Microsoft April 2025 Patch Tuesday: Critical Updates Fixing 134 Vulnerabilities, Including a Zero-Day Exploit CVE-2025-29824

Microsoft April 2025 Patch Tuesday: Critical Updates Fixing 134 Vulnerabilities, Including a Zero-Day Exploit CVE-2025-29824

User avatar placeholder
Written by Dave W. Shanahan

April 9, 2025

Microsoft has released its April 2025 Patch Tuesday updates, marking one of the most significant security releases of the year. This month’s update addresses 134 vulnerabilities across its software ecosystem, including one actively exploited zero-day vulnerability. As reported by BleepingComputer, theses patches span multiple categories, with 11 critical flaws that demand immediate attention from system administrators and users alike.

See also: Microsoft’s March 2025 Patch Tuesday Addresses 57 Vulnerabilities, Including 7 Critical Zero-Day Flaws

Microsoft April 2025 Patch Tuesday updates

Microsoft April 2025 Patch Tuesday: Critical Updates Fixing 134 Vulnerabilities, Including a Zero-Day Exploit CVE-2025-29824

1. Zero-Day Exploit (CVE-2025-29824)

The most concerning vulnerability is CVE-2025-29824, an elevation of privilege flaw in the Windows Common Log File System (CLFS) driver. This issue stems from improper memory handling, allowing attackers to gain SYSTEM-level privileges without requiring administrative access. Cybersecurity experts warn that this vulnerability is particularly dangerous in post-compromise scenarios, enabling attackers to maintain persistence and move laterally across networks.

2. Critical Vulnerabilities

Microsoft patched 31 remote code execution (RCE) vulnerabilities, including:

  1. CVE-2025-26663: LDAP RCE Vulnerability
  2. CVE-2025-27745: Microsoft Office RCE Vulnerability
  3. CVE-2025-27480: Remote Desktop Services RCE Vulnerability

These flaws could allow attackers to execute malicious code remotely, posing significant risks to unpatched systems.

3. Quality Updates for Windows

The update includes non-security improvements:

  1. Windows 11 KB5055523 enhances machine password rotation and AI-powered features like Windows Search.
  2. Updates for Windows 10 KB5055518 are delayed but expected soon. Download the update manually from the Microsoft Update Catalog.

4. Breakdown of Vulnerabilities

The vulnerabilities addressed in this update span several categories:

  1. Elevation of Privilege: 49 vulnerabilities
  2. Remote Code Execution: 31 vulnerabilities
  3. Information Disclosure: 17 vulnerabilities
  4. Denial of Service: 14 vulnerabilities
  5. Security Feature Bypass: 9 vulnerabilities
  6. Spoofing: 3 vulnerabilities.

Why These April 2025 Patch Tuesday Updates Matter

The actively exploited zero-day vulnerability highlights the urgency of applying these April 2025 Patch Tuesday updates. Attackers leveraging CVE-2025-29824 can escalate permissions beyond initial access levels, enabling them to install malware, modify system settings, or access sensitive data. Furthermore, the critical RCE flaws in widely used components like Microsoft Office and Remote Desktop Services underscore the importance of securing enterprise environments.

Microsoft’s April 2025 Patch Tuesday updates serve as a reminder of the ever-evolving threat landscape in cybersecurity. With over a hundred vulnerabilities addressed—including an actively exploited zero-day—this update is crucial for maintaining system integrity and protecting sensitive data.

Below is the complete list of resolved vulnerabilities in the April 2025 Patch Tuesday updates.

