Microsoft Fixes Six Actively-Exploited 0-Day Flaws In Patch Tuesday Rollout, Update ASAP

This month's Microsoft Patch Tuesday is here and it's a big one. Last month fixed 63 vulnerabilities. This month's update, however, includes patches for another 57 security vulnerabilities, six of which are already being actively exploited by hackers, while cybersecurity experts describe another six as critical. These vulnerabilities require swift action and Microsoft has advised users to update their devices to get patched ASAP.

Microsoft addressed a vulnerability registered on the CVE program as CVE-2025-24993, one of the six reported active exploits. For a successful attack, hackers will need to trick users into mounting a Virtual Hard Disk (VHD); otherwise, the attack will fail. As a Remote Code Execution (RCE) vulnerability, malicious actors can trick users into taking actions that trigger payloads or malware without physical access to the computer. With a successful attack, bad actors can steal sensitive information, corrupt systems with viruses, or control the ...