There were approximately 80 CVEs addressed in this patch set. Most of the CVSS scores were lower than prior months. For the highest vulnerabilities, exploit requires viewing malicious content or use of the Microsoft High Performance Computing Pack. There are significant fixes for Office, and NTLM authentication that should be tested and deployed. These vulnerabilities may have publicly available exploits created soon.
Recommending normal patching and testing Testing and patching should be started for all systems. Please note that are Office and core Windows library (GDI, others) patches so endpoints are in scope
All admins are reminded that browser updates, including updates to Edge Chrome and Firefox, should be deployed regularly. There are Edge patches in scope for this patch set.
For all admins, please test and review changes to ensure compatibility with your environment. The priority will be changed if there is evidence of new attacks using vulnerabilities detailed in this set of patches.
We will add information about other known issues as other organizations deploy these patches. There are some reported issues with PowerShell Direct (PSDirect) connections but there a workarounds in KB5066359
https://msrc.microsoft.com/update-guide/en-us/releaseNote/2025-Sep