Tag CVE ID CVE Title Severity
Active Directory Domain Services CVE-2025-29810 Active Directory Domain Services Elevation of Privilege Vulnerability Important
ASP.NET Core CVE-2025-26682 ASP.NET Core and Visual Studio Denial of Service Vulnerability Important
Azure Local CVE-2025-27489 Azure Local Elevation of Privilege Vulnerability Important
Azure Local Cluster CVE-2025-26628 Azure Local Cluster Information Disclosure Vulnerability Important
Azure Local Cluster CVE-2025-25002 Azure Local Cluster Information Disclosure Vulnerability Important
Azure Portal Windows Admin Center CVE-2025-29819 Windows Admin Center in Azure Portal Information Disclosure Vulnerability Important
Dynamics Business Central CVE-2025-29821 Microsoft Dynamics Business Central Information Disclosure Vulnerability Important
Microsoft AutoUpdate (MAU) CVE-2025-29800 Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability Important
Microsoft AutoUpdate (MAU) CVE-2025-29801 Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability Important
Microsoft Edge (Chromium-based) CVE-2025-3073 Chromium: CVE-2025-3073 Inappropriate implementation in Autofill Unknown
Microsoft Edge (Chromium-based) CVE-2025-3068 Chromium: CVE-2025-3068 Inappropriate implementation in Intents Unknown
Microsoft Edge (Chromium-based) CVE-2025-3074 Chromium: CVE-2025-3074 Inappropriate implementation in Downloads Unknown
Microsoft Edge (Chromium-based) CVE-2025-3067 Chromium: CVE-2025-3067 Inappropriate implementation in Custom Tabs Unknown
Microsoft Edge (Chromium-based) CVE-2025-3071 Chromium: CVE-2025-3071 Inappropriate implementation in Navigations Unknown
Microsoft Edge (Chromium-based) CVE-2025-3072 Chromium: CVE-2025-3072 Inappropriate implementation in Custom Tabs Unknown
Microsoft Edge (Chromium-based) CVE-2025-3070 Chromium: CVE-2025-3070 Insufficient validation of untrusted input in Extensions Unknown
Microsoft Edge (Chromium-based) CVE-2025-3069 Chromium: CVE-2025-3069 Inappropriate implementation in Extensions Unknown
Microsoft Edge (Chromium-based) CVE-2025-25000 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Important
Microsoft Edge (Chromium-based) CVE-2025-29815 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Important
Microsoft Edge (Chromium-based) CVE-2025-25001 Microsoft Edge for iOS Spoofing Vulnerability Low
Microsoft Edge (Chromium-based) CVE-2025-3066 Chromium: CVE-2025-3066 Use after free in Navigations Unknown
Microsoft Edge for iOS CVE-2025-29796 Microsoft Edge for iOS Spoofing Vulnerability Low
Microsoft Office CVE-2025-27745 Microsoft Office Remote Code Execution Vulnerability Critical
Microsoft Office CVE-2025-27744 Microsoft Office Elevation of Privilege Vulnerability Important
Microsoft Office CVE-2025-26642 Microsoft Office Remote Code Execution Vulnerability Important
Microsoft Office CVE-2025-29792 Microsoft Office Elevation of Privilege Vulnerability Important
Microsoft Office CVE-2025-29791 Microsoft Excel Remote Code Execution Vulnerability Critical
Microsoft Office CVE-2025-27748 Microsoft Office Remote Code Execution Vulnerability Critical
Microsoft Office CVE-2025-27746 Microsoft Office Remote Code Execution Vulnerability Important
Microsoft Office CVE-2025-27749 Microsoft Office Remote Code Execution Vulnerability Critical
Microsoft Office Excel CVE-2025-27751 Microsoft Excel Remote Code Execution Vulnerability Important
Microsoft Office Excel CVE-2025-27750 Microsoft Excel Remote Code Execution Vulnerability Important
Microsoft Office Excel CVE-2025-29823 Microsoft Excel Remote Code Execution Vulnerability Important
Microsoft Office Excel CVE-2025-27752 Microsoft Excel Remote Code Execution Vulnerability Critical
Microsoft Office OneNote CVE-2025-29822 Microsoft OneNote Security Feature Bypass Vulnerability Important
Microsoft Office SharePoint CVE-2025-29794 Microsoft SharePoint Remote Code Execution Vulnerability Important
Microsoft Office SharePoint CVE-2025-29793 Microsoft SharePoint Remote Code Execution Vulnerability Important
Microsoft Office Word CVE-2025-27747 Microsoft Word Remote Code Execution Vulnerability Important
Microsoft Office Word CVE-2025-29816 Microsoft Word Security Feature Bypass Vulnerability Important
Microsoft Office Word CVE-2025-29820 Microsoft Word Remote Code Execution Vulnerability Important
Microsoft Streaming Service CVE-2025-27471 Microsoft Streaming Service Denial of Service Vulnerability Important
Microsoft Virtual Hard Drive CVE-2025-26688 Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability Important
OpenSSH for Windows CVE-2025-27731 Microsoft OpenSSH for Windows Elevation of Privilege Vulnerability Important
Outlook for Android CVE-2025-29805 Outlook for Android Information Disclosure Vulnerability Important
Remote Desktop Client CVE-2025-27487 Remote Desktop Client Remote Code Execution Vulnerability Important
