{"id":341923,"date":"2025-05-14T06:26:11","date_gmt":"2025-05-14T13:26:11","guid":{"rendered":"https:\/\/msftnewsnow.com\/?p=341923"},"modified":"2025-06-19T06:23:41","modified_gmt":"2025-06-19T13:23:41","slug":"microsofts-may-2025-patch-tuesday-five-zero-days","status":"publish","type":"post","link":"https:\/\/msftnewsnow.com\/microsofts-may-2025-patch-tuesday-five-zero-days\/","title":{"rendered":"Microsoft\u2019s May 2025 Patch Tuesday: Five New Zero-Days Exploited, 72 Flaws Patched: What You Need to Know"},"content":{"rendered":"<div class=\"relative\">\n<div class=\"prose text-pretty dark:prose-invert inline leading-normal break-words min-w-0 [word-break:break-word]\">\n<p class=\"my-0\">Yesterday, Microsoft released its latest Patch Tuesday security updates, <a href=\"https:\/\/www.bleepingcomputer.com\/news\/microsoft\/microsoft-may-2025-patch-tuesday-fixes-5-exploited-zero-days-72-flaws\/\" target=\"_blank\" rel=\"noopener\">addressing a total of 72 vulnerabilities across<\/a> its product portfolio-including Windows, Office, Azure, and more. <a href=\"https:\/\/support.microsoft.com\/en-au\/topic\/may-13-2025-kb5058429-security-only-update-e2d32537-cc98-4afc-a82e-e58dc3baaa78\" target=\"_blank\" rel=\"noopener\">This month\u2019s update<\/a> is especially urgent, as it patches five zero-day vulnerabilities already being exploited in the wild and two additional flaws that were publicly disclosed prior to the release<span class=\"whitespace-nowrap\">.<\/span><\/p>\n<h2 class=\"mb-xs mt-5 text-base font-[500] first:mt-0 dark:font-[475]\"><strong>May 2025 Patch Tuesday Breakdown<\/strong><\/h2>\n<p><img decoding=\"async\" data-attachment-id=\"341989\" data-permalink=\"https:\/\/msftnewsnow.com\/microsofts-may-2025-patch-tuesday-five-zero-days\/download-11\/#main\" data-orig-file=\"https:\/\/e7drz69p964.exactdn.com\/wp-content\/uploads\/2025\/05\/download-11.jpg?strip=all&lossy=1&quality=88&sharp=1&ssl=1\" data-orig-size=\"1024,576\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;{\\&quot;prompt\\&quot;:\\&quot;Microsoft May 2025 Patch Tuesday fixes 5 exploited zero-days, 72 flaws\\&quot;,\\&quot;originalPrompt\\&quot;:\\&quot;Microsoft May 2025 Patch Tuesday fixes 5 exploited zero-days, 72 flaws\\&quot;,\\&quot;width\\&quot;:1024,\\&quot;height\\&quot;:576,\\&quot;seed\\&quot;:42,\\&quot;model\\&quot;:\\&quot;flux\\&quot;,\\&quot;enhance\\&quot;:false,\\&quot;nologo\\&quot;:true,\\&quot;negative_prompt\\&quot;:\\&quot;worst quality, blurry\\&quot;,\\&quot;nofeed\\&quot;:false,\\&quot;safe\\&quot;:false,\\&quot;isMature\\&quot;:false,\\&quot;isChild\\&quot;:false}&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;1&quot;}\" data-image-title=\"download (11)\" data-image-description=\"\" data-image-caption=\"&lt;p&gt;{&#8220;prompt&#8221;:&#8221;Microsoft May 2025 Patch Tuesday fixes 5 exploited zero-days, 72 flaws&#8221;,&#8221;originalPrompt&#8221;:&#8221;Microsoft May 2025 Patch Tuesday fixes 5 exploited zero-days, 72 flaws&#8221;,&#8221;width&#8221;:1024,&#8221;height&#8221;:576,&#8221;seed&#8221;:42,&#8221;model&#8221;:&#8221;flux&#8221;,&#8221;enhance&#8221;:false,&#8221;nologo&#8221;:true,&#8221;negative_prompt&#8221;:&#8221;worst quality, blurry&#8221;,&#8221;nofeed&#8221;:false,&#8221;safe&#8221;:false,&#8221;isMature&#8221;:false,&#8221;isChild&#8221;:false}&lt;\/p&gt;\n\" data-medium-file=\"https:\/\/e7drz69p964.exactdn.com\/wp-content\/uploads\/2025\/05\/download-11.jpg?strip=all&lossy=1&quality=88&sharp=1&ssl=1\" data-large-file=\"https:\/\/e7drz69p964.exactdn.com\/wp-content\/uploads\/2025\/05\/download-11.jpg?strip=all&lossy=1&quality=88&sharp=1&ssl=1\" class=\"alignnone wp-image-341989 size-full\" src=\"https:\/\/e7drz69p964.exactdn.com\/wp-content\/uploads\/2025\/05\/download-11.jpg?strip=all&lossy=1&quality=88&sharp=1&ssl=1\" alt=\"Microsoft\u2019s May 2025 Patch Tuesday: Five New Zero-Days Exploited, 72 Flaws Patched: What You Need to