Microsoft Releases September 2025 Patch Tuesday Updates With Critical Bug Fixes

Microsoft has released the September 2025 Patch Tuesday updates for Windows 11 and Windows 10. This month, the company has fixed 80 vulnerabilities in Windows, Office, Microsoft Edge, Azure, Hyper-V, and other components.

This month’s Patch Tuesday serves as a reminder for organizations to prepare for two key changes coming in October: the end-of-support for Windows 10 and the next phase of mandatory multifactor authentication (MFA) for Azure. Security teams should begin planning now, and those unable to complete their Windows 10 migration in time should consider enrolling in Microsoft’s Extended Security Updates program.

September 2025 Patch Tuesday updates fix 80 vulnerabilities

As noted by the Zero Day Initiative, Microsoft has fixed eight critical vulnerabilities, while the rest are rated as important. Fortunately, none of these flaws is currently being actively exploited. Here’s a look at some of the most important vulnerabilities patched this month:

• CVE-2025-55234: This is a zero-day EoP vulnerability in Windows Server Message Block (SMB) that could be exploited by an attacker to gain the privileges of the legitimate user. This bug enables hackers to launch SMB relay attacks to escalate privileges on the target system.
• CVE-2024-21907: This is a high-severity flaw affecting the popular .NET library Newtonsoft.Json (also known as Json.NET), specifically versions prior to 13.0.1. This vulnerability could be exploited to cause resource exhaustion (CPU/RAM) or a complete service outage.
• CVE-2025-55232: This is an RCE vulnerability in the Microsoft High Performance Compute (HPC) Pack. This flaw could allow remote code execution over the enterprise network.
• CVE-2025-54916: This is another remote code execution vulnerability in Windows NTFS. It could be triggered by an unauthenticated user from a local machine.
• CVE-2025-54910: This is a critical remote code execution vulnerability in Microsoft Office. An attacker can exploit this flaw by crafting a malicious Office document that, when opened, causes memory corruption and enables code execution.

You can find the full list of CVEs for September 2025 below:

Quality and experience updates

Microsoft has released the KB5065431 and KB5065426 updates for Windows 11 versions 23H2 and 24H2, respectively. The KB5065431 patch brings several new capabilities for Copilot+ PCs, including Windows Recall enhancements, Click to Do improvements, and support for Agent in Settings for AMD and Intel-powered Copilot+ PCs.

Additionally, Microsoft has fixed an issue that caused non-admin users to encounter unexpected User Account Control (UAC) prompts when MSI installers perform certain custom actions. These updates also add auditing capabilities to help organizations detect devices or software that may not be compatible with SMB Server signing or Extended Protection for Authentication (EPA).

On Windows 10, the KB5065429 patch brings stability fixes, accessibility improvements, and two new features for enterprise customers. Microsoft has added a new networking control that lets organizations block outbound traffic for the keyless Commercial ESU solution. This capability allows administrators to enhance security and compliance in managed environments. This update also introduces Windows Backup for Organizations, which is a cloud-based enterprise feature designed to simplify device transitions.

Windows Update testing and best practices

Organizations looking to deploy this month’s patches should conduct thorough testing before deploying them widely on production systems. That said, applying the patches widely shouldn’t be delayed longer than necessary as hackers start to work out how to weaponize newly reported vulnerabilities.

A best practice is to make sure you have backed up systems before applying updates. Every month, users experience issues with Windows updates that lead to systems not booting, application and hardware compatibility issues, or even data loss in extreme cases.

There are backup tools built into Windows and Windows Server that you can use to restore systems in the event a patch causes a problem. The backup features in Windows can be used to restore an entire system, or files and folders on a granular basis.