Remote Desktop Gateway Service CVE-2025-27482 Windows Remote Desktop Services Remote Code Execution Vulnerability Critical
Remote Desktop Gateway Service CVE-2025-27480 Windows Remote Desktop Services Remote Code Execution Vulnerability Critical
RPC Endpoint Mapper Service CVE-2025-26679 RPC Endpoint Mapper Service Elevation of Privilege Vulnerability Important
System Center CVE-2025-27743 Microsoft System Center Elevation of Privilege Vulnerability Important
Visual Studio CVE-2025-29802 Visual Studio Elevation of Privilege Vulnerability Important
Visual Studio CVE-2025-29804 Visual Studio Elevation of Privilege Vulnerability Important
Visual Studio Code CVE-2025-20570 Visual Studio Code Elevation of Privilege Vulnerability Important
Visual Studio Tools for Applications and SQL Server Management Studio CVE-2025-29803 Visual Studio Tools for Applications and SQL Server Management Studio Elevation of Privilege Vulnerability Important
Windows Active Directory Certificate Services CVE-2025-27740 Active Directory Certificate Services Elevation of Privilege Vulnerability Important
Windows BitLocker CVE-2025-26637 BitLocker Security Feature Bypass Vulnerability Important
Windows Bluetooth Service CVE-2025-27490 Windows Bluetooth Service Elevation of Privilege Vulnerability Important
Windows Common Log File System Driver CVE-2025-29824 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important
Windows Cryptographic Services CVE-2025-29808 Windows Cryptographic Services Information Disclosure Vulnerability Important
Windows Cryptographic Services CVE-2025-26641 Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability Important
Windows Defender Application Control (WDAC) CVE-2025-26678 Windows Defender Application Control Security Feature Bypass Vulnerability Important
Windows Digital Media CVE-2025-27730 Windows Digital Media Elevation of Privilege Vulnerability Important
Windows Digital Media CVE-2025-27467 Windows Digital Media Elevation of Privilege Vulnerability Important
Windows Digital Media CVE-2025-26640 Windows Digital Media Elevation of Privilege Vulnerability Important
Windows Digital Media CVE-2025-27476 Windows Digital Media Elevation of Privilege Vulnerability Important
Windows DWM Core Library CVE-2025-24074 Microsoft DWM Core Library Elevation of Privilege Vulnerability Important
Windows DWM Core Library CVE-2025-24073 Microsoft DWM Core Library Elevation of Privilege Vulnerability Important
Windows DWM Core Library CVE-2025-24058 Windows DWM Core Library Elevation of Privilege Vulnerability Important
Windows DWM Core Library CVE-2025-24062 Microsoft DWM Core Library Elevation of Privilege Vulnerability Important
Windows DWM Core Library CVE-2025-24060 Microsoft DWM Core Library Elevation of Privilege Vulnerability Important
Windows Hello CVE-2025-26635 Windows Hello Security Feature Bypass Vulnerability Important
Windows Hello CVE-2025-26644 Windows Hello Spoofing Vulnerability Important
Windows HTTP.sys CVE-2025-27473 HTTP.sys Denial of Service Vulnerability Important
Windows Hyper-V CVE-2025-27491 Windows Hyper-V Remote Code Execution Vulnerability Critical
Windows Installer CVE-2025-27727 Windows Installer Elevation of Privilege Vulnerability Important
Windows Kerberos CVE-2025-26647 Windows Kerberos Elevation of Privilege Vulnerability Important
Windows Kerberos CVE-2025-27479 Kerberos Key Distribution Proxy Service Denial of Service Vulnerability Important
Windows Kerberos CVE-2025-29809 Windows Kerberos Security Feature Bypass Vulnerability Important
Windows Kernel CVE-2025-26648 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Kernel CVE-2025-27739 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Kernel Memory CVE-2025-29812 DirectX Graphics Kernel Elevation of Privilege Vulnerability Important
Windows Kernel-Mode Drivers CVE-2025-27728 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability Important
Windows LDAP – Lightweight Directory Access Protocol CVE-2025-26673 Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability Important
Windows LDAP – Lightweight Directory Access Protocol CVE-2025-26663 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability Critical
Windows LDAP – Lightweight Directory Access Protocol CVE-2025-27469 Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability Important
Windows LDAP – Lightweight Directory Access Protocol CVE-2025-26670 Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability Critical
Windows Local Security Authority (LSA) CVE-2025-21191 Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability Important
Windows Local Security Authority (LSA) CVE-2025-27478 Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability Important
Windows Local Session Manager (LSM) CVE-2025-26651 Windows Local Session Manager (LSM) Denial of Service Vulnerability Important