Know\" width=\"1024\" height=\"576\" srcset=\"https:\/\/e7drz69p964.exactdn.com\/wp-content\/uploads\/2025\/05\/download-11.jpg?strip=all&amp;lossy=1&amp;quality=88&amp;sharp=1&amp;ssl=1 1024w, https:\/\/e7drz69p964.exactdn.com\/wp-content\/uploads\/2025\/05\/download-11-150x84.jpg?strip=all&amp;lossy=1&amp;quality=88&amp;sharp=1&amp;ssl=1 150w, https:\/\/e7drz69p964.exactdn.com\/wp-content\/uploads\/2025\/05\/download-11.jpg?strip=all&amp;lossy=1&amp;quality=88&amp;sharp=1&amp;w=204&amp;ssl=1 204w, https:\/\/e7drz69p964.exactdn.com\/wp-content\/uploads\/2025\/05\/download-11.jpg?strip=all&amp;lossy=1&amp;quality=88&amp;sharp=1&amp;w=409&amp;ssl=1 409w, https:\/\/e7drz69p964.exactdn.com\/wp-content\/uploads\/2025\/05\/download-11.jpg?strip=all&amp;lossy=1&amp;quality=88&amp;sharp=1&amp;w=614&amp;ssl=1 614w, https:\/\/e7drz69p964.exactdn.com\/wp-content\/uploads\/2025\/05\/download-11.jpg?strip=all&amp;lossy=1&amp;quality=88&amp;sharp=1&amp;w=819&amp;ssl=1 819w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/p>\n<p class=\"my-0\">This month\u2019s Patch Tuesday covers a wide range of vulnerability types:<\/p>\n<ul class=\"marker:text-textOff list-disc\">\n<li>\n<p class=\"my-0\"><strong>17 Elevation of Privilege Vulnerabilities<\/strong><\/p>\n<\/li>\n<li>\n<p class=\"my-0\"><strong>28 Remote Code Execution (RCE) Vulnerabilities<\/strong><\/p>\n<\/li>\n<li>\n<p class=\"my-0\"><strong>15 Information Disclosure Vulnerabilities<\/strong><\/p>\n<\/li>\n<li>\n<p class=\"my-0\"><strong>7 Denial of Service (DoS) Vulnerabilities<\/strong><\/p>\n<\/li>\n<li>\n<p class=\"my-0\"><strong>2 Security Feature Bypass Vulnerabilities<\/strong><\/p>\n<\/li>\n<li>\n<p class=\"my-0\"><strong>2 Spoofing Vulnerabilities<\/strong><\/p>\n<\/li>\n<\/ul>\n<p class=\"my-0\">Microsoft\u2019s security team and external researchers have flagged several of these issues as top priorities for immediate patching, especially those already exploited by attackers.<\/p>\n<h2 id=\"the-five-actively-exploited-zero-days\" class=\"mb-2 mt-6 text-lg font-[500] first:mt-0 dark:font-[475]\"><strong>The Five Actively Exploited Zero-Days<\/strong><\/h2>\n<p class=\"my-0\">Security experts are urging organizations and individual users to prioritize patching the following five zero-day vulnerabilities, all of which have been observed under active attack<a class=\"citation ml-xs inline\" href=\"https:\/\/www.bleepingcomputer.com\/news\/microsoft\/microsoft-may-2025-patch-tuesday-fixes-5-exploited-zero-days-72-flaws\/\" target=\"_blank\" rel=\"nofollow noopener\" data-state=\"closed\" aria-label=\"Microsoft May 2025 Patch Tuesday fixes 5 exploited zero-days, 72 flaws\"><span class=\"relative select-none align-middle undefined -top-px font-sans text-base text-textMain dark:text-textMainDark selection:bg-super\/50 selection:text-textMain dark:selection:bg-superDuper\/10 dark:selection:text-superDark\"><span class=\"hover:bg-super dark:hover:bg-superDark dark:hover:text-backgroundDark min-w-[1rem] rounded-[0.3125rem] px-[0.3rem] text-center align-middle font-mono text-[0.6rem] tabular-nums hover:text-white py-[0.1875rem] border-borderMain\/50 ring-borderMain\/50 divide-borderMain\/50 dark:divide-borderMainDark\/50 dark:ring-borderMainDark\/50 dark:border-borderMainDark\/50 bg-offsetPlus dark:bg-offsetPlusDark\">1<\/span><\/span><\/a><a class=\"citation ml-xs inline\" href=\"https:\/\/thehackernews.com\/2025\/05\/microsoft-fixes-78-flaws-5-zero-days.html\" target=\"_blank\" rel=\"nofollow noopener\" data-state=\"closed\" aria-label=\"Microsoft Fixes 78 Flaws, 5 Zero-Days Exploited; CVSS 10 Bug Impacts Azure DevOps Server\"><span class=\"relative select-none align-middle undefined -top-px font-sans text-base text-textMain dark:text-textMainDark selection:bg-super\/50 selection:text-textMain dark:selection:bg-superDuper\/10 dark:selection:text-superDark\"><span class=\"hover:bg-super dark:hover:bg-superDark dark:hover:text-backgroundDark min-w-[1rem] rounded-[0.3125rem] px-[0.3rem] text-center