Truth in IT
    • Sign In
    • Register
        • Videos
        • Channels
        • Pages
        • Galleries
        • News
        • Events
        • All
Truth in IT Truth in IT
  • Data Management ▼
    • Converged Infrastructure
    • DevOps
    • Networking
    • Storage
    • Virtualization
  • Cybersecurity ▼
    • Application Security
    • Backup & Recovery
    • Data Security
    • Identity & Access Management (IAM)
    • Zero Trust
    • Compliance & GRC
    • Endpoint Security
  • Cloud ▼
    • Hybrid Cloud
    • Private Cloud
    • Public Cloud
  • Webinar Library
  • TiPs
  • DRAW

September 2025 Patch Tuesday: SMB Relay & Azure Entra

Fortra
03/30/2026
0 (0%)
Share
  • Comments
  • Download
  • Transcript
Report Like Favorite
  • Share/Embed
  • Email
Link
Embed

Transcript


and we're here to talk about the September patch Tuesday. The first thing I want to talk about today is CVE-2025-55234. It's an SMB relay attack. And the executive summary for this one definitely caught my attention. Microsoft states that they released the CVE to provide customers with audit capabilities. Now the goal of a CVE should be to define a vulnerability, not to announce new configuration features. I'm really hoping that Microsoft clarifies the statement, otherwise I wonder if this CVE should even exist. After all, SMB relay attacks are nothing new. A bit of a warning for anyone running the Microsoft High Performance Compute Pack or the HPC Pack. There was a single critical CVSS score vulnerability this month, and it was for CVE-2025-55232, which is a vulnerability in the HPC Pack. The vulnerability allows for unauthenticated remote code execution. Hopefully that risk will be offset by the fact that not everyone runs this software, and that's likely one of the reasons why Microsoft has indicated that exploitation is less likely for this vulnerability. Finally, just for awareness this month, I think it's worth mentioning CVE-2025-55241. It was an elevation of privilege in Azure Entra. Now this is a no privileges required privilege escalation, which is somewhat interesting, but there's no action to take on your part. The only reason I'm mentioning it is because Azure Entra is such a critical component in environments, and it's something that you might want to talk to Microsoft about just to find out a bit more about how this vulnerability was discovered, or to find out if it had ever been exploited in the past in your environment. I doubt that's the case, given they didn't say anything, but it's always worth double checking. Once again, I'm Tyler Reguli, and this has been your September Patch Tuesday Update. Thank you, and have a great day.

TL;DR

  • CVE-2025-55234 is an SMB relay attack that Microsoft released to provide audit capabilities, raising questions about whether it should be classified as a CVE since SMB relay attacks are not new.
  • CVE-2025-55232 is a critical unauthenticated remote code execution vulnerability in Microsoft HPC Pack, though exploitation is considered less likely due to limited deployment of the software.
  • CVE-2025-55241 is a no-privileges-required privilege escalation in Azure Entra that has been automatically patched, but organizations should verify if their environments were affected given Entra's critical role.

Summary

Tyler Reguly, Associate Director of Security R&D at Fortra, provides a focused analysis of September 2025's Microsoft Patch Tuesday release, highlighting three vulnerabilities that warrant attention from IT and security teams. The briefing examines CVE-2025-55234, an SMB relay attack that Microsoft released primarily for audit capabilities rather than as a traditional vulnerability disclosure—a decision that raises questions about CVE assignment practices. Reguly also covers CVE-2025-55232, a critical unauthenticated remote code execution vulnerability in Microsoft's High Performance Compute Pack, and CVE-2025-55241, a privilege escalation issue in Azure Entra that requires no user privileges. While the Azure Entra vulnerability has been patched automatically by Microsoft, Reguly recommends organizations verify whether their environments were affected. This concise update helps administrators prioritize patching efforts and understand the strategic implications of Microsoft's security communications.

Chapters

0:00 - Introduction
0:09 - CVE-2025-55234: SMB Relay
0:40 - CVE-2025-55232: HPC Pack RCE
1:15 - CVE-2025-55241: Azure Entra Escalation

Key Quotes

0:18 "Microsoft states that they released the CVE to provide customers with audit capabilities. Now the goal of a CVE should be to define a vulnerability, not to announce new configuration features."
0:54 "The vulnerability allows for unauthenticated remote code execution. Hopefully that risk will be offset by the fact that not everyone runs this software, and that's likely one of the reasons why Microsoft has indicated that exploitation is less likely for this vulnerability."
1:35 "Azure Entra is such a critical component in environments, and it's something that you might want to talk to Microsoft about just to find out a bit more about how this vulnerability was discovered, or to find out if it had ever been exploited in the past in your environment."