Windows Mark of the Web (MOTW) CVE-2025-27472 Windows Mark of the Web Security Feature Bypass Vulnerability Important
Windows Media CVE-2025-26666 Windows Media Remote Code Execution Vulnerability Important
Windows Media CVE-2025-26674 Windows Media Remote Code Execution Vulnerability Important
Windows Mobile Broadband CVE-2025-29811 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability Important
Windows NTFS CVE-2025-27742 NTFS Information Disclosure Vulnerability Important
Windows NTFS CVE-2025-21197 Windows NTFS Information Disclosure Vulnerability Important
Windows NTFS CVE-2025-27741 NTFS Elevation of Privilege Vulnerability Important
Windows NTFS CVE-2025-27483 NTFS Elevation of Privilege Vulnerability Important
Windows NTFS CVE-2025-27733 NTFS Elevation of Privilege Vulnerability Important
Windows Power Dependency Coordinator CVE-2025-27736 Windows Power Dependency Coordinator Information Disclosure Vulnerability Important
Windows Remote Desktop Services CVE-2025-26671 Windows Remote Desktop Services Remote Code Execution Vulnerability Important
Windows Resilient File System (ReFS) CVE-2025-27738 Windows Resilient File System (ReFS) Information Disclosure Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2025-27474 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2025-21203 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2025-26668 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2025-26667 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2025-26664 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2025-26672 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2025-26669 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2025-26676 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability Important
Windows Secure Channel CVE-2025-27492 Windows Secure Channel Elevation of Privilege Vulnerability Important
Windows Secure Channel CVE-2025-26649 Windows Secure Channel Elevation of Privilege Vulnerability Important
Windows Security Zone Mapping CVE-2025-27737 Windows Security Zone Mapping Security Feature Bypass Vulnerability Important
Windows Shell CVE-2025-27729 Windows Shell Remote Code Execution Vulnerability Important
Windows Standards-Based Storage Management Service CVE-2025-27485 Windows Standards-Based Storage Management Service Denial of Service Vulnerability Important
Windows Standards-Based Storage Management Service CVE-2025-27486 Windows Standards-Based Storage Management Service Denial of Service Vulnerability Important
Windows Standards-Based Storage Management Service CVE-2025-21174 Windows Standards-Based Storage Management Service Denial of Service Vulnerability Important
Windows Standards-Based Storage Management Service CVE-2025-26680 Windows Standards-Based Storage Management Service Denial of Service Vulnerability Important
Windows Standards-Based Storage Management Service CVE-2025-27470 Windows Standards-Based Storage Management Service Denial of Service Vulnerability Important
Windows Standards-Based Storage Management Service CVE-2025-26652 Windows Standards-Based Storage Management Service Denial of Service Vulnerability Important
Windows Subsystem for Linux CVE-2025-26675 Windows Subsystem for Linux Elevation of Privilege Vulnerability Important
Windows TCP/IP CVE-2025-26686 Windows TCP/IP Remote Code Execution Vulnerability Critical
Windows Telephony Service CVE-2025-27481 Windows Telephony Service Remote Code Execution Vulnerability Important
Windows Telephony Service CVE-2025-21222 Windows Telephony Service Remote Code Execution Vulnerability Important
Windows Telephony Service CVE-2025-21205 Windows Telephony Service Remote Code Execution Vulnerability Important
Windows Telephony Service CVE-2025-21221 Windows Telephony Service Remote Code Execution Vulnerability Important
Windows Telephony Service CVE-2025-27477 Windows Telephony Service Remote Code Execution Vulnerability Important
Windows Universal Plug and Play (UPnP) Device Host CVE-2025-27484 Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability Important
Windows Update Stack CVE-2025-21204 Windows Process Activation Elevation of Privilege Vulnerability Important
Windows Update Stack CVE-2025-27475 Windows Update Stack Elevation of Privilege Vulnerability Important
Windows upnphost.dll CVE-2025-26665 Windows upnphost.dll Elevation of Privilege Vulnerability Important
Windows USB Print Driver CVE-2025-26639 Windows USB Print Driver Elevation of Privilege Vulnerability Important
Windows Virtualization-Based Security (VBS) Enclave CVE-2025-27735 Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability Important
Windows Win32K – GRFX CVE-2025-27732 Windows Graphics Component Elevation of Privilege Vulnerability Important
Windows Win32K – GRFX CVE-2025-26687 Win32k Elevation of Privilege Vulnerability Important
Windows Win32K – GRFX CVE-2025-26681 Win32k Elevation of Privilege Vulnerability Important