align-middle font-mono text-[0.6rem] tabular-nums hover:text-white py-[0.1875rem] border-borderMain\/50 ring-borderMain\/50 divide-borderMain\/50 dark:divide-borderMainDark\/50 dark:ring-borderMainDark\/50 dark:border-borderMainDark\/50 bg-offsetPlus dark:bg-offsetPlusDark\">2<\/span><\/span><\/a><a class=\"citation ml-xs inline\" href=\"https:\/\/www.theregister.com\/AMP\/2025\/05\/14\/patch_tuesday_may\/\" target=\"_blank\" rel=\"nofollow noopener\" data-state=\"closed\" aria-label=\"Apple patched one first, but Microsoft\u2019s blasted five exploited flaws this Pa-Tu\"><span class=\"relative select-none align-middle undefined -top-px font-sans text-base text-textMain dark:text-textMainDark selection:bg-super\/50 selection:text-textMain dark:selection:bg-superDuper\/10 dark:selection:text-superDark\"><span class=\"hover:bg-super dark:hover:bg-superDark dark:hover:text-backgroundDark min-w-[1rem] rounded-[0.3125rem] px-[0.3rem] text-center align-middle font-mono text-[0.6rem] tabular-nums hover:text-white py-[0.1875rem] border-borderMain\/50 ring-borderMain\/50 divide-borderMain\/50 dark:divide-borderMainDark\/50 dark:ring-borderMainDark\/50 dark:border-borderMainDark\/50 bg-offsetPlus dark:bg-offsetPlusDark\">3<\/span><\/span><\/a><a class=\"citation ml-xs inline\" href=\"https:\/\/www.govcert.gov.hk\/en\/alerts_detail.php?id=1548\" target=\"_blank\" rel=\"nofollow noopener\" data-state=\"closed\" aria-label=\"GovCERT.HK - Security Alerts\"><span class=\"relative select-none align-middle undefined -top-px font-sans text-base text-textMain dark:text-textMainDark selection:bg-super\/50 selection:text-textMain dark:selection:bg-superDuper\/10 dark:selection:text-superDark\"><span class=\"hover:bg-super dark:hover:bg-superDark dark:hover:text-backgroundDark min-w-[1rem] rounded-[0.3125rem] px-[0.3rem] text-center align-middle font-mono text-[0.6rem] tabular-nums hover:text-white py-[0.1875rem] border-borderMain\/50 ring-borderMain\/50 divide-borderMain\/50 dark:divide-borderMainDark\/50 dark:ring-borderMainDark\/50 dark:border-borderMainDark\/50 bg-offsetPlus dark:bg-offsetPlusDark\">4<\/span><\/span><\/a><a class=\"citation ml-xs inline\" href=\"https:\/\/krebsonsecurity.com\/2025\/05\/patch-tuesday-may-2025-edition\/\" target=\"_blank\" rel=\"nofollow noopener\" data-state=\"closed\" aria-label=\"Patch Tuesday, May 2025 Edition\"><span class=\"relative select-none align-middle undefined -top-px font-sans text-base text-textMain dark:text-textMainDark selection:bg-super\/50 selection:text-textMain dark:selection:bg-superDuper\/10 dark:selection:text-superDark\"><span class=\"hover:bg-super dark:hover:bg-superDark dark:hover:text-backgroundDark min-w-[1rem] rounded-[0.3125rem] px-[0.3rem] text-center align-middle font-mono text-[0.6rem] tabular-nums hover:text-white py-[0.1875rem] border-borderMain\/50 ring-borderMain\/50 divide-borderMain\/50 dark:divide-borderMainDark\/50 dark:ring-borderMainDark\/50 dark:border-borderMainDark\/50 bg-offsetPlus dark:bg-offsetPlusDark\">5<\/span><\/span><\/a><a class=\"citation ml-xs inline\" href=\"https:\/\/www.tenable.com\/blog\/microsofts-may-2025-patch-tuesday-addresses-71-cves-cve-2025-32701-cve-2025-32706\" target=\"_blank\" rel=\"nofollow noopener\" data-state=\"closed\" aria-label=\"Microsoft&#039;s May 2025 Patch Tuesday Addresses 71 CVEs (CVE ...\"><span class=\"relative select-none align-middle undefined -top-px font-sans text-base text-textMain dark:text-textMainDark selection:bg-super\/50 selection:text-textMain dark:selection:bg-superDuper\/10 dark:selection:text-superDark\"><span class=\"hover:bg-super dark:hover:bg-superDark dark:hover:text-backgroundDark min-w-[1rem] rounded-[0.3125rem] px-[0.3rem] text-center align-middle font-mono text-[0.6rem] tabular-nums hover:text-white py-[0.1875rem] border-borderMain\/50 ring-borderMain\/50 divide-borderMain\/50 dark:divide-borderMainDark\/50 dark:ring-borderMainDark\/50 dark:border-borderMainDark\/50 