC when you simply view a malicious Word file in the Preview Pane, without even opening it. That's really dangerous, and we are glad that the flaw has been patched. 

The Patch Tuesday also addressed two very serious bugs that impact how Windows renders graphics. These flaws are tracked as CVE-2025-53766 and CVE-2025-50165. Successful exploitation could allow hackers to run harmful code on your computer just by getting it to load a malicious graphic on a webpage or a file from your Office or third-party applications.

It also addressed an issue from a July update that caused sign-in delays on new devices. Other vulnerabilities patched in the update impact Windows New Technology LAN Manager (NTLM), Azure Stack Hub, and Microsoft Message Queuing.


Microsoft has encouraged all users to update their PC ASAP to be patched against the aforementioned vulnerabilities and more. To install the update on your Windows PC, open your Settings app or press Window + I > Windows Update > Download & Install. Since it's a mandatory update, it should automatically install when you check for Windows updates, or you can choose to schedule the installation. Alternatively, you can download and install the update from Microsoft Update Catalog.