[ad_1]
Microsoft on Tuesday introduced 109 patches affecting 16 product households. Eighteen of the addressed points are thought-about by Microsoft to be of Critical severity, and 31 have a CVSS base rating of 8.0 or larger, together with a “perfect” 10.0 affecting Azure. None are recognized to be below lively exploit within the wild, although two Windows points (CVE-2025-53786 and CVE-2025-53779) are already publicly disclosed.
At patch time, 9 CVEs are judged extra more likely to be exploited within the subsequent 30 days by the corporate’s estimation. Various of this month’s points are amenable to direct detection by Sophos protections, and we embody info on these in a desk beneath. In addition, eight CVEs included on this month’s set, principally involving cloud-centric product households similar to Azure and 365, are already patched – together with the CVSS-10 merchandise talked about above. We have included info on all eight in Appendix D. Interestingly, two of these had been truly patched a full month in the past, within the July cycle, however a clerical mix-up left that info out of Microsoft’s July launch supplies. We embody these two in our August depend. Advisory info on ten Edge fixes was additionally included on this month’s launch, and will be seen in Appendix D.
We are as all the time together with on the finish of this put up further appendices itemizing all Microsoft’s patches sorted by severity, by predicted exploitability timeline and CVSS Base rating, and by product household. Another appendix covers advisory-style updates and the listing of points mentioned on this month’s launch supplies however mitigated previous to the discharge, and one other supplies breakout of the patches affecting the assorted Windows Server platforms nonetheless in assist.
By the numbers
- Total CVEs: 109
- Publicly disclosed: 2*
- Exploit detected: 0
- Severity
- Critical: 18
- Important: 90
- Moderate: 1
- Impact
- Elevation of Privilege: 44
- Remote Code Execution: 35
- Information Disclosure: 18
- Spoofing: 7
- Denial of Service: 4
- Tampering: 1
- CVSS Base rating 10.0: 1
- CVSS Base rating 9.0 or higher: 5
- CVSS Base rating 8.0 or higher: 31
* Microsoft’s official launch materials states that only one vulnerability, CVE-2025-53779, is publicly disclosed by their requirements. However, CVE-2025-53786 was publicly demonstrated at Black Hat final week and has been very extensively mentioned since then, with a CISA Emergency Directive issued. We embody it in our tally for completeness.
Figure 1: Elevation of Privilege vulnerabilities outpace Remote Code Execution flaws for the second month in a row, however RCE points account for extra Critical-severity patches
Products
- Windows: 65*
- 365: 16**
- Office: 16
- Azure: 7***
- SQL: 6
- Exchange: 5
- Excel: 4
- SharePoint: 4
- Word: 3
- Dynamics 365: 2
- EnergyPoint: 1
- Teams: 1
- Visual Studio: 1
- Web Deploy: 1
- Windows Security App: 1
- Windows Subsystem for Linux (WSL2): 1
* As talked about, the discharge info states that two of those had been patched with the July launch; we embody these two within the August counts right here and all through this put up.
** Includes two Critical-severity patches for Microsoft 365 Copilot’s Business Chat.
*** The launch info notes that 4 of the Azure vulnerabilities have already been mitigated.
As is our customized for this listing, CVEs that apply to a couple of product household are counted as soon as for every household they have an effect on. We word, by the way in which, that CVE names don’t all the time replicate affected product households carefully. In specific, some CVEs names within the Office household could point out merchandise that don’t seem within the listing of merchandise affected by the CVE, and vice versa.
Figure 2: Windows patches 5 Critical-severity patches in August, however so do Azure and Office – and 365 has all of them beat with six
Notable August updates
In addition to the problems mentioned above, a wide range of particular objects benefit consideration.
CVE-2025-50165 — Windows Graphics Component Remote Code Execution Vulnerability
CVE-2025-53766 — GDI+ Remote Code Execution Vulnerability
It’s a tricky month for Windows graphics-related componentry, as these two vulnerabilities weigh in with 9.8 CVSS Base scores. CVE-2025-50165 requires no consumer interplay, and will be exploited by an uninitialized operate pointer being known as when decoding a malicious JPEG, which may very well be embedded in a doc, a Web web page, or what you’ll. It impacts strictly the latest variations of Windows (Win 11 2H24, Server 2025). Similarly, CVE-2025-53766 may very well be triggered with out consumer interplay, ought to an attacker handle to add paperwork containing a specifically crafted metafile to an online service. (Alternately, they may craft a doc containing the metafile, ship it to an unwary consumer, and get them to open it.) Unusually, this CVE impacts each Windows and Office.
CVE-2025-49712 — Microsoft SharePoint Remote Code Execution Vulnerability
As most Microsoft observers know nicely, there was a lot to say between the July and August Patch Tuesday releases about SharePoint. This challenge, nonetheless, appears unrelated to ToolShell, although it’s pretty disagreeable all by itself, permitting any authenticated attacker to execute code over the community with little prior data of the community required.