bg-offsetPlus dark:bg-offsetPlusDark\">8<\/span><\/span><\/a>:<\/p>\n<div class=\"group relative\">\n<div class=\"w-full overflow-x-auto md:max-w-[90vw] border-borderMain\/50 ring-borderMain\/50 divide-borderMain\/50 dark:divide-borderMainDark\/50 dark:ring-borderMainDark\/50 dark:border-borderMainDark\/50 bg-transparent\">\n<table class=\"border-borderMain dark:border-borderMainDark my-[1em] w-full table-auto border\">\n<thead class=\"bg-offset dark:bg-offsetDark\">\n<tr>\n<th class=\"px-sm py-sm break-normal align-top\">CVE<\/th>\n<th class=\"px-sm py-sm break-normal align-top\">Component<\/th>\n<th class=\"px-sm py-sm break-normal align-top\">Type<\/th>\n<th class=\"px-sm py-sm break-normal align-top\">Impact\/Notes<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td class=\"border-borderMain px-sm dark:border-borderMainDark min-w-[48px] break-normal border\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2025-30400\" target=\"_blank\" rel=\"noopener\">CVE-2025-30400<\/a><\/td>\n<td class=\"border-borderMain px-sm dark:border-borderMainDark min-w-[48px] break-normal border\">Microsoft DWM Core Library<\/td>\n<td class=\"border-borderMain px-sm dark:border-borderMainDark min-w-[48px] break-normal border\">Elevation of Privilege<\/td>\n<td class=\"border-borderMain px-sm dark:border-borderMainDark min-w-[48px] break-normal border\">Use-after-free bug; allows SYSTEM-level access<\/td>\n<\/tr>\n<tr>\n<td class=\"border-borderMain px-sm dark:border-borderMainDark min-w-[48px] break-normal border\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-32701\" target=\"_blank\" rel=\"noopener\">CVE-2025-32701<\/a><\/td>\n<td class=\"border-borderMain px-sm dark:border-borderMainDark min-w-[48px] break-normal border\">Windows Common Log File System (CLFS) Driver<\/td>\n<td class=\"border-borderMain px-sm dark:border-borderMainDark min-w-[48px] break-normal border\">Elevation of Privilege<\/td>\n<td class=\"border-borderMain px-sm dark:border-borderMainDark min-w-[48px] break-normal border\">Use-after-free bug; SYSTEM privileges<\/td>\n<\/tr>\n<tr>\n<td class=\"border-borderMain px-sm dark:border-borderMainDark min-w-[48px] break-normal border\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-32706\" target=\"_blank\" rel=\"noopener\">CVE-2025-32706<\/a><\/td>\n<td class=\"border-borderMain px-sm dark:border-borderMainDark min-w-[48px] break-normal border\">Windows Common Log File System (CLFS) Driver<\/td>\n<td class=\"border-borderMain px-sm dark:border-borderMainDark min-w-[48px] break-normal border\">Elevation of Privilege<\/td>\n<td class=\"border-borderMain px-sm dark:border-borderMainDark min-w-[48px] break-normal border\">Improper input validation; SYSTEM privileges<\/td>\n<\/tr>\n<tr>\n<td class=\"border-borderMain px-sm dark:border-borderMainDark min-w-[48px] break-normal border\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-32709\" target=\"_blank\" rel=\"noopener\">CVE-2025-32709<\/a><\/td>\n<td class=\"border-borderMain px-sm dark:border-borderMainDark min-w-[48px] break-normal border\">Windows Ancillary Function Driver for WinSock<\/td>\n<td class=\"border-borderMain px-sm dark:border-borderMainDark min-w-[48px] break-normal border\">Elevation of Privilege<\/td>\n<td class=\"border-borderMain px-sm dark:border-borderMainDark min-w-[48px] break-normal border\">Use-after-free bug; full admin access<\/td>\n<\/tr>\n<tr>\n<td class=\"border-borderMain px-sm dark:border-borderMainDark min-w-[48px] break-normal border\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-30397\" target=\"_blank\" rel=\"noopener\">CVE-2025-30397<\/a><\/td>\n<td class=\"border-borderMain px-sm dark:border-borderMainDark min-w-[48px] break-normal border\">Microsoft Scripting Engine<\/td>\n<td class=\"border-borderMain px-sm dark:border-borderMainDark min-w-[48px] break-normal border\">Remote Code Execution<\/td>\n<td class=\"border-borderMain px-sm dark:border-borderMainDark