Microsoft’s March 2025 Patch Tuesday Addresses 57 Vulnerabilities, Including 7 Critical Zero-Day Flaws

Microsoft has released its March 2025 Patch Tuesday updates, resolving a total of 57 security vulnerabilities affecting various products, including Windows, Office, Remote Desktop Services, and more. As reported by Bleeping Computer, among these vulnerabilities are seven critical zero-day flaws—six of which were actively exploited in the wild prior to the patch release.

March 2025 Patch Tuesday Highlights

• Total Vulnerabilities Fixed: 57
• Critical Vulnerabilities: 7 zero-days (6 actively exploited)
• Affected Products: Windows OS versions, Microsoft Office, Remote Desktop Services, Windows DNS Server, Windows Subsystem for Linux (WSL), and Microsoft Management Console (MMC).

Actively Exploited Zero-Day Vulnerabilities

Microsoft identified seven zero-day vulnerabilities in this month’s security release. Six of these were actively exploited by attackers:

1. CVE-2025-24983 (Win32 Kernel Elevation of Privilege): A race condition vulnerability allowing local attackers to escalate privileges to SYSTEM level. Exploited actively in targeted attacks.
2. CVE-2025-24991 & CVE-2025-24984 (Windows NTFS Information Disclosure): These vulnerabilities allow attackers with physical access to exploit malicious USB drives or virtual hard disk (VHD) files to disclose sensitive data from system memory.
3. CVE-2025-26630 (Microsoft Access Remote Code Execution): A publicly disclosed flaw stemming from a use-after-free memory issue enabling remote code execution attacks via specially crafted Access files.
4. CVE-2025-24985 (Windows Fast FAT File System Driver Integer Overflow): Attackers can exploit this vulnerability by tricking users into mounting malicious VHD files, potentially executing arbitrary code remotely.
5. CVE-2025-24993 (Windows NTFS Heap-Based Buffer Overflow): Allows remote attackers to execute arbitrary code through maliciously crafted VHD files.
6. CVE-2025-26633 (Microsoft Management Console Security Feature Bypass): Enables attackers to bypass security restrictions by convincing users to interact with malicious MMC (.msc) files, potentially gaining unauthorized administrative access.

Recommendations for Users and Administrators

Due to the severity and active exploitation of these vulnerabilities, cybersecurity experts strongly recommend immediate patching:

1. Apply updates immediately: Install the March 2025 security updates promptly through Windows Update or via Microsoft’s official update channels.
2. Monitor suspicious activity: Remain vigilant against phishing attempts involving malicious attachments such as VHD or MMC (.msc) files.
3. Prioritize older systems: Pay special attention to older versions of Windows like Windows 8.1 and Server 2012 R2, as these have been explicitly targeted by exploits.
4. Follow official advisories: Regularly check Microsoft’s official security advisories and guidance from cybersecurity agencies like CISA for further recommendations.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has mandated that federal agencies apply these patches no later than April 1, 2025, underscoring the urgency of immediate remediation efforts.

Below is the complete list of resolved vulnerabilities in the March 2025 Patch Tuesday updates.

Stay tuned to msftnewsnow.com for continued coverage on Microsoft‘s security updates and related developments.

Related Posts

1. Microsoft issues largest security update in years for Patch Tuesday January 2025, patches 3 critical zero-day vulnerabilities
2. Microsoft releases critical October 2024 Patch Tuesday update, patching 118 security flaws and 2 crucial zero-days
3. September 2024 Patch Tuesday preview: What to expect from Microsoft’s latest security updates to squash bugs
4. Microsoft releases critical security updates for Office products, including SharePoint Server and Outlook in July 2024 Patch Tuesday
5. Microsoft releases June 2024 Patch Tuesday cumulative updates KB5039212, KB5039213, and KB5039211 on Windows 11 and Windows 10