Microsoft Security

March 2025 Patch Tuesday: Microsoft Fixes 57 Vulnerabilities, Including 7 Zero-Days

/ by Corentin C | Leave a comment

microsoft-patch-tuesday

March 2025’s Patch Tuesday has arrived, and it’s a significant one. On Tuesday, March 11, Microsoft released security updates addressing 57 vulnerabilities, including seven zero-day flawssix of which are already being actively exploited in the wild. If you’re a Windows admin or security-conscious user, now’s the time to update your systems.

Let’s break down the key points and what you should watch out for.

🔢 Patch Summary at a Glance

Here’s the breakdown of the 57 vulnerabilities fixed this month:

  • 🛡️ 23 Elevation of Privilege vulnerabilities
  • 🔐 23 Remote Code Execution (RCE) vulnerabilities
  • 🚫 3 Security Feature Bypass flaws
  • 🔍 4 Information Disclosure bugs
  • ❌ 1 Denial of Service (DoS) vulnerability
  • 🎭 3 Spoofing vulnerabilities

Additionally, six vulnerabilities are classified as “Critical”, all of which are Remote Code Execution issues. These include flaws in:

  • Microsoft Office – CVE-2025-24057
  • Remote Desktop Client – CVE-2025-26645
  • DNS Server Role (Windows Server) – CVE-2025-24064
  • Remote Desktop Services (RDS) – CVE-2025-24035 & CVE-2025-24045
  • Windows Subsystem for Linux (WSL) – CVE-2025-24084

⚠️ Spotlight on the 7 Zero-Day Vulnerabilities

Of the seven zero-day flaws, six are already being exploited by threat actors in active campaigns. These flaws affect various Windows components, including the NTFS file system, Win32 kernel subsystem, and Microsoft Management Console.

CVE-2025-24983 – Win32 Kernel Subsystem (Elevation of Privilege)

This is one of the most critical zero-days this month, enabling local attackers to escalate privileges to SYSTEM by exploiting a race condition in the Win32 kernel. Discovered by Filip Jurčacko from ESET, it doesn’t affect Windows 11 or versions newer than Windows Server 2016.

CVE-2025-24984 – Windows NTFS (Information Disclosure)

This vulnerability can be triggered through a malicious USB drive, potentially leaking portions of heap memory. It affects all modern versions of Windows 10, 11, and Server.

CVE-2025-24985 – Windows Fast FAT (Remote Code Execution)

Though technically labeled RCE, this flaw requires local access, such as tricking a user into mounting a malicious VHD file. The attack targets the Fast FAT driver and is particularly dangerous in environments where users frequently interact with removable storage or virtual drives.

CVE-2025-24991 & CVE-2025-24993 – More NTFS Zero-Days

Two additional NTFS-related zero-days also made the list. One enables information disclosure (similar to CVE-2025-24984), and the other leads to remote code execution via heap-based buffer overflow, again triggered via malicious VHD files. These bugs reinforce the importance of handling VHDs with caution.

CVE-2025-26633 – Microsoft Management Console

Discovered by Aliakbar Zahravi at Trend Micro, this flaw in MMC (.msc files) allows attackers to craft malicious files and deliver them via email or messaging platforms. Execution requires user interaction, but the impact can be significant.

CVE-2025-26630 – Microsoft Access

Although not actively exploited, this publicly disclosed vulnerability in Microsoft Access can allow arbitrary code execution if a user opens a malicious file. It impacts versions of Access in Office 2016 through Office 2024, and Microsoft 365 Apps for Enterprise.

🧠 What This Means for You

With six actively exploited vulnerabilities and several affecting core Windows components like NTFS and the kernel, this is not a Patch Tuesday to postpone. These zero-days demonstrate the continued focus of attackers on privilege escalation and local access exploitation, often through cleverly crafted files or physical access vectors like USB drives.

Admins and users should prioritize the following actions:

  1. Patch immediately, especially systems running Windows 10, 11, and Windows Server.
  2. Audit usage of VHD files and removable media to minimize potential attack surfaces.
  3. Educate users on avoiding suspicious attachments or unexpected USB devices.
  4. Monitor for abnormal system behavior that could hint at privilege escalation or memory exploitation.

📥 Final Thoughts

Microsoft’s March 2025 Patch Tuesday is a stark reminder of how fast the threat landscape evolves—and how critical timely patching remains. With vulnerabilities actively exploited in the wild, the window for defense is small.

Stay updated, stay secure.

https://support.microsoft.com/en-us/topic/march-11-2025-kb5053606-os-builds-19044-5608-and-19045-5608-8beab4af-42c8-4469-9273-d241597431c3

Have something to add or encountered an issue with this month’s patches? Drop a comment below or reach out to us on ToolsLib’s community forums.

🛠️ Stay tuned for our next Patch Tuesday breakdown in April 2025.