Microsoft’s April 2025 Patch Tuesday highlights the importance of regular updates in combating cybersecurity threats. With over 134 vulnerabilities addressed, including critical flaws and an actively exploited zero-day vulnerability, applying these patches is essential for safeguarding your systems.

Similar Posts

  1. February 2024 Patch Tuesday bolsters robust security and user control in Windows 11 and Windows 10
  2. Teams Boosts Collaboration with AI Copilot, Ends 365 Chat
  3. Windows 11’s Snipping Tool and Notepad get a creative overhaul, Insider Preview unveils new markup and AI features
  4. Apple looks to replace iTunes with Apple Music, Apple TV, and Apple Devices, now available as standalone apps on Windows 11
  5. Microsoft’s Copilot AI tool takes center stage in Super Bowl 2024 ad

Discover more from Microsoft News Today

Subscribe to get the latest posts sent to your email.

, , , , , , , , , , , , , , , , , , , , , , , ,
Image placeholder

I'm Dave W. Shanahan, a Microsoft enthusiast with a passion for Windows 11, Xbox, Microsoft 365 Copilot, Azure, and more. After OnMSFT.com closed, I started MSFTNewsNow.com to keep the world updated on Microsoft news. Based in Massachusetts, you can find me on Twitter @Dav3Shanahan or email me at davewshanahan@gmail.com.

Microsoft Halts $1 Billion Data Center Project in Ohio, Latest Casualty of Trump’s Tariffs

Xbox Games Showcase 2025 and The Outer Worlds 2 Direct: Here’s How to Watch the Digital-Only Double Feature Free Online!