Microsoft's Windows 11 Update: 107 Vulnerabilities Fixed, Including Critical Zero-Day

On August 12, 2025, Microsoft released a comprehensive security update for Windows 11, version 24H2 (OS Build 26100.4946), addressing 107 vulnerabilities, including a critical zero-day flaw in Windows Kerberos. This update also introduces several new features aimed at enhancing system resilience and user experience.

The update resolves 107 security flaws, with 13 classified as critical. Among these, nine are remote code execution vulnerabilities, three are information disclosure issues, and one is an elevation of privilege vulnerability. Notably, the update fixes a publicly disclosed zero-day vulnerability in Windows Kerberos:

  • CVE-2025-53779 – Windows Kerberos Elevation of Privilege Vulnerability: This flaw allows an authenticated attacker to gain domain administrator privileges by exploiting specific attributes in Active Directory. The vulnerability, discovered by Akamai researcher Yuval Gordon, involves manipulating the msds-groupMSAMembership and msds-ManagedAccountPrecededByLink attributes to escalate privileges. While exploitation requires prior elevated access, successful exploitation could lead to full domain compromise.

In addition to security patches, the update introduces several new features:

  • Quick Machine Recovery (QMR): Designed to reduce downtime from boot failures, QMR enables systems to connect to Microsoft's servers, upload diagnostic data, and receive targeted fixes. This feature is enabled by default for Windows 11 Home users and can be configured manually on Pro editions.

  • AI-Powered Settings Agent: On Copilot+ PCs, the Settings app now includes an AI assistant that suggests relevant settings based on user queries, enhancing user experience through natural language processing.

  • Recall Enhancements: Users in the European Economic Area (EEA) can now export their Recall data to share with third-party applications. Additionally, a reset option allows users to delete all stored snapshots and reset settings.

  • Snap Layouts Inline Descriptions: The Snap Layouts feature now includes inline instructional text to guide users in arranging windows on their screens more effectively.

  • Gamepad Touch Keyboard Layout with PIN Sign-In Support: The touch keyboard's gamepad layout has been expanded to support PIN sign-in, facilitating easier login for users utilizing game controllers.

These updates aim to enhance system security, user experience, and resilience. For detailed information, refer to Microsoft's official release notes.

Tags: #microsoft, #windows11, #security, #update, #technology

πŸ“š Read more in Technology