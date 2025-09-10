Updates have been released by Microsoft to fix more than 80 security flaws impacting its Windows operating system and software as part of this month's Patch Tuesday KrebsOnSecurity reports.

Thirteen of the addressed vulnerabilities were critical in severity, the most concerning of which is the Windows NTLM privilege escalation issue, tracked as CVE-2025-54918, that was noted by Immersive's Kev Breen to be potentially abused over the internet.

Attackers could also remotely exploit the high-severity Windows SMB bug, tracked as CVE-2025-55234, to obtain escalated privileges and facilitate code execution, added Breen. Remote code execution is also possible with the exploitation of the Windows NTFS defect, tracked as CVE-2025-54916.

While none of the addressed flaws are zero-days, almost 50% were privilege escalation issues, according to Tenable Senior Staff Research Engineer Satnam Narang.

"For the third time this year, Microsoft patched more elevation of privilege vulnerabilities than remote code execution flaws," Narang added.