The Microsoft Patch Day in August 2025 is considered the most extensive in five years – and is also a real wake-up call for medium-sized companies. A total of 111 vulnerabilities were closed, 12 of which were classified as critical. This Patch Day is particularly relevant for medium-sized companies, as two widely used enterprise solutions are affected: Microsoft SharePoint and Exchange. For many companies, this means there is an urgent need for action.
One of the biggest threats currently comes from the “ToolShell” vulnerability in Microsoft SharePoint. This is a classic zero-day vulnerability that is already being exploited before companies have even had a chance to protect themselves with updates. Attackers can use this vulnerability to infiltrate systems and gradually expand their permissions. What makes this particularly critical is that SharePoint is used in many companies as a central platform for projects, teamwork, and the exchange of sensitive data. Thousands of servers worldwide are affected, including numerous installations in Germany. For companies, this means that not only internal communications but also confidential customer information and project documentation could fall into the wrong hands.
The risk is significant for companies that rely on hybrid email infrastructures. The Exchange Hybrid vulnerability allows attackers to move directly from a local Exchange server to the Exchange Online cloud environment – an ideal starting point for stealing sensitive emails or even taking over entire user identities. For companies that use hybrid scenarios, this can have serious consequences: from compromised communications to identity fraud with far-reaching consequences.
Why vulnerability management is so challenging for medium-sized companies
But why do medium-sized companies in particular find consistent patch and vulnerability management so difficult? The answer usually lies in their structure: in recent years, many companies have built up complex mixed environments consisting of on-premise systems, hybrid setups, and cloud services. This diversity makes it difficult to keep track of risks and necessary updates at all times. Added to this is the budgetary reality in medium-sized companies. Scarce human and financial resources often prevent the formation of specialized security teams. Even if the infrastructure is monitored technically, there is often a lack of expertise to correctly assess the urgency of individual vulnerabilities.
The consequences in an emergency are serious: data loss, production downtime, or compliance violations that can lead to heavy penalties. That is precisely why it is crucial to address security gaps systematically rather than reactively and to set clear, risk-based priorities – an ongoing vulnerability and patch management program can help with this.
How to implement vulnerability management effectively
To ensure that the right measures are taken even under pressure, a clear framework for action is helpful:
- Prioritization
Keep an eye on patch days and immediately close critical gaps such as zero-days or those with a CVSS score* of 7.0 or higher. The assessment becomes even more effective when additional context is taken into account: How business-critical is the affected application? Are there already publicly available exploits? Modern vulnerability management solutions such as Rapid7 InsightVM make it possible to include such factors in the scoring and thus make more informed decisions.
*The CVSS (Common Vulnerability Scoring System) is an internationally accepted standard for assessing the severity of a security vulnerability. It ranges from 0 (barely relevant) to 10 (maximum critical). A high CVSS score indicates that the vulnerability is easily exploitable or can have particularly serious consequences – therefore, such vulnerabilities always have top priority.
- Focus on hybrid environments
Systems such as Exchange or SharePoint, which form bridges between local networks and the cloud, are particularly at risk.
- Continuous monitoring
Vulnerability management is not a one-time project—as new vulnerabilities are constantly being discovered, regular analyses are crucial to maintaining long-term security. Reliable vulnerability management solutions such as Rapid7 InsightVM can also help in this respect.
- Combination of tools and expertise
Automated vulnerability scans are valuable, but only reveal their full potential when combined with expert assessments.
- Use managed services
External specialists reduce the workload on internal teams and ensure greater predictability and stability.
Tailored Vulnerability Management
Medium-sized companies need solutions that are both pragmatic and scalable. Possehl Secure has developed three tiered service packages to provide companies with exactly the support they need.
Simple Vulnerability Management
For companies that want to take the first step toward structured vulnerability management: internal scanning and management with tools such as Rapid7 InsightVM or Defender for Endpoint VM, supplemented by automated reporting on a weekly or monthly basis. Possehl Secure helps you select the right tools and implement them.
Package
#1
Package
#2
Extended Vulnerability Management
For businesses with a higher threat level or more complex environments: In addition to internal scans, external attack surfaces are also monitored. The team of experts at Possehl Secure also provides support with remediation – from risk assessments to specific recommendations for countermeasures.
Comprehensive Vulnerability Management
For companies that require maximum transparency and security: This package builds on the services offered in Package #2 and expands them to include in-depth analyses in Active Directory and regular MS 365 vulnerability analyses (CIS-based). Both are performed on a quarterly basis and provide companies with a comprehensive overview of security-related vulnerabilities in their central platforms.
Package
#3
Conclusion: Act proactively – don't give attackers any opportunities
The August 2025 patch day clearly shows how vulnerable even widely used enterprise platforms such as SharePoint and Exchange are. Companies should first and foremost check immediately whether their systems are affected and install the security updates provided. With structured vulnerability management – tailored to their own resources and risks – they can then continuously reduce their attack surface in the long term.
Contact Possehl Secure for tailored vulnerability management and make your IT more resilient to current and future threats.
More about Vulnerability Management
Status: September 1, 2025