{"id":221709,"date":"2025-09-11T04:32:36","date_gmt":"2025-09-11T09:32:36","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2025\/09\/microsoft-fixes-80-flaws-including-smb-privesc-and-azure-cvss-10-0-bugs"},"modified":"2025-09-11T04:32:36","modified_gmt":"2025-09-11T09:32:36","slug":"microsoft-fixes-80-flaws-including-smb-privesc-and-azure-cvss-10-0-bugs","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2025\/09\/microsoft-fixes-80-flaws-including-smb-privesc-and-azure-cvss-10-0-bugs","title":{"rendered":"Microsoft Fixes 80 Flaws \u2014 Including SMB PrivEsc and Azure CVSS 10.0 Bugs"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/microsoft-fixes-80-flaws-including-smb-privesc-and-azure-cvss-10-0-bugs.jpg\"><\/a><\/p>\n<p>Microsoft on Tuesday addressed a set of <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/releaseNote\/2025-Sep\" rel=\"noopener\" target=\"_blank\">80 security flaws<\/a> in its software, including one vulnerability that has been disclosed as publicly known at the time of release.<\/p>\n<p>Of the 80 vulnerabilities, eight are rated Critical and 72 are rated Important in severity. None of the shortcomings has been exploited in the wild as a zero-day. Like <a href=\"https:\/\/thehackernews.com\/2025\/08\/microsoft-august-2025-patch-tuesday.html\" rel=\"noopener\" target=\"_blank\">last month<\/a>, 38 of the disclosed flaws are related to privilege escalation, followed by remote code execution (22), information disclosure (14), and denial-of-service.<\/p>\n<p>\u201cFor the third time this year, Microsoft patched more elevation of privilege vulnerabilities than remote code execution flaws,\u201d Satnam Narang, senior staff research engineer at Tenable, said. \u201cNearly 50% (47.5%) of all bugs this month are privilege escalation vulnerabilities.\u201d<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Microsoft on Tuesday addressed a set of 80 security flaws in its software, including one vulnerability that has been disclosed as publicly known at the time of release. Of the 80 vulnerabilities, eight are rated Critical and 72 are rated Important in severity. None of the shortcomings has been exploited in the wild as a [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34],"tags":[],"class_list":["post-221709","post","type-post","status-publish","format-standard","hentry","category-cybercrime-malcode"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/221709","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=221709"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/221709\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=221709"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=221709"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=221709"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}