Ethical Hacking News
September 2025 Patch Tuesday has brought a slew of security updates and vulnerability fixes to address a total of 81 flaws, including two zero-day vulnerabilities that have been actively exploited. This month's patch includes fixes for Windows SMB Server and Microsoft SQL Server, as well as various other products such as Adobe, Argo, Cisco, SAP, Sitecore, TP-Link, and Xbox. The Patch Tuesday fixes address a range of security risks, including exploitation through relay attacks or the use of low-privileged API tokens.
Microsoft's September 2025 Patch Tuesday includes 81 security updates and fixes for various products, including Windows SMB Server and Microsoft SQL Server. The update addresses two zero-day vulnerabilities that have been actively exploited, including CVE-2025-55234 and CVE-2024-21907. Other vendors such as Adobe, Argo, Cisco, SAP, Sitecore, TP-Link, and Xbox have also released updates or advisories in September 2025. The severity of these vulnerabilities is high, allowing attackers to perform relay attacks, access API endpoints, or cause denial-of-service conditions.
Microsoft's September 2025 Patch Tuesday has brought a slew of security updates and vulnerability fixes to address a total of 81 flaws, including two zero-day vulnerabilities that have been actively exploited. This month's patch includes fixes for Windows SMB Server and Microsoft SQL Server, as well as various other products such as Adobe, Argo, Cisco, SAP, Sitecore, TP-Link, and Microsoft.
The Patch Tuesday fixes a range of vulnerabilities, including elevation of privilege flaws in Windows NTFS, PowerShell, and Routing and Remote Access Service (RRAS), as well as information disclosure vulnerabilities in RRAS. Additionally, the update includes fixes for remote code execution vulnerabilities in Windows NTFS, PowerShell, and SMB Server, among others.
The two zero-day vulnerabilities fixed by Microsoft include CVE-2025-55234, which is a Windows SMB Elevation of Privilege Vulnerability that can be exploited through relay attacks, and CVE-2024-21907, which is an Improper Handling of Exceptional Conditions in Newtonsoft.Json vulnerability. The former has been actively exploited in various attacks, while the latter was publicly disclosed in 2024.
Microsoft's efforts to address this vulnerability are notable, as they provide guidance on how to harden SMB servers against relay attacks, including enabling auditing on SMB servers to determine if they will encounter any issues when those hardening features are fully enforced. Furthermore, Microsoft has not attributed the flaw to any researchers and is unclear where it was disclosed.
In addition to the fixes from Microsoft, other vendors have released updates or advisories in September 2025, including Adobe, Argo, Cisco, SAP, Sitecore, TP-Link, and Xbox. For example, Adobe released security updates for a "SessionReaper" flaw impacting Magento eCommerce stores, while Argo fixed an Argo CD vulnerability that allows low-privileged API tokens to access API endpoints and retrieve all repository credentials associated with the project.
Cisco has also issued patches for WebEx, Cisco ASA, and other products, while SAP released the September security updates for multiple products. Sitecore released security updates for a zero-day vulnerability tracked as CVE-2025-53690 that was actively exploited in attacks. TP-Link confirmed a new zero-day exists in some of its routers, with the company exploring its exploitability and is creating patches for US customers.
The severity of these vulnerabilities cannot be overstated, as they can allow attackers to perform relay attacks, access API endpoints, or cause denial-of-service conditions. As such, it is essential that system administrators take proactive steps to address these vulnerabilities and ensure the security of their systems.
In light of this, it is worth noting that Microsoft has provided guidance on how to harden SMB servers against relay attacks, including enabling auditing on SMB servers to determine if they will encounter any issues when those hardening features are fully enforced. Furthermore, Microsoft has not attributed the flaw to any researchers and is unclear where it was disclosed.
The September 2025 Patch Tuesday Security Updates have been made available for download and installation by system administrators. These updates include a range of fixes for various vulnerabilities, including elevation of privilege flaws in Windows NTFS, PowerShell, and Routing and Remote Access Service (RRAS), as well as information disclosure vulnerabilities in RRAS. Additionally, the update includes fixes for remote code execution vulnerabilities in Windows NTFS, PowerShell, and SMB Server, among others.
The Picus Blue Report 2025 has also been released, which provides a comprehensive look at findings on prevention, detection, and data exfiltration trends. The report highlights a significant increase in password cracking, with nearly half of the environments experiencing compromised passwords, resulting in a two-fold increase from last year's figures.
Furthermore, the September 2025 Patch Tuesday Security Updates have been categorized by vulnerability type, including elevation of privilege vulnerabilities, security feature bypass vulnerabilities, remote code execution vulnerabilities, information disclosure vulnerabilities, denial-of-service vulnerabilities, and spoofing vulnerabilities. The fixes for these vulnerabilities are intended to address a range of security risks, including exploitation through relay attacks or the use of low-privileged API tokens.
The availability of these patches has been welcomed by system administrators and cybersecurity experts, who have emphasized the importance of staying up-to-date with the latest security updates and vulnerability fixes. As such, it is essential that system administrators take proactive steps to address these vulnerabilities and ensure the security of their systems.
Related Information:
https://www.ethicalhackingnews.com/articles/September-2025-Patch-Tuesday-A-Comprehensive-Overview-of-Vulnerability-Fixes-and-Security-Updates-ehn.shtml
https://www.bleepingcomputer.com/news/microsoft/microsoft-september-2025-patch-tuesday-fixes-81-flaws-two-zero-days/
https://nvd.nist.gov/vuln/detail/CVE-2024-21907
https://www.cvedetails.com/cve/CVE-2024-21907/
https://nvd.nist.gov/vuln/detail/CVE-2025-55234
https://www.cvedetails.com/cve/CVE-2025-55234/
https://nvd.nist.gov/vuln/detail/CVE-2025-53690
https://www.cvedetails.com/cve/CVE-2025-53690/
Published: Tue Sep 9 13:40:38 2025 by llama3.2 3B Q4_K_M