CVE-2025-53731, CVE-2025-53733, CVE-2025-53740, CVE-2025-53784 – 4 365/Office points
Preview Pane is a vector for all 4 of those vulnerabilities.
CVE-2025-53774, CVE-2025-53787 — Microsoft 365 Copilot BizChat Information Disclosure Vulnerability
These identically titled information-disclosure vulnerabilities, each Critical-severity, are talked about in Microsoft’s abstract info for August, however the firm notes that each have already been mitigated. However, CVE-2025-53787 specifically didn’t go quietly, and web commenters had issues to say concerning the future implications of bugs of this nature. (It’s attention-grabbing to notice that earlier info from Microsoft, as per the WindowsForum put up, thought-about the problem to be Important in severity; the discharge on Tuesday labeled it as Critical.)
CVE-2025-53786 — Microsoft Exchange Server Hybrid Deployment Elevation of Privilege Vulnerability
As famous above, this Important-severity EoP challenge bought loads of consideration at Black Hat and from CISA earlier this month. It’s a bug to be taken significantly, and Microsoft states that they imagine it’s one of many vulnerabilities extra more likely to be exploited inside the first 30 days post-release. But the story of how this patch arrived at launch is an attention-grabbing one from a disclosure standpoint. The finder, Dirk-jan Mollema with Outsider Security, labored with Microsoft to kind out the problem previous to his Black Hat presentation. In flip, Microsoft credit his discover of their launch supplies, an indication that the disclosure was well-coordinated. The challenge itself pertains to an April hotfix for hybrid Exchange deployments.
CVE-2024-53772 — Web Deploy Remote Code Execution Vulnerability
Web Deploy, for these not acquainted with the device, is used to deploy Web purposes and Web websites to IIS servers. It will probably be acquainted to customers of Visual Studio.
Figure 3: Remote Code Execution points proceed to steer all different sorts in 2025’s Patch Tuesday releases, however Elevation of Privilege points are shut behind – 266 to 257, by our depend. Meanwhile, Spoofing picks up its first Critical-severity case in August, and the primary non-advisory Moderate-severity patch of the yr is famous
Sophos protections
| CVE | Sophos Intercept X/Endpoint IPS | Sophos XGS Firewall |
| CVE-2025-49743 | Exp/2549743-A | Exp/2549743-A |
| CVE-2025-50167 | Exp/2550167-A | Exp/2550167-A |
| CVE-2025-50168 | Exp/2550168-A | Exp/2550168-A |
| CVE-2025-50177 | SID:2311472,2311473 | SID:2311472,2311473 |
| CVE-2025-53132 | Exp/2553132-A | Exp/2553132-A |
| CVE-2025-53147 | Exp/2553147-A | Exp/2553147-A |
| CVE-2025-53778 | SID:2311491 | SID:2311491 |
As you’ll be able to each month, if you happen to don’t wish to wait to your system to drag down Microsoft’s updates itself, you’ll be able to obtain them manually from the Windows Update Catalog web site. Run the winver.exe device to find out which construct of Windows 10 or 11 you’re operating, then obtain the Cumulative Update package deal to your particular system’s structure and construct quantity.
Appendix A: Vulnerability Impact and Severity
This is an inventory of August patches sorted by affect, then sub-sorted by severity. Each listing is additional organized by CVE.
