SharePoint RCE, Adobe 0-Days & The Remote Wipe from Hell | Patch Tuesday Support Group August 2025

Still running SharePoint on-prem? Pour one out. Adobe Forms just dropped back-to-back zero-days, WinRAR’s back at it again, and your remote wipes… might not wipe at all. Welcome to Patch Tuesday.

This isn’t your average Patch Tuesday. It’s an all-out triage.

In this month’s episode of the Patch Tuesday Support Group, we unpack:

• SharePoint RCE (CVE-2025-53770) Easily exploited, deserializes creds, lets attackers run wild. Fix it yesterday.

• Adobe AEM Forms 0-Days. Just dropped (CVE-2025-54253 & 54254), affecting organizations using fillable PDFs/forms.

• Windows 11 24H2 + ConfigMgr Bug. Patches failing to deploy unless manually imported.

• Intune Remote Wipe Fails. Devices become unmanaged zombies due to outdated WinRE.

• WinRAR Vulnerability (again). Directory traversal returns. Users = exposed.

• Citrix NetScaler Exploit. CISA gave agencies 24 hours to patch. Enough said.

• Dell Firmware, CrushFTP, Cisco ISE 10s. All got hit. All need attention.

• PowerShell 2.0 finally dead, but it still haunts vuln reports.

• Clorox hack drama, GitHub absorbed by Microsoft, and yes, AOL dial-up is officially dead.

Plus:
• Entra group source-of-truth migration
• Microsoft Connected Cache is finally GA
• Universal Print adds pull-printing
• New Intune features for macOS & app cleanup
• Microsoft sued over Windows 11 upgrades
• Goodbye Candy Crush bloat… maybe

Stay patched. Stay sane. And if you’re still using 123456 as a password… may the odds be ever in your favor.

0:00 – Welcome to Patch Tuesday Support Group
1:18 – August CVE Breakdown: By the Numbers
2:00 – SharePoint On-Prem RCE: The Big One
3:36 – Patch My PC Stats: 1,700+ Updates Released
4:55 – Adobe Experience Manager 0-Days
6:00 – ConfigMgr + Windows 11 24H2 Update Failures
8:00 – Exchange Hybrid Vuln + SharePoint Follow-Up
10:54 – Microsoft Store Apps Finally Updated in ISOs
13:20 – Dell ControlVault Firmware Exploit
14:44 – WinRAR Vulnerability (Again…)
16:10 – Citrix NetScaler Exploited Pre-Disclosure
17:55 – CrushFTP Remote Exploits
18:57 – UK Ransomware Policy Shift
20:32 – Cisco ISE and Exploit Fatigue
22:43 – Security Lowlights: McDonald’s and Clorox
25:15 – Entra Group Sync Migration + Conditional Access for On-Prem
30:04 – Microsoft Connected Cache Now GA
33:32 – Windows 365 Reserve: Temporary Cloud PCs
34:59 – Universal Print Adds Pull Printing
35:41 – GitHub Is Now Officially Microsoft
36:06 – PowerShell 2.0 Removed from Future Builds
37:34 – Lawsuits & Laughter: Windows 11 Complaints + AOL Dial-Up Dies
39:24 – Intune for Mac & Script Management Permissions
40:26 – Broken Remote Wipe in Intune + WinRE Mismatch
46:13 – App Cleanup in Windows 11 24H2: Candy Crush Edition
52:48 – Wrap-Up + Chat Q&A

#PatchTuesday #Cybersecurity #CVE #ZeroDay #SharePoint #AdobeExperienceManager #Windows11 #Intune #ConfigMgr #Autopilot #WinRE #Citrix #CrushFTP #WinRAR #Dell #Cisco #EndpointSecurity #PatchManagement #SysAdmin #PatchMyPC