CyberSecurity news
FlagThis
@The DefendOps Diaries
//
Microsoft's March 2025 Patch Tuesday has addressed 57 flaws, including seven zero-day vulnerabilities that were already being actively exploited. These zero-day flaws highlight the importance of applying security updates in a timely manner. Three critical vulnerabilities were remote code execution vulnerabilities, posing a high risk that could lead to full system compromise if exploited. One notable zero-day vulnerability is the Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability (CVE-2025-24983), which could allow attackers to gain SYSTEM privileges through a race condition.
Microsoft has also announced that it will drop support for the Remote Desktop app, available through the Microsoft Store, on May 27th. The current app will be replaced with the new Windows App, designed for work and school accounts. Microsoft is encouraging users to review the known issues and limitations of the Windows App to understand any feature gaps that may create challenges during migration. The Windows App is intended to connect to Azure Virtual Desktop, Windows 365, Microsoft Dev Box, Remote Desktop Services, and remote PCs.
ImgSrc: thedefendopsdia
References :
Microsoft has also announced that it will drop support for the Remote Desktop app, available through the Microsoft Store, on May 27th. The current app will be replaced with the new Windows App, designed for work and school accounts. Microsoft is encouraging users to review the known issues and limitations of the Windows App to understand any feature gaps that may create challenges during migration. The Windows App is intended to connect to Azure Virtual Desktop, Windows 365, Microsoft Dev Box, Remote Desktop Services, and remote PCs.
ImgSrc: thedefendopsdia
Share:
References :
- isc.sans.edu: Microsoft Patch Tuesday: March 2025, (Tue, Mar 11th)
- The DefendOps Diaries: Microsoft's March 2025 Patch Tuesday: Addressing Critical Vulnerabilities
- BleepingComputer: Microsoft March 2025 Patch Tuesday fixes 7 zero-days, 57 flaws
- CyberInsider: Microsoft March 2025 ‘Patch Tuesday’ Updates Fix Six Actively Exploited Flaws
- Tenable Blog: Microsoft’s March 2025 Patch Tuesday Addresses 56 CVEs (CVE-2025-26633, CVE-2025-24983, CVE-2025-24993)
- bsky.app: Today is Microsoft's March 2025 Patch Tuesday, which includes security updates for 57 flaws, including six actively exploited zero-day vulnerabilities.
- krebsonsecurity.com: Microsoft: 6 Zero-Days in March 2025 Patch Tuesday
- Blog RSS Feed: March 2025 Patch Tuesday Analysis
- CyberScoop: Microsoft patches 57 vulnerabilities, including 6 zero-days
- The Register - Software: Choose your own Patch Tuesday adventure: Start with six zero-day fixes, or six critical flaws
- hackread.com: March 2025 Patch Tuesday: Microsoft Fixes 57 Vulnerabilities, 7 Zero-Days
- www.kaspersky.com: Main vulnerabilities from Microsoft's March Patch Tuesday | Kaspersky official blog
- Rescana: Microsoft March 2025 Patch Tuesday: Zero-Day Exploitation Analysis in WinDbg, ASP.NET Core, and Remote Desktop
- socradar.io: March 2025 Patch Tuesday: Microsoft Fixes 6 Critical & 6 Exploited Security Vulnerabilities
- Security | TechRepublic: Microsoft's March 2025 Patch Tuesday includes six actively exploited zero-day vulnerabilities. Learn about the critical vulnerabilities and why immediate updates are essential.
- Davey Winder: Microsoft has confirmed that no less than six zero-day vulnerabilities are exploiting Windows users in the wild. Here’s what you need to know and do.
- : Microsoft Patches a Whopping Seven Zero-Days in March
- Blog: As part of its monthly Patch Tuesday event, Microsoft has fixed 57 vulnerabilities. Among them are six actively exploited zero-day vulnerabilities
Classification:
- HashTags: #PatchTuesday #Microsoft #ZeroDay
- Company: Microsoft
- Target: Windows Users
- Product: Windows
- Feature: Security Patches
- Type: ProductUpdate
- Severity: Major