Microsoft’s March Patch Tuesday has brought a new set of challenges for system administrators as they scramble to address over 50 newly discovered vulnerabilities, including seven zero-days that are actively being exploited in the wild.
Among the zero-day vulnerabilities, one of them is CVE-2025-26633 which involves a security feature bypass in Microsoft Management Console with a CVSS score of 7.0. Another critical vulnerability is CVE-2025-24993, a remote code execution (RCE) flaw in Windows NTFS with a CVSS score of 7.8. Additionally, there is CVE-2025-24991, an information disclosure vulnerability in Windows NTFS with a CVSS score of 5.5, and CVE-2025-24985, an RCE vulnerability in Windows Fast FAT File System Driver with a CVSS score of 7.8. Furthermore, CVE-2025-24984 is an information disclosure bug in Windows NTFS with a CVSS score of 4.6, and CVE-2025-24983 represents an elevation of privilege (EoP) vulnerability in Windows Win32 Kernel Subsystem with a CVSS score of 7.0.
In addition to these exploits, Microsoft has also disclosed a zero-day vulnerability, CVE-2025-26630, in Microsoft Access. While this vulnerability has not yet been exploited, its potential impact is significant with a CVSS score of 7.8, categorizing it as “important”. Security experts caution that while the public disclosure of this vulnerability could aid attackers in formulating an exploit, the absence of code samples will make their efforts more challenging.
This month’s patch release also included a total of 23 EoP and 23 RCE vulnerabilities, with all six “critical” rated CVEs falling under the category of RCE vulnerabilities. One of the critical vulnerabilities, CVE-2025-24084, affects the Windows Subsystem for Linux (WSL2) kernel, presenting multiple attack vectors with the potential for exploitation through malicious emails.
Another critical RCE bug addressed in this patch release is CVE-2025-26645, impacting the popular remote desktop client (RDP). This vulnerability could enable threat actors to gain unauthorized access and move laterally within a victim’s network, emphasizing the importance of promptly applying patches to mitigate such risks.
Security experts stress the importance of proactive patch management and risk-based prioritization to safeguard systems from potential cyber threats. While the volume of vulnerabilities addressed in this month’s Patch Tuesday may increase the workload for system administrators, timely and thorough patching remains critical in maintaining the security and integrity of IT environments.