min-w-[48px] break-normal border\">Type confusion; code execution via Edge\/IE<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<div class=\"px-two bg-background border-border shadow-subtle pointer-coarse:opacity-100 right-xs absolute bottom-0 flex gap-2 rounded-lg border py-px opacity-0 transition-opacity group-hover:opacity-100\">\n<div>\n<div class=\"flex items-center min-w-0 font-medium gap-1 justify-center\">\n<div class=\"flex shrink-0 items-center justify-center size-3.5\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<p><strong><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-30400\" target=\"_blank\" rel=\"noopener\">CVE-2025-30400<\/a> (DWM Core Library):<\/strong><br \/>\nThis flaw allows attackers with basic network rights to exploit a use-after-free vulnerability in the Desktop Window Manager, granting SYSTEM-level privileges. It affects Windows 10, 11, and Windows Server 2025<span class=\"whitespace-nowrap\">.<\/span><\/p>\n<p><strong><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2025-32701\" target=\"_blank\" rel=\"noopener\">CVE-2025-32701<\/a> &amp; <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2025-32706\" target=\"_blank\" rel=\"noopener\">CVE-2025-32706<\/a> (CLFS Driver):<\/strong><br \/>\nBoth are elevation of privilege vulnerabilities in the Common Log File System Driver, a critical Windows component. Attackers with initial access can escalate privileges to SYSTEM, potentially disabling security tools or harvesting credentials for lateral movement<span class=\"whitespace-nowrap\">.<\/span><\/p>\n<p><strong><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-32709\" target=\"_blank\" rel=\"noopener\">CVE-2025-32709<\/a> (WinSock):<\/strong><br \/>\nThis vulnerability in the Windows Ancillary Function Driver for WinSock allows attackers to elevate privileges to full administrator through a use-after-free attack<span class=\"whitespace-nowrap\">.<\/span><\/p>\n<p><strong><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-30397\" target=\"_blank\" rel=\"noopener\">CVE-2025-30397<\/a> (Scripting Engine):<\/strong><br \/>\nA memory corruption issue in the Microsoft Scripting Engine can be exploited for remote code execution, particularly via Edge in Internet Explorer mode if a user visits a malicious website<span class=\"whitespace-nowrap\">.<\/span><\/p>\n<h2 id=\"two-publicly-disclosed-zero-days\" class=\"mb-2 mt-6 text-lg font-[500] first:mt-0 dark:font-[475]\"><strong>Two Publicly Disclosed Zero-Days<\/strong><\/h2>\n<p class=\"my-0\">In addition to the actively exploited flaws, Microsoft patched two zero-days that were publicly disclosed before a fix was available:<\/p>\n<p class=\"my-0\"><strong><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-26685\" target=\"_blank\" rel=\"noopener\">CVE-2025-26685<\/a>:<\/strong> Microsoft Defender for Identity Spoofing Vulnerability. Allows attackers with LAN access to perform spoofing and potentially obtain NTLM hashes, raising credential theft concerns<span class=\"whitespace-nowrap\">.<\/span><\/p>\n<p class=\"my-0\"><strong><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-32702\" target=\"_blank\" rel=\"noopener\">CVE-2025-32702<\/a>:<\/strong> Visual Studio Remote Code Execution Vulnerability. Allows local attackers to execute arbitrary code via Visual Studio<span class=\"whitespace-nowrap\">.<\/span><\/p>\n<p class=\"my-0\">The presence of multiple zero-days under active exploitation significantly increases the risk for unpatched systems. Attackers are leveraging these vulnerabilities to escalate privileges and execute malicious code, often as part of broader campaigns targeting both enterprises and individuals<span class=\"whitespace-nowrap\">.<\/span><\/p>\n<h2 id=\"urgent-recommendations\" class=\"mb-2 mt-6 text-lg font-[500] first:mt-0 dark:font-[475]\"><strong>Recommendations<\/strong><\/h2>\n<p><img decoding=\"async\" data-attachment-id=\"341993\" data-permalink=\"https:\/\/msftnewsnow.com\/microsofts-may-2025-patch-tuesday-five-zero-days\/microsofts-may-2025-patch-tuesday_-five-new-zero-days-exploited-72-flaws-patched\/#main\" data-orig-file=\"https:\/\/e7drz69p964.exactdn.com\/wp-content\/uploads\/2025\/05\/Microsofts-May-2025-Patch-Tuesday_-Five-New-Zero-Days-Exploited-72-Flaws-Patched.jpg?strip=all&lossy=1&quality=88&sharp=1&ssl=1\" data-orig-size=\"1024,576\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;{\\&quot;prompt\\&quot;:\\&quot;Microsoft&#039;s May 2025 Patch Tuesday: Five New Zero-Days Exploited, 72 Flaws Patched\\&quot;,\\&quot;originalPrompt\\&quot;:\\&quot;Microsoft&#039;s May 2025 Patch Tuesday: Five New Zero-Days Exploited, 72 Flaws Patched\\&quot;,\\&quot;width\\&quot;:1024,\\&quot;height\\&quot;:576,\\&quot;seed\\&quot;:42,\\&quot;model\\&quot;:\\&quot;flux\\&quot;,\\&quot;enhance\\&quot;:false,\\&quot;nologo\\&quot;:true,\\&quot;negative_prompt\\&quot;:\\&quot;worst quality, blurry\\&quot;,\\&quot;nofeed\\&quot;:true,\\&quot;safe\\&quot;:false,\\&quot;isMature\\&quot;:false,\\&quot;isChild\\&quot;:false}&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;1&quot;}\" data-image-title=\"Microsoft\u2019s May 2025 Patch Tuesday_ Five New Zero-Days Exploited, 72 Flaws Patched\" data-image-description=\"\" data-image-caption=\"&lt;p&gt;{&#8220;prompt&#8221;:&#8221;Microsoft&#8217;s May 2025 Patch Tuesday: Five New Zero-Days Exploited, 72 Flaws Patched&#8221;,&#8221;originalPrompt&#8221;:&#8221;Microsoft&#8217;s May 2025 Patch Tuesday: Five New Zero-Days Exploited, 72 Flaws Patched&#8221;,&#8221;width&#8221;:1024,&#8221;height&#8221;:576,&#8221;seed&#8221;:42,&#8221;model&#8221;:&#8221;flux&#8221;,&#8221;enhance&#8221;:false,&#8221;nologo&#8221;:true,&#8221;negative_prompt&#8221;:&#8221;worst quality, blurry&#8221;,&#8221;nofeed&#8221;:true,&#8221;safe&#8221;:false,&#8221;isMature&#8221;:false,&#8221;isChild&#8221;:false}&lt;\/p&gt;\n\" data-medium-file=\"https:\/\/e7drz69p964.exactdn.com\/wp-content\/uploads\/2025\/05\/Microsofts-May-2025-Patch-Tuesday_-Five-New-Zero-Days-Exploited-72-Flaws-Patched.jpg?strip=all&lossy=1&quality=88&sharp=1&ssl=1\" data-large-file=\"https:\/\/e7drz69p964.exactdn.com\/wp-content\/uploads\/2025\/05\/Microsofts-May-2025-Patch-Tuesday_-Five-New-Zero-Days-Exploited-72-Flaws-Patched.jpg?strip=all&lossy=1&quality=88&sharp=1&ssl=1\" class=\"alignnone wp-image-341993 size-full\" src=\"https:\/\/e7drz69p964.exactdn.com\/wp-content\/uploads\/2025\/05\/Microsofts-May-2025-Patch-Tuesday_-Five-New-Zero-Days-Exploited-72-Flaws-Patched.jpg?strip=all&lossy=1&quality=88&sharp=1&ssl=1\" alt=\"Microsoft\u2019s May 2025 Patch Tuesday: Five New Zero-Days Exploited, 72 Flaws Patched: What You Need to Know\" width=\"1024\" height=\"576\" srcset=\"https:\/\/e7drz69p964.exactdn.com\/wp-content\/uploads\/2025\/05\/Microsofts-May-2025-Patch-Tuesday_-Five-New-Zero-Days-Exploited-72-Flaws-Patched.jpg?strip=all&amp;lossy=1&amp;quality=88&amp;sharp=1&amp;ssl=1 1024w, https:\/\/e7drz69p964.exactdn.com\/wp-content\/uploads\/2025\/05\/Microsofts-May-2025-Patch-Tuesday_-Five-New-Zero-Days-Exploited-72-Flaws-Patched-150x84.jpg?strip=all&amp;lossy=1&amp;quality=88&amp;sharp=1&amp;ssl=1 150w, https:\/\/e7drz69p964.exactdn.com\/wp-content\/uploads\/2025\/05\/Microsofts-May-2025-Patch-Tuesday_-Five-New-Zero-Days-Exploited-72-Flaws-Patched.jpg?strip=all&amp;lossy=1&amp;quality=88&amp;sharp=1&amp;w=204&amp;ssl=1 204w, https:\/\/e7drz69p964.exactdn.com\/wp-content\/uploads\/2025\/05\/Microsofts-May-2025-Patch-Tuesday_-Five-New-Zero-Days-Exploited-72-Flaws-Patched.jpg?strip=all&amp;lossy=1&amp;quality=88&amp;sharp=1&amp;w=409&amp;ssl=1 409w, https:\/\/e7drz69p964.exactdn.com\/wp-content\/uploads\/2025\/05\/Microsofts-May-2025-Patch-Tuesday_-Five-New-Zero-Days-Exploited-72-Flaws-Patched.jpg?strip=all&amp;lossy=1&amp;quality=88&amp;sharp=1&amp;w=614&amp;ssl=1 