Stay Updated with ToolsLib! 🚀
Join our community to receive the latest cybersecurity tips, software updates, and exclusive insights straight to your inbox!

Tagged

You might also like

crypto eth coin

Bybit Hacked: Largest Crypto Theft in History

Bybit, one of the largest cryptocurrency exchanges, has been hacked for $1.46 billion in digital assets, marking the biggest crypto theft in history. The attackers exploited a vulnerability in the exchange’s multisignature wallet, siphoning funds through a masked transaction. Despite the massive loss, Bybit assures users that all funds remain 1:1 backed. Read more about the breach and its implications for the crypto industry.

Read more »

openssh

OpenSSH Vulnerabilities: CVE-2025-26465 and CVE-2025-26466

Two critical OpenSSH vulnerabilities have been discovered: a MitM attack (CVE-2025-26465) and a DoS attack (CVE-2025-26466). Learn how to protect your systems with recommended security measures.

Read more »

Microsoft Majorana 1

Microsoft Unveils Majorana 1: A Quantum Leap in Computing

Microsoft has unveiled the Majorana 1 chip, a groundbreaking quantum chip that utilizes a new Topological Core architecture. This innovation aims to enable quantum computers capable of solving significant industrial challenges in years rather than decades, leveraging topoconductors to produce stable and scalable qubits. With a vision to reach a million qubits, Microsoft is set to revolutionize industries from healthcare to materials science.

Read more »

Apple Security

Apple Releases Security Fixes in iOS 18.3.1 and iPadOS 18.3.1

Apple’s latest iOS 18.3.1 and iPadOS 18.3.1 updates fix a critical security flaw that could allow attackers to bypass USB Restricted Mode on locked devices. This vulnerability (CVE-2025-24200) has been exploited in targeted attacks. Learn why this update matters and how to secure your device.

Read more »

valve piratefi

PirateFi Malware Incident: A Warning to Steam Gamers

Valve has warned Steam users about PirateFi, a recently released game that was found to contain malware. The malicious files aimed to steal browser cookies, leading to account hijacking. Learn what happened and how to stay safe. Valve has recently issued a security alert to Steam users regarding a newly released game, PirateFi, which was found to contain malware. This alarming discovery has raised concerns among gamers, emphasizing the importance of vigilance when downloading and launching games from digital platforms.

Read more »

Microsoft Deepseek R1

DeepSeek R1: Microsoft’s Strategic Move in AI Beyond OpenAI

Microsoft has added DeepSeek R1 to its Azure AI Foundry, offering a cost-effective and high-performance AI model. With local execution support on Copilot+ PCs and growing security concerns, this move signals Microsoft's shift towards AI diversification beyond OpenAI.

Read more »

Apple Security

Apple Faces UK Government Demand for Encrypted iCloud Backdoor

Apple is facing pressure from the UK government to create a backdoor for encrypted iCloud backups under the Investigatory Powers Act. If implemented, this could compromise global user privacy and set a dangerous precedent for digital security.

Read more »

FMRS Furtivex Malware Removal Script

Welcoming Furtivex Malware Removal Script to ToolsLib!

We’re excited to welcome Furtivex Malware Removal Script to ToolsLib! This free, portable malware scanner provides aggressive threat removal, system integrity checks, and comprehensive logging. Download it today and boost your security!

Read more »

February 2025 Patch Tuesday: Office Updates and Microsoft 365 Changes

February 2025's Patch Tuesday brings important updates for Office and Microsoft 365, including retirements, new features, and security enhancements. Stay ahead by understanding what’s changing and how these updates impact your workflow.

Read more »

Apple Zeroday

Apple Releases Critical Security Updates to Patch Actively Exploited Zero-Day Vulnerability

Apple has issued critical security updates to address a zero-day vulnerability (CVE-2025-24085) impacting iOS and other Apple devices. The flaw, actively exploited in the wild, allows attackers to take control of vulnerable devices through malicious apps. Learn how to safeguard your Apple devices by installing the latest updates immediately.

Read more »

deepseek website

DeepSeek AI Leak: Security Lapse Exposes Over a Million Log Entries, API Keys, and Chat Data

Chinese AI startup DeepSeek suffered a major security breach after leaving a ClickHouse database publicly accessible, exposing over a million log entries, API keys, and chat history. Security researchers warned that attackers could have accessed internal data, executed SQL queries, and escalated privileges. This incident highlights the critical risks of poor AI security practices, especially as DeepSeek faces growing scrutiny over privacy concerns and potential misuse of OpenAI’s API.

Read more »

deepseek website

DeepSeek Faces Massive Cyberattack

DeepSeek, the Chinese AI app that recently overtook ChatGPT in App Store downloads, is under attack. Facing a large-scale cyberattack, the platform has limited new user registrations but remains accessible to existing users. This incident underscores growing cybersecurity risks in the AI industry amidst DeepSeek's rapid rise and global impact.

Read more »

To top

Table of Contents

Index