Microsoft released its August 2025 “Patch Tuesday” bundle, addressing 111 security flaws across Windows, Office, Azure and on-premises products. The update includes 16 critical issues and closes a high-severity privilege-escalation bug in hybrid Exchange Server deployments (CVE-2025-53786) that federal agencies were ordered to patch last week. The company also fixed a publicly disclosed zero-day in Windows Kerberos (CVE-2025-53779) that could let attackers who already hold certain privileges seize control of an entire Active Directory domain. Other top-rated fixes cover a maximum-severity flaw in Azure OpenAI (CVE-2025-53767), two 9.8-score remote-code-execution bugs in Windows GDI+ and the Windows Graphics Component, and new variants of recently exploited SharePoint vulnerabilities. Despite the warnings, internet-wide scans by Shadowserver show more than 29,000 Exchange servers remain exposed. Elevation-of-privilege weaknesses accounted for roughly 40% of the patches, underscoring attackers’ focus on post-compromise movement. Microsoft said none of the newly disclosed vulnerabilities are yet being actively exploited, but security agencies urge administrators to apply the updates promptly.