HomeMicrosoft Patch Tuesday › September 2025

Please link to this page, it changes often. Thank you! The Senserva Team.

Microsoft Patch Tuesday, September 2025

·

Microsoft's September 2025 security release, published September 9, 2025: 30 updates fixing 61 CVEs, ranked by confirmed exploitation, ransomware use, and severity. Provided by Senserva.

30
Updates (KBs)
61
CVEs fixed
0
Actively exploited
0
Critical updates

Actively exploited CVEs (CISA KEV)

None of this month's CVEs were in the CISA Known Exploited Vulnerabilities catalog as of the last refresh.

Other high-risk CVEs (CVSS 8.8+)

CVE-2025-55227Microsoft SQL Server Elevation of Privilege VulnerabilityCVSS 8.8
CVE-2025-54106Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityCVSS 8.8
CVE-2025-54110Windows Kernel Elevation of Privilege VulnerabilityCVSS 8.8
CVE-2025-54918Windows NTLM Elevation of Privilege VulnerabilityCVSS 8.8
CVE-2025-54113Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityCVSS 8.8
CVE-2025-55234Windows SMB Elevation of Privilege VulnerabilityCVSS 8.8
CVE-2025-54897Microsoft SharePoint Remote Code Execution VulnerabilityCVSS 8.8

Products fixed this month

Microsoft Office 2019 for 32-bit editions (10)Windows Server 2019 (9)Microsoft SharePoint Enterprise Server 2016 (9)Microsoft SharePoint Server 2019 (9)Microsoft SQL Server 2017 for x64-based Systems (GDR) (8)Microsoft SQL Server 2019 for x64-based Systems (GDR) (8)Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) (8)Windows Server 2019 (Server Core installation) (6)Windows Server 2022 (6)Microsoft Office 2019 for 64-bit editions (4)
Take this release to your AI

Composed from the September 2025 release data above. Copy it into Claude, ChatGPT, or Copilot. Free, no sign-in.

Reference: Microsoft CVE and vulnerability management, ranked by real-world risk, and the Microsoft patching guide.
Data notice: this page is provided as is, for informational purposes only, without warranty of any kind. Senserva, LLC does not guarantee the accuracy, completeness, or timeliness of third-party data (MSRC, NVD, CISA KEV, EPSS) and accepts no liability for actions taken based on it; verify against the authoritative Microsoft advisory before acting. Built daily with Senserva Trustworthy AI. All use of this data is subject to the Senserva EULA.