Microsoft has released its March 2025 Patch security updates, addressing 57 vulnerabilities, including six actively exploited zero-day flaws and one publicly disclosed zero-day.
Actively Exploited Zero-Day Vulnerabilities
- CVE-2025-24983: Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability. This allows local attackers to gain SYSTEM privileges by exploiting a race condition.
- CVE-2025-24984: Windows NTFS Information Disclosure Vulnerability. Exploited via physical access and a malicious USB drive to read portions of heap memory.
- CVE-2025-24985: Windows Fast FAT File System Driver Remote Code Execution Vulnerability. A vulnerability caused by an integer overflow in the Fast FAT Driver, allowing code execution via malicious VHD files.
- CVE-2025-24991: Windows NTFS Information Disclosure Vulnerability. Enables attackers to read small portions of heap memory by tricking users into mounting malicious VHD files.
- CVE-2025-24993: Windows NTFS Remote Code Execution Vulnerability. This is caused by a heap-based buffer overflow in NTFS, allowing code execution via crafted VHD files.
- CVE-2025-26633: Microsoft Management Console Security Feature Bypass Vulnerability. May involve bypassing security features using malicious .msc files. This vulnerability is exploited through phishing or social engineering attacks.
Publicly Disclosed Zero-Day Vulnerability
- CVE-2025-26630: Microsoft Access Remote Code Execution Vulnerability. This is caused by a use-after-free bug in Microsoft Office Access and is exploited by tricking users into opening malicious Access files (e.g., through phishing)