Elevation of Privilege (44 CVEs)
| Critical severity | |
| CVE-2025-24999 | Microsoft SQL Server Elevation of Privilege Vulnerability |
| CVE-2025-53767 | Azure OpenAI Elevation of Privilege Vulnerability |
| CVE-2025-53778 | Windows NTLM Elevation of Privilege Vulnerability |
| CVE-2025-53792 | Azure Portal Elevation of Privilege Vulnerability |
| Important severity | |
| CVE-2025-47954 | Microsoft SQL Server Elevation of Privilege Vulnerability |
| CVE-2025-49743 | Windows Graphics Component Elevation of Privilege Vulnerability |
| CVE-2025-49758 | Microsoft SQL Server Elevation of Privilege Vulnerability |
| CVE-2025-49759 | Microsoft SQL Server Elevation of Privilege Vulnerability |
| CVE-2025-49761 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2025-49762 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
| CVE-2025-50153 | Desktop Windows Manager Elevation of Privilege Vulnerability |
| CVE-2025-50155 | Windows Push Notifications Apps Elevation of Privilege Vulnerability |
| CVE-2025-50159 | Remote Access Point-to-Point Protocol (PPP) EAP-TLS Elevation of Privilege Vulnerability |
| CVE-2025-50161 | Win32k Elevation of Privilege Vulnerability |
| CVE-2025-50167 | Windows Hyper-V Elevation of Privilege Vulnerability |
| CVE-2025-50168 | Win32k Elevation of Privilege Vulnerability |
| CVE-2025-50170 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
| CVE-2025-50173 | Windows Installer Elevation of Privilege Vulnerability |
| CVE-2025-53132 | Win32k Elevation of Privilege Vulnerability |
| CVE-2025-53133 | Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability |
| CVE-2025-53134 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
| CVE-2025-53135 | DirectX Graphics Kernel Elevation of Privilege Vulnerability |
| CVE-2025-53137 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
| CVE-2025-53140 | Windows Kernel Transaction Manager Elevation of Privilege Vulnerability |
| CVE-2025-53141 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
| CVE-2025-53142 | Microsoft Brokering File System Elevation of Privilege Vulnerability |
| CVE-2025-53147 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
| CVE-2025-53149 | Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability |
| CVE-2025-53151 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2025-53154 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
| CVE-2025-53155 | Windows Hyper-V Elevation of Privilege Vulnerability |
| CVE-2025-53718 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
| CVE-2025-53721 | Windows Connected Devices Platform Service Elevation of Privilege Vulnerability |
| CVE-2025-53723 | Windows Hyper-V Elevation of Privilege Vulnerability |
| CVE-2025-53724 | Windows Push Notifications Apps Elevation of Privilege Vulnerability |
| CVE-2025-53725 | Windows Push Notifications Apps Elevation of Privilege Vulnerability |
| CVE-2025-53726 | Windows Push Notifications Apps Elevation of Privilege Vulnerability |
| CVE-2025-53727 | Microsoft SQL Server Elevation of Privilege Vulnerability |
| CVE-2025-53729 | Microsoft Azure File Sync Elevation of Privilege Vulnerability |
| CVE-2025-53760 | Microsoft SharePoint Elevation of Privilege Vulnerability |
| CVE-2025-53786 | Microsoft Exchange Server Hybrid Deployment Elevation of Privilege Vulnerability |
| CVE-2025-53788 | Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability |
| CVE-2025-53789 | Windows StateRepository API Server file Elevation of Privilege Vulnerability |
| Moderate severity | |
| CVE-2025-53779 | Windows Kerberos Elevation of Privilege Vulnerability |
Remote Code Execution (35 CVEs)
| Critical severity | |
| CVE-2025-48807 | Microsoft SQL Server Remote Code Execution Vulnerability |
| CVE-2025-50165 | Windows Graphics Component Remote Code Execution Vulnerability |
| CVE-2025-50176 | DirectX Graphics Kernel Remote Code Execution Vulnerability |
| CVE-2025-50177 | Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability |
| CVE-2025-53731 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2025-53733 | Microsoft Word Remote Code Execution Vulnerability |
| CVE-2025-53740 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2025-53766 | GDI+ Remote Code Execution Vulnerability |
| CVE-2025-53784 | Microsoft Word Remote Code Execution Vulnerability |
| CVE-2025-48807 | Microsoft SQL Server Remote Code Execution Vulnerability |
| Important severity | |
| CVE-2025-49712 | Microsoft SharePoint Remote Code Execution Vulnerability |
| CVE-2025-49757 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| CVE-2025-50160 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| CVE-2025-50162 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| CVE-2025-50163 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| CVE-2025-50164 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| CVE-2025-50169 | Windows SMB Remote Code Execution Vulnerability |
| CVE-2025-53131 | Windows Media Remote Code Execution Vulnerability |
| CVE-2025-53143 | Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability |
| CVE-2025-53144 | Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability |
