Microsoft's August 2025 Patch Wednesday collection of security updates for its software products contains a fix for a vulnerability rated as moderately severe, but which is now classified as a zero-day flaw as it was publicly disclosed before a remedy was available.
Called "BadSuccessor", the flaw was documented in May this year by Akamai security researcher Yuval Gordon.
Gordon wrote that it is a privilege escalation vulnerability in the Windows Server 2025 implementation of the Kerberos network authentication protocol that allows attackers to compromise any user in Active Directory.
It is indexed as CVE-2025-53779, and Gordon said an attack to exploit the vulnerability is trivial to implement.
The bug, and a proof of concept, was reported to Microsoft's Security Response Centre (MSRC) which confirmed it was valid.
However, MSRC said at the time of reporting that the vulnerability did not meet the threshold for immediate servicing and assessed it as merely moderate in severity.
Security vendor Rapid7 called it the "lone zero-day vulnerability", along with Qualys which said an attacker could exploit the flaw to gain domain administrator privileges.
There is no evidence that the vulnerability is under active exploitation.
A range of critical vulnerabilities are fixed in today's Patch Wednesday, including remote code execution bugs in Windows, Microsoft Office, the Hyper-V hypervisor, and Message Queuing component.
In total, the August set of patches handles 107 vulnerabilities.
.png&h=140&w=231&c=1&s=0)
_page-0001.jpg&w=100&c=1&s=0)
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Integrate Expo 2025
Digital Leadership Day Queensland
Government Innovation Showcase Queensland
Government Cyber Security Showcase Queensland
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
