Microsoft’s Patch Tuesday for April 2025 was a busy one, with fixes for a total of 135 vulnerabilities. This monthly update included patches for one actively exploited zero-day vulnerability and an additional 11 high-risk vulnerabilities.
The zero-day vulnerability that caught the attention of the U.S. Cybersecurity and Infrastructure Security Agency (CISA) is a 7.8-rated Windows Common Log File System Driver use-after-free vulnerability, identified as CVE-2025-29824. This vulnerability could potentially allow an attacker to escalate privileges locally, and Microsoft disclosed that it has already been exploited in ransomware attacks.
This single zero-day vulnerability stands in stark contrast to the six zero-days reported in the previous month of March, indicating a possible decrease in severe vulnerabilities. However, Microsoft has reported a total of 405 vulnerabilities so far this year, with 12 actively exploited zero-days.
The Patch Tuesday release for April 2025 also highlighted 11 high-risk vulnerabilities labeled as “Exploitation More Likely.” These vulnerabilities ranged in severity from 5.4 to 8.8, with notable entries such as a SharePoint Remote Code Execution vulnerability (CVE-2025-29794) rated at 8.8 and a Windows Mark of the Web Security Feature Bypass vulnerability (CVE-2025-27472) rated at 5.4.
Other high-risk vulnerabilities included remote code execution vulnerabilities in Microsoft SharePoint and Windows Lightweight Directory Access Protocol (LDAP), as well as elevation of privilege vulnerabilities in Windows Remote Desktop Services and Microsoft Office. These vulnerabilities underscore the importance of applying security patches promptly to protect against potential exploitation.
In addition to Microsoft, other IT vendors and projects also issued patches on the same day as Patch Tuesday. This collaborative effort across the tech industry highlights the ongoing commitment to addressing security vulnerabilities and protecting user data.
As the cybersecurity landscape continues to evolve, timely patching and mitigation strategies remain crucial in safeguarding systems and data from potential threats. Organizations are encouraged to stay informed about security updates and prioritize the implementation of patches to reduce the risk of exploitation.