| CVE-2025-53145 | Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability |
| CVE-2025-53152 | Desktop Windows Manager Remote Code Execution Vulnerability |
| CVE-2025-53720 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| CVE-2025-53730 | Microsoft Office Visio Remote Code Execution Vulnerability |
| CVE-2025-53732 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2025-53734 | Microsoft Office Visio Remote Code Execution Vulnerability |
| CVE-2025-53735 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-53737 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-53738 | Microsoft Word Remote Code Execution Vulnerability |
| CVE-2025-53739 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-53741 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-53759 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-53761 | Microsoft EnergyPoint Remote Code Execution Vulnerability |
| CVE-2025-53772 | Web Deploy Remote Code Execution Vulnerability |
| CVE-2025-53773 | GitHub Copilot and Visual Studio Remote Code Execution Vulnerability |
| CVE-2025-53783 | Microsoft Teams Remote Code Execution Vulnerability |
Information Disclosure (18 CVEs)
| Critical severity | |
| CVE-2025-53774 | Microsoft 365 Copilot BizChat Information Disclosure Vulnerability |
| CVE-2025-53781 | Azure Virtual Machines Information Disclosure Vulnerability |
| CVE-2025-53787 | Microsoft 365 Copilot BizChat Information Disclosure Vulnerability |
| CVE-2025-53793 | Azure Stack Hub Information Disclosure Vulnerability |
| Important severity | |
| CVE-2025-33051 | Microsoft Exchange Server Information Disclosure Vulnerability |
| CVE-2025-50156 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability |
| CVE-2025-50157 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability |
| CVE-2025-50158 | Windows NTFS Information Disclosure Vulnerability |
| CVE-2025-50166 | Windows Distributed Transaction Coordinator (MSDTC) Information Disclosure Vulnerability |
| CVE-2025-53136 | NT OS Kernel Information Disclosure Vulnerability |
| CVE-2025-53138 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability |
| CVE-2025-53148 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability |
| CVE-2025-53153 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability |
| CVE-2025-53156 | Windows Storage Port Driver Information Disclosure Vulnerability |
| CVE-2025-53719 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability |
| CVE-2025-53728 | Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability |
| CVE-2025-53736 | Microsoft Word Information Disclosure Vulnerability |
| CVE-2025-53765 | Azure Stack Hub Information Disclosure Vulnerability |
Spoofing (7 CVEs)
| Critical severity | |
| CVE-2025-49707 | Azure Virtual Machines Spoofing Vulnerability |
| Important severity | |
| CVE-2025-25006 | Microsoft Exchange Server Spoofing Vulnerability |
| CVE-2025-25007 | Microsoft Exchange Server Spoofing Vulnerability |
| CVE-2025-49745 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability |
| CVE-2025-50154 | Microsoft Windows File Explorer Spoofing Vulnerability |
| CVE-2025-50171 | Remote Desktop Spoofing Vulnerability |
| CVE-2025-53769 | Windows Security App Spoofing Vulnerability |
Denial of Service (4 CVEs)
| Important severity | |
| CVE-2025-49751 | Windows Hyper-V Denial of Service Vulnerability |
| CVE-2025-50172 | DirectX Graphics Kernel Denial of Service Vulnerability |
| CVE-2025-53716 | Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability |
| CVE-2025-53722 | Windows Remote Desktop Services Denial of Service Vulnerability |
Tampering (1 CVE)
| Important severity | |
| CVE-2025-25005 | Microsoft Exchange Server Tampering Vulnerability |
Appendix B: Exploitability and CVSS
This is an inventory of the August CVEs judged by Microsoft to be extra more likely to be exploited within the wild inside the first 30 days post-release. (No CVE amongst this month’s patches is thought to be already exploited within the wild, in order that listing doesn’t seem this month.) The listing is additional organized by CVE.
| Exploitation extra probably inside the subsequent 30 days | |
| CVE-2025-49743 | Windows Graphics Component Elevation of Privilege Vulnerability |
| CVE-2025-50167 | Windows Hyper-V Elevation of Privilege Vulnerability |
| CVE-2025-50168 | Win32k Elevation of Privilege Vulnerability |
| CVE-2025-50177 | Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability |
| CVE-2025-53132 | Win32k Elevation of Privilege Vulnerability |
| CVE-2025-53147 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
| CVE-2025-53156 | Windows Storage Port Driver Information Disclosure Vulnerability |
| CVE-2025-53778 | Windows NTLM Elevation of Privilege Vulnerability |
| CVE-2025-53786 | Microsoft Exchange Server Hybrid Deployment Elevation of Privilege Vulnerability |
This is an inventory of August’s CVEs with a Microsoft-assessed CVSS Base rating of 8.0 or larger. They are organized by rating and additional sorted by CVE. For extra info on how CVSS works, please see our collection on patch prioritization schema.
