Microsoft Monthly Security Update (March 2025)

Release Date: 12 Mar 2025 555 Views

RISK: High Risk

High Risk

TYPE: Operating Systems - Windows OS

TYPE: Windows OS

Microsoft has released monthly security update for their products:

 

Vulnerable ProductRisk LevelImpactsNotes
WindowsHigh Risk High RiskRemote Code Execution
Elevation of Privilege
Spoofing
Denial of Service
Security Restriction Bypass
Information Disclosure

CVE-2025-24983 is being exploited in the wild. An attacker with local and user privileges could perform elevation of privilege on the targeted system.

CVE-2025-24984 and CVE-2025-24991 are being exploited in the wild. An attacker with local and user privileges could perform information disclosure on the targeted system.

CVE-2025-24985 and CVE-2025-24993 are being exploited in the wild. An attacker with local and user privileges could perform code execution on the targeted system locally.

Extended Security Updates (ESU)High Risk High RiskRemote Code Execution
Elevation of Privilege
Spoofing
Security Restriction Bypass
Information Disclosure

CVE-2025-26633 is being exploited in the wild. An attacker with local and user privileges could perform security restriction bypass on the targeted system.

CVE-2025-26630 is being exploited in the wild. An attacker with local and user privileges could perform code execution on the targeted system locally.

Developer ToolsMedium Risk Medium RiskRemote Code Execution
Elevation of Privilege		 
Microsoft OfficeMedium Risk Medium RiskRemote Code Execution 
AzureMedium Risk Medium RiskRemote Code Execution
Elevation of Privilege		 
BrowserLow Risk Low RiskSpoofing 

 

Number of 'Extremely High Risk' product(s): 0

Number of 'High Risk' product(s): 2

Number of 'Medium Risk' product(s): 3

Number of 'Low Risk' product(s): 1

Evaluation of overall 'Risk Level': High Risk

Impact

  • Elevation of Privilege
  • Remote Code Execution
  • Denial of Service
  • Security Restriction Bypass
  • Spoofing
  • Information Disclosure

System / Technologies affected

  • Windows
  • Extended Security Updates (ESU)
  • Developer Tools
  • Microsoft Office
  • Azure
  • Browser

Solutions

Before installation of the software, please visit the vendor web-site for more details.

  •  Apply fixes issued by the vendor.

Vulnerability Identifier

Source

Related Link

Related Tags

MicrosoftElevation of PrivilegeRemote Code ExecutionDenial of ServiceSecurity Restriction BypassSpoofingInformation DisclosureExploit In The Wild

Share with

Previous

SAP Business One Security Restriction Bypass Vulnerability

12 Mar 2025 276 Views

Next

Fortinet FortiWeb Multiple Vulnerabilities

12 Mar 2025 319 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY