Microsoft Patch Tuesday March 2025 – 6 Actively Exploited Zero-Days & 57 Vulnerabilities Are Fixed
gbhackersMicrosoft has rolled out its March 2025 Patch Tuesday update, addressing a total of 57 vulnerabilities across its software ecosystem, including 6 actively exploited Zero-day vulnerabilities.
This release includes fixes for:
- 23 Remote Code Execution Vulnerabilities
- 23 Elevation of Privilege Vulnerabilities
- 3 Security Feature Bypass Vulnerabilities
- 4 Information Disclosure Vulnerabilities
- 3 Spoofing Vulnerabilities
- 1 Denial of Service Vulnerability
Issued on the second Tuesday of each month, this update is vital for users and administrators, as attackers are already exploiting several of these flaws in the wild.
Below is a detailed look at the six zero-day vulnerabilities patched in this release, alongside the broader scope of the update.
Zero-Day Vulnerabilities
CVE-2025-24983: Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
This zero-day allows local attackers to escalate privileges to SYSTEM level by winning a race condition.
Discovered by Filip Jurčacko of ESET, this use-after-free flaw stems from improper memory management, enabling attackers ...
Copyright of this story solely belongs to gbhackers . To see the full text click HERE