| CVSS Base | CVSS Temporal | CVE | Title |
| 10.0 | 8.7 | CVE-2025-53767 | Azure OpenAI Elevation of Privilege Vulnerability |
| 9.8 | 8.5 | CVE-2025-50165 | Windows Graphics Component Remote Code Execution Vulnerability |
| 9.8 | 8.5 | CVE-2025-53766 | GDI+ Remote Code Execution Vulnerability |
| 9.1 | 7.9 | CVE-2025-50171 | Remote Desktop Spoofing Vulnerability |
| 9.1 | 7.9 | CVE-2025-53792 | Azure Portal Elevation of Privilege Vulnerability |
| 8.8 | 7.7 | CVE-2025-24999 | Microsoft SQL Server Elevation of Privilege Vulnerability |
| 8.8 | 7.7 | CVE-2025-47954 | Microsoft SQL Server Elevation of Privilege Vulnerability |
| 8.8 | 7.7 | CVE-2025-49712 | Microsoft SharePoint Remote Code Execution Vulnerability |
| 8.8 | 7.7 | CVE-2025-49757 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| 8.8 | 7.7 | CVE-2025-49758 | Microsoft SQL Server Elevation of Privilege Vulnerability |
| 8.8 | 7.7 | CVE-2025-49759 | Microsoft SQL Server Elevation of Privilege Vulnerability |
| 8.8 | 7.7 | CVE-2025-50163 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| 8.8 | 7.7 | CVE-2025-53131 | Windows Media Remote Code Execution Vulnerability |
| 8.8 | 7.7 | CVE-2025-53143 | Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability |
| 8.8 | 7.7 | CVE-2025-53144 | Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability |
| 8.8 | 7.7 | CVE-2025-53145 | Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability |
| 8.8 | 7.7 | CVE-2025-53727 | Microsoft SQL Server Elevation of Privilege Vulnerability |
| 8.8 | 7.7 | CVE-2025-53772 | Web Deploy Remote Code Execution Vulnerability |
| 8.8 | 7.7 | CVE-2025-53778 | Windows NTLM Elevation of Privilege Vulnerability |
| 8.4 | 7.3 | CVE-2025-53731 | Microsoft Office Remote Code Execution Vulnerability |
| 8.4 | 7.3 | CVE-2025-53733 | Microsoft Word Remote Code Execution Vulnerability |
| 8.4 | 7.3 | CVE-2025-53740 | Microsoft Office Remote Code Execution Vulnerability |
| 8.4 | 7.3 | CVE-2025-53784 | Microsoft Word Remote Code Execution Vulnerability |
| 8.2 | 7.1 | CVE-2025-53787 | Microsoft 365 Copilot BizChat Information Disclosure Vulnerability |
| 8.1 | 7.1 | CVE-2025-50177 | Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability |
| 8.0 | 7.0 | CVE-2025-50160 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| 8.0 | 7.0 | CVE-2025-50162 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| 8.0 | 7.0 | CVE-2025-50164 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| 8.0 | 7.0 | CVE-2025-53132 | Win32k Elevation of Privilege Vulnerability |
| 8.0 | 7.0 | CVE-2025-53720 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| 8.0 | 7.0 | CVE-2025-53786 | Microsoft Exchange Server Hybrid Deployment Elevation of Privilege Vulnerability |
Appendix C: Products Affected
This is an inventory of August’s patches sorted by product household, then sub-sorted by severity. Each listing is additional organized by CVE. Patches which can be shared amongst a number of product households are listed a number of instances, as soon as for every product household. Certain important points for which advisories have been issued are coated in Appendix D, and points affecting Windows Server are additional sorted in Appendix E. All CVE titles are correct as made obtainable by Microsoft; for additional info on why sure merchandise could seem in titles and never product households (or vice versa), please seek the advice of Microsoft.
Windows (65 CVEs)
| Critical severity | |
| CVE-2025-50165 | Windows Graphics Component Remote Code Execution Vulnerability |
| CVE-2025-50176 | DirectX Graphics Kernel Remote Code Execution Vulnerability |
| CVE-2025-50177 | Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability |
| CVE-2025-53766 | GDI+ Remote Code Execution Vulnerability |
| CVE-2025-53778 | Windows NTLM Elevation of Privilege Vulnerability |
| Important severity | |
| CVE-2025-49743 | Windows Graphics Component Elevation of Privilege Vulnerability |
| CVE-2025-49751 | Windows Hyper-V Denial of Service Vulnerability |
| CVE-2025-49757 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| CVE-2025-49761 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2025-49762 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
| CVE-2025-50153 | Desktop Windows Manager Elevation of Privilege Vulnerability |
| CVE-2025-50154 | Microsoft Windows File Explorer Spoofing Vulnerability |
| CVE-2025-50155 | Windows Push Notifications Apps Elevation of Privilege Vulnerability |
| CVE-2025-50156 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability |
| CVE-2025-50157 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability |
| CVE-2025-50158 | Windows NTFS Information Disclosure Vulnerability |
| CVE-2025-50159 | Remote Access Point-to-Point Protocol (PPP) EAP-TLS Elevation of Privilege Vulnerability |
| CVE-2025-50160 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| CVE-2025-50161 | Win32k Elevation of Privilege Vulnerability |
| CVE-2025-50162 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| CVE-2025-50163 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| CVE-2025-50164 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| CVE-2025-50166 | Windows Distributed Transaction Coordinator (MSDTC) Information Disclosure Vulnerability |
| CVE-2025-50167 | Windows Hyper-V Elevation of Privilege Vulnerability |
| CVE-2025-50168 | Win32k Elevation of Privilege Vulnerability |
| CVE-2025-50169 | Windows SMB Remote Code Execution Vulnerability |
| CVE-2025-50170 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
| CVE-2025-50171 | Remote Desktop Spoofing Vulnerability |
| CVE-2025-50172 | DirectX Graphics Kernel Denial of Service Vulnerability |
| CVE-2025-50173 | Windows Installer Elevation of Privilege Vulnerability |
| CVE-2025-53131 | Windows Media Remote Code Execution Vulnerability |
| CVE-2025-53132 | Win32k Elevation of Privilege Vulnerability |
| CVE-2025-53133 | Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability |
| CVE-2025-53134 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
| CVE-2025-53135 | DirectX Graphics Kernel Elevation of Privilege Vulnerability |
| CVE-2025-53136 | NT OS Kernel Information Disclosure Vulnerability |
| CVE-2025-53137 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
| CVE-2025-53138 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability |
| CVE-2025-53140 | Windows Kernel Transaction Manager Elevation of Privilege Vulnerability |
| CVE-2025-53141 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
| CVE-2025-53142 | Microsoft Brokering File System Elevation of Privilege Vulnerability |
| CVE-2025-53143 | Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability |
| CVE-2025-53144 | Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability |
| CVE-2025-53145 | Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability |
| CVE-2025-53147 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
| CVE-2025-53148 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability |
| CVE-2025-53149 | Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability |
| CVE-2025-53151 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2025-53152 | Desktop Windows Manager Remote Code Execution Vulnerability |
| CVE-2025-53153 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability |
| CVE-2025-53154 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
| CVE-2025-53155 | Windows Hyper-V Elevation of Privilege Vulnerability |
| CVE-2025-53156 | Windows Storage Port Driver Information Disclosure Vulnerability |
| CVE-2025-53716 | Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability |
| CVE-2025-53718 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
| CVE-2025-53719 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability |
| CVE-2025-53720 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| CVE-2025-53721 | Windows Connected Devices Platform Service Elevation of Privilege Vulnerability |
| CVE-2025-53722 | Windows Remote Desktop Services Denial of Service Vulnerability |
| CVE-2025-53723 | Windows Hyper-V Elevation of Privilege Vulnerability |
| CVE-2025-53724 | Windows Push Notifications Apps Elevation of Privilege Vulnerability |
| CVE-2025-53725 | Windows Push Notifications Apps Elevation of Privilege Vulnerability |
| CVE-2025-53726 | Windows Push Notifications Apps Elevation of Privilege Vulnerability |
| CVE-2025-53789 | Windows StateRepository API Server file Elevation of Privilege Vulnerability |
| Moderate severity | |
| CVE-2025-53779 | Windows Kerberos Elevation of Privilege Vulnerability |
365 (16 CVEs)
| Critical severity | |
| CVE-2025-53731 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2025-53733 | Microsoft Word Remote Code Execution Vulnerability |
| CVE-2025-53740 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2025-53774 | Microsoft 365 Copilot BizChat Information Disclosure Vulnerability |
| CVE-2025-53784 | Microsoft Word Remote Code Execution Vulnerability |
| CVE-2025-53787 | Microsoft 365 Copilot BizChat Information Disclosure Vulnerability |
| Important severity | |
| CVE-2025-53730 | Microsoft Office Visio Remote Code Execution Vulnerability |
| CVE-2025-53734 | Microsoft Office Visio Remote Code Execution Vulnerability |
| CVE-2025-53735 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-53736 | Microsoft Word Information Disclosure Vulnerability |
| CVE-2025-53737 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-53738 | Microsoft Word Remote Code Execution Vulnerability |
| CVE-2025-53739 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-53741 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-53759 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-53761 | Microsoft EnergyPoint Remote Code Execution Vulnerability |
Office (16 CVEs)
| Critical severity | |
| CVE-2025-53731 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2025-53733 | Microsoft Word Remote Code Execution Vulnerability |
| CVE-2025-53740 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2025-53766 | GDI+ Remote Code Execution Vulnerability |
| CVE-2025-53784 | Microsoft Word Remote Code Execution Vulnerability |
| Important severity | |
| CVE-2025-53730 | Microsoft Office Visio Remote Code Execution Vulnerability |
| CVE-2025-53732 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2025-53734 | Microsoft Office Visio Remote Code Execution Vulnerability |
| CVE-2025-53735 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-53736 | Microsoft Word Information Disclosure Vulnerability |
| CVE-2025-53737 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-53738 | Microsoft Word Remote Code Execution Vulnerability |