614w, https:\/\/e7drz69p964.exactdn.com\/wp-content\/uploads\/2025\/05\/Microsofts-May-2025-Patch-Tuesday_-Five-New-Zero-Days-Exploited-72-Flaws-Patched.jpg?strip=all&amp;lossy=1&amp;quality=88&amp;sharp=1&amp;w=819&amp;ssl=1 819w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/p>\n<ul class=\"marker:text-textOff list-disc\">\n<li>\n<p class=\"my-0\"><strong>Patch Immediately:<\/strong> Organizations and users should apply the May 2025 updates as soon as possible, especially on <a href=\"https:\/\/msftnewsnow.com\/tag\/windows-10\" target=\"_blank\" rel=\"noopener\">Windows 10<\/a>, <a href=\"https:\/\/msftnewsnow.com\/tag\/windows-11\" target=\"_blank\" rel=\"noopener\">Windows 11<\/a>, and <a href=\"https:\/\/msftnewsnow.com\/tag\/windows-server\" target=\"_blank\" rel=\"noopener\">Windows Server<\/a> systems.<\/p>\n<\/li>\n<li>\n<p class=\"my-0\"><strong>Review Microsoft\u2019s Security Update Guide:<\/strong> Full details and patch downloads are available on Microsoft\u2019s official <a class=\"break-word hover:text-super hover:decoration-super dark:hover:text-superDark dark:hover:decoration-superDark underline decoration-from-font underline-offset-1 transition-all duration-300\" href=\"https:\/\/msrc.microsoft.com\/update-guide\/releaseNote\/2025-may\" target=\"_blank\" rel=\"nofollow noopener\">May 2025 Security Update Guide<\/a><span class=\"whitespace-nowrap\">.<\/span><\/p>\n<\/li>\n<li>\n<p class=\"my-0\"><strong>Monitor for Exploitation:<\/strong> Security teams should monitor for unusual privilege escalation or credential harvesting activity, as attackers are actively exploiting these vulnerabilities.<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-0\">With five zero-days already being exploited and two more publicly disclosed, the May 2025 Patch Tuesday is one of the most critical security updates in recent months. Organizations and users are strongly advised to patch immediately to protect against privilege escalation, remote code execution, and credential theft attacks targeting Windows, Office, Azure, and other Microsoft products.<\/p>\n<table>\n<tbody>\n<tr>\n<th>Tag<\/th>\n<th>CVE ID<\/th>\n<th>CVE Title<\/th>\n<th>Severity<\/th>\n<\/tr>\n<tr>\n<td>.NET, Visual Studio, and Build Tools for Visual Studio<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-26646\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-26646<\/a><\/td>\n<td>.NET, Visual Studio, and Build Tools for Visual Studio Spoofing Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Active Directory Certificate Services (AD CS)<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29968\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29968<\/a><\/td>\n<td>Active Directory Certificate Services (AD CS) Denial of Service Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Azure<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-33072\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-33072<\/a><\/td>\n<td>Microsoft msagsfeedback.azurewebsites.net Information Disclosure Vulnerability<\/td>\n<td><span class=\"crit\">Critical<\/span><\/td>\n<\/tr>\n<tr>\n<td>Azure<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-30387\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-30387<\/a><\/td>\n<td>Document Intelligence Studio On-Prem Elevation of Privilege Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Azure Automation<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29827\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29827<\/a><\/td>\n<td>Azure Automation Elevation of Privilege Vulnerability<\/td>\n<td><span class=\"crit\">Critical<\/span><\/td>\n<\/tr>\n<tr>\n<td>Azure DevOps<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29813\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29813<\/a><\/td>\n<td>Azure DevOps Server Elevation of Privilege Vulnerability<\/td>\n<td><span class=\"crit\">Critical<\/span><\/td>\n<\/tr>\n<tr>\n<td>Azure File Sync<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29973\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29973<\/a><\/td>\n<td>Microsoft