March Microsoft Patch Tuesday. 77 CVEs, 20 of which were added during the month. 7 vulnerabilities with signs of exploitation in the wild:
🔻 RCE - Windows Fast FAT File System Driver (CVE-2025-24985)
🔻 RCE - Windows NTFS (CVE-2025-24993)
🔻 SFB - Microsoft Management Console (CVE-2025-26633)
🔻 EoP - Windows Win32 Kernel Subsystem (CVE-2025-24983)
🔻 InfDisc - Windows NTFS (CVE-2025-24991, CVE-2025-24984)
🔻 AuthBypass - Power Pages (CVE-2025-24989) - in Microsoft web service, can be ignored
There are no vulnerabilities with public exploits, there are 2 more with private ones:
🔸 RCE - Bing (CVE-2025-21355) - in Microsoft web service, can be ignored
🔸 SFB - Windows Kernel (CVE-2025-21247)
Among the others:
🔹 RCE - Windows Remote Desktop Client (CVE-2025-26645) and Services (CVE-2025-24035, CVE-2025-24045), MS Office (CVE-2025-26630), WSL2 (CVE-2025-24084)
🔹 EoP - Windows Win32 Kernel Subsystem (CVE-2025-24044)
Hi! My name is Alexander and I am a Vulnerability Management specialist. You can read more about me here. Currently, the best way to follow me is my Telegram channel @avleonovcom. You can discuss my posts or ask questions at @avleonovchat.
А всех русскоязычных я приглашаю подписаться на мой канал @avleonovrus "Управление Уязвимостями и прочее" в MAX или в Telegram.
Pingback: April Microsoft Patch Tuesday | Alexander V. Leonov
Pingback: About Spoofing – Windows File Explorer (CVE-2025-24071) vulnerability | Alexander V. Leonov
Pingback: About Spoofing – Windows NTLM (CVE-2025-24054) vulnerability | Alexander V. Leonov
Pingback: April “In the Trend of VM” (#14): vulnerabilities in Microsoft Windows, VMware products, Kubernetes, and Apache Tomcat | Alexander V. Leonov