Patch Tuesday upon us again!

Patch Tuesday is again upon us. This month the new SMB patch rolled out, enabling a new feature that enables support for auditing SMB client compatibility for SMB Server signing as well as SMB Server EPA. What does this mean to you? If you received a pentest report flagging SMB signing and the tester exploited SMB relay attacks to escalate privileges, well now you can test your systems for compatibility before widescale rolling out of SMB signing to address the vulnerability, and preventing the risk of breaking something legacy related (although we hardly ever see issues with turning on signing and is the recommended BP). The patch also addresses the SMB Elevation of Privilege (EoP) vulnerability, specifically CVE-2025-55234, and in this month's patch run, the Azure CVSS 10 vulnerability (https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-54914) is also patched, so its recommended that you test and roll out this month's patches asap.

The hacker news have a good writeup here on this month's patches. https://thehackernews.com/2025/09/microsoft-fixes-80-flaws-including-smb.html

#infosec #patchmanagement #microsoft #patchtuesday #hackproofyourself #boardroomcyber #danweis #nexon