Microsoft released updates to address 121 security vulnerabilities in its Windows operating systems and software, with one flaw already being actively exploited, according to reports. The company’s latest Patch Tuesday included fixes for 11 critical flaws that could be exploited by malicious actors without much user interaction.
The zero-day vulnerability that is currently being exploited is identified as CVE-2025-29824, a local elevation of privilege bug in the Windows Common Log File System (CLFS) driver. Although Microsoft rates it as “important,” experts like Chris Goettl from Ivanti suggest treating it as critical due to the potential risks involved.
This isn’t the first time the CLFS component has been addressed during Patch Tuesday. Since 2022, Microsoft has issued patches for 32 CLFS vulnerabilities, with six of them previously exploited in the wild. The most recent CLFS zero-day was patched in December 2024.
Satnam Narang from Tenable points out that while vulnerabilities allowing attackers to execute arbitrary code are typically at the forefront of Patch Tuesday updates, the trend is reversed for zero-day exploits. Elevation of privilege flaws has been the predominant issue, with over half of all zero-days in 2025 falling into this category.
Adam Barnett from Rapid7 highlighted the critical nature of a flaw in the LDAP server (CVE-2025-26663), emphasizing the importance of patching for organizations with a significant Microsoft footprint. With no privileges required and the potential for code execution within the LDAP server context, exploitation of this vulnerability could be highly attractive for malicious actors.
Among the critical updates rolled out by Microsoft this month are remote code execution flaws in Windows Remote Desktop services, with CVE-2025-27480 and CVE-2025-27482 rated as “Exploitation More Likely.” Additionally, popular web browsers like Google Chrome and Mozilla Firefox have addressed multiple vulnerabilities in their recent updates, with Microsoft Edge expected to follow suit.
Adobe also released 12 updates addressing 54 security holes across various products, while Apple issued a significant security update on March 31 to address multiple vulnerabilities across its product line.
In conclusion, users are advised to prioritize applying the latest security patches to protect their systems from potential exploits. Backing up data before updating is recommended to mitigate any complications that may arise from the installation process. For more detailed information on the April 2025 Patch Tuesday updates, users can refer to resources like the SANS Internet Storm Center’s roundup and Microsoft’s official update guide. Stay informed and stay secure.