| CVE-2025-53739 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-53741 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-53759 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-53761 | Microsoft EnergyPoint Remote Code Execution Vulnerability |
Azure (7 CVEs)
| Critical severity | |
| CVE-2025-49707 | Azure Virtual Machines Spoofing Vulnerability |
| CVE-2025-53767 | Azure OpenAI Elevation of Privilege Vulnerability |
| CVE-2025-53781 | Azure Virtual Machines Information Disclosure Vulnerability |
| CVE-2025-53792 | Azure Portal Elevation of Privilege Vulnerability |
| CVE-2025-53793 | Azure Stack Hub Information Disclosure Vulnerability |
| Important severity | |
| CVE-2025-53729 | Microsoft Azure File Sync Elevation of Privilege Vulnerability |
| CVE-2025-53765 | Azure Stack Hub Information Disclosure Vulnerability |
SQL (6 CVEs)
| Critical severity | |
| CVE-2025-24999 | Microsoft SQL Server Elevation of Privilege Vulnerability |
| CVE-2025-48807 | Microsoft SQL Server Remote Code Execution Vulnerability |
| Important severity | |
| CVE-2025-47954 | Microsoft SQL Server Elevation of Privilege Vulnerability |
| CVE-2025-49758 | Microsoft SQL Server Elevation of Privilege Vulnerability |
| CVE-2025-49759 | Microsoft SQL Server Elevation of Privilege Vulnerability |
| CVE-2025-53727 | Microsoft SQL Server Elevation of Privilege Vulnerability |
Exchange (5 CVEs)
| Important severity | |
| CVE-2025-25005 | Microsoft Exchange Server Tampering Vulnerability |
| CVE-2025-25006 | Microsoft Exchange Server Spoofing Vulnerability |
| CVE-2025-25007 | Microsoft Exchange Server Spoofing Vulnerability |
| CVE-2025-33051 | Microsoft Exchange Server Information Disclosure Vulnerability |
| CVE-2025-53786 | Microsoft Exchange Server Hybrid Deployment Elevation of Privilege Vulnerability |
Excel (4 CVEs)
| Important severity | |
| CVE-2025-53735 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-53737 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-53739 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-53741 | Microsoft Excel Remote Code Execution Vulnerability |
SharePoint (4 CVEs)
| Critical severity | |
| CVE-2025-53733 | Microsoft Word Remote Code Execution Vulnerability |
| Important severity | |
| CVE-2025-49712 | Microsoft SharePoint Remote Code Execution Vulnerability |
| CVE-2025-53736 | Microsoft Word Information Disclosure Vulnerability |
| CVE-2025-53760 | Microsoft SharePoint Elevation of Privilege Vulnerability |
Word (3 CVEs)
| Critical severity | |
| CVE-2025-53733 | Microsoft Word Remote Code Execution Vulnerability |
| Important severity | |
| CVE-2025-53736 | Microsoft Word Information Disclosure Vulnerability |
| CVE-2025-53738 | Microsoft Word Remote Code Execution Vulnerability |
Dynamics 365 (2 CVEs)
| Important severity | |
| CVE-2025-49745 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability |
| CVE-2025-53728 | Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability |
EnergyPoint (1 CVE)
| Important severity | |
| CVE-2025-53761 | Microsoft EnergyPoint Remote Code Execution Vulnerability |
Teams (1 CVE)
| Important severity | |
| CVE-2025-53783 | Microsoft Teams Remote Code Execution Vulnerability |
Visual Studio (1 CVE)
| Important severity | |
| CVE-2025-53773 | GitHub Copilot and Visual Studio Remote Code Execution Vulnerability |
Web Deploy (1 CVE)
| Important severity | |
| CVE-2025-53772 | Web Deploy Remote Code Execution Vulnerability |
Windows Security App (1 CVE)
| Important severity | |
| CVE-2025-53769 | Windows Security App Spoofing Vulnerability |
Windows Subsystem for Linux (WSL2) (1 CVE)
| Important severity | |
| CVE-2025-53788 | Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability |
Appendix D: Advisories and Other Products
There are 10 Edge-related advisories in August’s launch, all however two of which originated exterior Microsoft.
| CVE-2025-8576 | Chromium: CVE-2025-8576 Use after free in Extensions |
| CVE-2025-8577 | Chromium: CVE-2025-8577 Inappropriate implementation in Picture In Picture |
| CVE-2025-8578 | Chromium: CVE-2025-8578 Use after free in Cast |
| CVE-2025-8579 | Chromium: CVE-2025-8579 Inappropriate implementation in Gemini Live in Chrome |
| CVE-2025-8580 | Chromium: CVE-2025-8580 Inappropriate implementation in Filesystems |
| CVE-2025-8581 | Chromium: CVE-2025-8581 Inappropriate implementation in Extensions |
| CVE-2025-8582 | Chromium: CVE-2025-8582 Insufficient validation of untrusted enter in DOM |
| CVE-2025-8583 | Chromium: CVE-2025-8583 Inappropriate implementation in Permissions |
| CVE-2025-49736 | Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability |
| CVE-2025-49755 | Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability |
In addition, eight of CVEs seem on this month’s Patch Tuesday info solely to guarantee the general public that they’ve already been mitigated, whether or not as a part of the conventional course of cloud enterprise or (within the case of two Windows patches) as a part of final month’s patch assortment, although they had been unnamed in that launch. Since this month’s CVSS 10.0 CVE is amongst these eight, we’re itemizing these right here with their CVE, title, affect, severity, and CVSS base rating.
