Let's see how we can help you!
Leave a message and our dedicated advisor will contact you.
Send us a message
0/10000
Patch Tuesday: Microsoft Patches Two Zero-Days and a Critical NTLM Flaw
Published: 00:00 09/15/2025
Podatności
September's Big Patch Day
As with every second Tuesday of the month, Windows administrators worldwide were nervously refreshing their Windows Update service. As part of the September "Patch Tuesday," Microsoft released 84 security fixes, 8 of which were rated as critical. This time, however, the bundle included two particularly nasty surprises.
Two Zero-Days Served on a Silver Platter
Among the patched holes were two zero-day vulnerabilities, meaning they were known and potentially actively exploited by cybercriminals before Microsoft could release a fix.
- CVE-2025-55234 (CVSS 8.8): This flaw in the Windows SMB Server service allowed for relay attacks, enabling attackers to impersonate users on a network. The vulnerability was publicly disclosed, further increasing the risk of its widespread exploitation.
- The second vulnerability, though less detailed, was also actively exploited, giving attackers unauthorized access to systems.
Watch Out for NTLM!
The biggest stir, however, was caused by the critical vulnerability CVE-2025-54918 (CVSS 8.8) in the Windows NTLM authentication mechanism. This flaw allowed an authenticated (but low-privileged) attacker to remotely elevate their privileges to the SYSTEM level. In simpler terms: someone with basic access could easily become the lord and master of the server. It's like giving an intern the keys to the server room and the code to the safe.
This month, Microsoft also patched a range of other critical vulnerabilities in products like Microsoft Office, Windows Graphics Component, and Hyper-V, which could lead to remote code execution.
The recommendation, as always, is simple and boring, but crucial: patch your systems before cybercriminals do it for you, because unlike us, they never take a day off.
If you want to better understand the zero-day phenomenon and their global market, read our comprehensive guide to 0-day vulnerabilities.
Sources: CrowdStrike, Redmond Magazine
About the Author
Aleksander Zębrowski
Chief Technology Officer at SecurHub.pl
PhD candidate in neuroscience. Psychologist and IT expert specializing in cybersecurity.
Related Articles
Podatności
Urgent Alert: Google Patches Critical Chrome Flaw Exploited by Hackers
Google has released an emergency update for the Chrome browser to patch a zero-day vulnerability (CVE-2025-10585) that is already being actively exploited in the wild. Don't wait, update your browser now!
22.09.2025
3 min
Podatności
Top Critical Vulnerabilities of the Week: September 2025
A review of the most dangerous cybersecurity vulnerabilities reported in the second week of September 2025—priority flaws concern Windows, Microsoft Office, Android, and ICS.
12.09.2025
4 min
Podatności
Cl0p Steals Data Through Oracle Vulnerability – Is Your Company Next in Line?
The Cl0p ransomware group exploited a zero-day in Oracle E-Business Suite (CVE-2025-61882), stealing data from multiple companies in August. Oracle just released a patch, but experts warn: check your systems now, as attacks continue.
06.10.2025
4 min
Comments
Loading comments...