Microsoft’s Patch Tuesday March 2025 update has been released with fixes for six zero-day vulnerabilities that are actively being exploited by cybercriminals. In addition to these critical fixes, the update also addresses 10 other vulnerabilities that are at higher risk of being targeted by attackers.
The six zero-day vulnerabilities addressed in this update range in severity from 4.6 to 7.8 on the CVSS scale. One of the major vulnerabilities, CVE-2025-24983, is a Windows Win32 Kernel Subsystem Elevation of Privilege/Use After Free vulnerability with a severity rating of 7.0. This vulnerability, reported by Filip Jurčacko of ESET, requires attackers to exploit a race condition in order to gain SYSTEM privileges.
Another critical vulnerability, CVE-2025-24984, is a Windows NTFS Information Disclosure/Insertion of Sensitive Information into Log File vulnerability rated at 4.6. This vulnerability, which was reported anonymously, requires physical access to the target computer in order to plug in a malicious USB drive and potentially read heap memory.
Furthermore, CVE-2025-24985 is a Windows Fast FAT File System Driver Remote Code Execution vulnerability with a severity rating of 7.8. This vulnerability, also reported anonymously, requires an attacker to trick a local user into mounting a specially crafted virtual hard disk (VHD) to trigger the exploit.
Additionally, CVE-2025-24991, CVE-2025-24993, and CVE-2025-26633 are other critical vulnerabilities addressed in the update, each with their own unique exploit scenarios and severity ratings.
The Cybersecurity and Infrastructure Security Agency (CISA) has also taken note of these vulnerabilities and added the six Microsoft zero-days to its Known Exploited Vulnerabilities (KEV) catalog to raise awareness among security professionals.
Apart from the zero-day vulnerabilities, Microsoft has identified 10 other vulnerabilities that are considered to be at a higher risk of exploitation. These vulnerabilities range in severity from 4.3 to 8.1 and cover various aspects of Microsoft products such as the exFAT File System, Remote Desktop Services, Kernel Subsystem, and more.
In addition to Microsoft, other vendors have also released Patch Tuesday updates in March 2025 to address security vulnerabilities in their products and protect users from potential cyber threats. It is essential for all users to install these updates promptly to ensure the security and integrity of their systems and data.