| CVE-2025-48807 | Microsoft SQL Server Remote Code Execution Vulnerability | Remote Code Execution | Critical | 7.5 |
| CVE-2025-49707 | Azure Virtual Machines Spoofing Vulnerability | Spoofing | Critical | 7.9 |
| CVE-2025-53767 | Azure OpenAI Elevation of Privilege Vulnerability | Elevation of Privilege | Critical | 10.0 |
| CVE-2025-53774 | Microsoft 365 Copilot BizChat Information Disclosure Vulnerability | Information Disclosure | Critical | 6.5 |
| CVE-2025-53781 | Azure Virtual Machines Information Disclosure Vulnerability | Information Disclosure | Critical | 7.7 |
| CVE-2025-53787 | Microsoft 365 Copilot BizChat Information Disclosure Vulnerability | Information Disclosure | Critical | 8.2 |
| CVE-2025-53789 | Windows StateRepository API Server file Elevation of Privilege Vulnerability | Elevation of Privilege | Important | 7.8 |
| CVE-2025-53792 | Azure Portal Elevation of Privilege Vulnerability | Elevation of Privilege | Critical | 9.1 |
There had been no Adobe advisories included within the August launch.
Appendix E: Affected Windows Server variations
This is a desk of the 66 CVEs within the August launch affecting Windows Server variations 2008 via 2025. CVE-2025-48807 and CVE-2025-53789, the 2 CVEs that shipped in July however had been overlooked of the official info final month as talked about above, are included right here. The desk differentiates amongst main variations of the platform however doesn’t go into deeper element (eg., Server Core). Critical-severity points are marked in purple; an “x” signifies that the CVE doesn’t apply to that model. Administrators are inspired to make use of this appendix as a place to begin to determine their particular publicity, as every reader’s state of affairs, particularly because it considerations merchandise out of mainstream assist, will differ. For particular Knowledge Base numbers, please seek the advice of Microsoft.
| CVE | S-08 | 8r2 | S-12 | 12r2 | S-16 | S-19 | S-22 | 23h2 | S-25 |
| CVE-2025-48807 | × | × | × | × | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-49743 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-49751 | × | × | × | × | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-49757 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-49761 | × | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-49762 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-50153 | × | ■ | ■ | ■ | ■ | ■ | ■ | × | × |
| CVE-2025-50154 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-50155 | × | × | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-50156 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-50157 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-50158 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-50159 | × | × | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-50160 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-50161 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-50162 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-50163 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-50164 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-50165 | × | × | × | × | × | × | × | × | ■ |
| CVE-2025-50166 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-50167 | × | × | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-50168 | × | × | × | × | × | × | × | ■ | ■ |
| CVE-2025-50169 | × | × | × | × | × | × | × | × | ■ |
| CVE-2025-50170 | × | × | × | × | × | ■ | ■ | ■ | ■ |
| CVE-2025-50171 | × | × | × | × | × | × | ■ | ■ | ■ |
| CVE-2025-50172 | × | × | × | × | × | ■ | ■ | ■ | ■ |
| CVE-2025-50173 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-50176 | × | × | × | × | × | × | ■ | ■ | ■ |
| CVE-2025-50177 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-53131 | × | × | × | × | × | ■ | ■ | ■ | ■ |
| CVE-2025-53132 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-53133 | × | × | × | × | × | × | × | × | ■ |
| CVE-2025-53134 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-53135 | × | × | × | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-53136 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-53137 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-53138 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-53140 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-53141 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-53142 | × | × | × | × | × | × | × | ■ | ■ |
| CVE-2025-53143 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-53144 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-53145 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-53147 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-53148 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-53149 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-53151 | × | × | × | × | × | ■ | ■ | ■ | ■ |
| CVE-2025-53152 | × | ■ | ■ | ■ | ■ | ■ | ■ | × | × |
| CVE-2025-53153 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-53154 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-53155 | × | × | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-53156 | × | × | × | × | × | × | × | ■ | ■ |
| CVE-2025-53716 | × | × | × | × | × | ■ | ■ | ■ | ■ |
| CVE-2025-53718 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-53719 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-53720 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-53721 | × | × | × | × | × | ■ | ■ | ■ | ■ |
| CVE-2025-53722 | × | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-53723 | × | × | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-53724 | × | × | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-53725 | × | × | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-53726 | × | × | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-53766 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-53778 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-53779 | × | × | × | × | × | × | × | × | ■ |
| CVE-2025-53789 | × | × | × | × | ■ | ■ | ■ | ■ | ■ |