Categories:
  • » Cybersecurity » Cloud Security
  • » Data Protection
Channels:
News:
Events:
Tags:
  • Vulnerability Management
  • Cloud Security
  • Identity & Access
  • Technical Deep Dive
  • Best Practices
  • Patch Tuesday
  • Microsoft Security Updates
  • SMB Relay Attacks
  • Remote Code Execution
  • Azure Entra Security
  • Privilege Escalation
  • CVE Assignment Practices
Show more Show less

Browse videos

  • Related
  • Featured
  • By date
  • Most viewed
  • Top rated
  •  

              Video's comments: September 2025 Patch Tuesday: SMB Relay & Azure Entra

              Upcoming Webinar Calendar

              • 06/30/2026
                01:00 PM
                06/30/2026
                Master Active Directory Certificate Services and Maintain Your Edge
                https://www.truthinit.com/index.php/channel/2018/master-active-directory-certificate-services-and-maintain-your-edge/
              • 07/01/2026
                04:00 AM
                07/01/2026
                Integrating Security in AI: Automated Red Teaming Strategies for Private Models
                https://www.truthinit.com/index.php/channel/1969/integrating-security-in-ai-automated-red-teaming-strategies-for-private-models/
              • 07/01/2026
                04:00 AM
                07/01/2026
                Schutz von KI in Anwendungen, Agenten und APIs.
                https://www.truthinit.com/index.php/channel/2008/schutz-von-ki-in-anwendungen-agenten-und-apis/
              • 07/01/2026
                01:00 PM
                07/01/2026
                How to Prevent Your AI from Outsmarting You
                https://www.truthinit.com/index.php/channel/2021/how-to-prevent-your-ai-from-outsmarting-you/
              • 07/02/2026
                10:00 AM
                07/02/2026
                Resilience Insights from Hybrid Threats in a Dark Cloud Environment
                https://www.truthinit.com/index.php/channel/2011/resilience-insights-from-hybrid-threats-in-a-dark-cloud-environment/
              • 07/08/2026
                02:00 PM
                07/08/2026
                Understanding the Crucial Role of Context in AI Data
                https://www.truthinit.com/index.php/channel/2037/understanding-the-crucial-role-of-context-in-ai-data/
              • 07/09/2026
                01:00 PM
                07/09/2026
                The HUMAN Experience: Empowering Agentic Trust in Practice
                https://www.truthinit.com/index.php/channel/2026/the-human-experience-empowering-agentic-trust-in-practice/
              • 07/14/2026
                01:00 PM
                07/14/2026
                Crafting a Championship-Worthy Security Team for Maximum Defense Effectiveness
                https://www.truthinit.com/index.php/channel/2025/crafting-a-championship-worthy-security-team-for-maximum-defense-effectiveness/
              • 07/21/2026
                04:00 AM
                07/21/2026
                Strategies for Managing AI Governance and Securing App-to-LLM API Traffic
                https://www.truthinit.com/index.php/channel/1967/strategies-for-managing-ai-governance-and-securing-app-to-llm-api-traffic/
              • 07/21/2026
                01:00 PM
                07/21/2026
                HUMAN Dialogue: Insights from Attackers During the FIFA World Cup
                https://www.truthinit.com/index.php/channel/2029/human-dialogue-insights-from-attackers-during-the-fifa-world-cup/
              • 07/22/2026
                06:30 AM
                07/22/2026
                Insights and Strategies from the DPDP Webinar
                https://www.truthinit.com/index.php/channel/2000/insights-and-strategies-from-the-dpdp-webinar/
              • 07/28/2026
                01:00 PM
                07/28/2026
                Illumio + Netskope: Zero Trust in the Age of AI Autonomy
                https://www.truthinit.com/index.php/channel/2031/illumio-netskope-zero-trust-in-the-age-of-ai-autonomy/
              • 07/29/2026
                04:00 AM
                07/29/2026
                Real-Time Strategies for Safeguarding Against Prompt Injections
                https://www.truthinit.com/index.php/channel/1968/real-time-strategies-for-safeguarding-against-prompt-injections/
              • 08/19/2026
                12:00 PM
                08/19/2026
                Get Prepared to Thrive as an Agent in Just 30 Days
                https://www.truthinit.com/index.php/channel/2036/get-prepared-to-thrive-as-an-agent-in-just-30-days/
              • 09/30/2026
                04:00 AM
                09/30/2026
                AI Command Center: Optimizing Visibility and Control in Your Operations
                https://www.truthinit.com/index.php/channel/2024/ai-command-center-optimizing-visibility-and-control-in-your-operations/

              Upcoming Events

              • Jun
                30

                Master Active Directory Certificate Services and Maintain Your Edge

                06/30/202601:00 PM ET
                • Jul
                  01

                  Schutz von KI in Anwendungen, Agenten und APIs.

                  07/01/202604:00 AM ET
                  • Jul
                    01

                    Integrating Security in AI: Automated Red Teaming Strategies for Private Models

                    07/01/202604:00 AM ET
                    • Jul
                      01

                      How to Prevent Your AI from Outsmarting You

                      07/01/202601:00 PM ET
                      • Jul
                        02

                        Resilience Insights from Hybrid Threats in a Dark Cloud Environment

                        07/02/202610:00 AM ET
                        More events
                        Truth in IT
                        • Sponsor
                        • About Us
                        • Terms of Service
                        • Privacy Policy
                        • Contact Us
                        • Preference Management
                        Desktop version
                        Standard version