Azure File Sync Elevation of Privilege Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Azure Storage Resource Provider<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29972\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29972<\/a><\/td>\n<td>Azure Storage Resource Provider Spoofing Vulnerability<\/td>\n<td><span class=\"crit\">Critical<\/span><\/td>\n<\/tr>\n<tr>\n<td>Microsoft Brokering File System<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29970\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29970<\/a><\/td>\n<td>Microsoft Brokering File System Elevation of Privilege Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Dataverse<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-47732\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-47732<\/a><\/td>\n<td>Microsoft Dataverse Remote Code Execution Vulnerability<\/td>\n<td><span class=\"crit\">Critical<\/span><\/td>\n<\/tr>\n<tr>\n<td>Microsoft Dataverse<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29826\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29826<\/a><\/td>\n<td>Microsoft Dataverse Elevation of Privilege Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Defender for Endpoint<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-26684\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-26684<\/a><\/td>\n<td>Microsoft Defender Elevation of Privilege Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Defender for Identity<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-26685\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-26685<\/a><\/td>\n<td>Microsoft Defender for Identity Spoofing Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Edge (Chromium-based)<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-4050\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-4050<\/a><\/td>\n<td>Chromium: CVE-2025-4050 Out of bounds memory access in DevTools<\/td>\n<td>Unknown<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Edge (Chromium-based)<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-4096\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-4096<\/a><\/td>\n<td>Chromium: CVE-2025-4096 Heap buffer overflow in HTML<\/td>\n<td>Unknown<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Edge (Chromium-based)<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29825\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29825<\/a><\/td>\n<td>Microsoft Edge (Chromium-based) Spoofing Vulnerability<\/td>\n<td>Low<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Edge (Chromium-based)<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-4052\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-4052<\/a><\/td>\n<td>Chromium: CVE-2025-4052 Inappropriate implementation in DevTools<\/td>\n<td>Unknown<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Edge (Chromium-based)<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-4051\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-4051<\/a><\/td>\n<td>Chromium: CVE-2025-4051 Insufficient data validation in DevTools<\/td>\n<td>Unknown<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Edge (Chromium-based)<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-4372\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-4372<\/a><\/td>\n<td>Chromium: CVE-2025-4372 Use after free in WebAudio<\/td>\n<td>Unknown<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Office<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-30377\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-30377<\/a><\/td>\n<td>Microsoft Office Remote Code Execution Vulnerability<\/td>\n<td><span class=\"crit\">Critical<\/span><\/td>\n<\/tr>\n<tr>\n<td>Microsoft Office<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-30386\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-30386<\/a><\/td>\n<td>Microsoft Office Remote Code Execution Vulnerability<\/td>\n<td><span class=\"crit\">Critical<\/span><\/td>\n<\/tr>\n<tr>\n<td>Microsoft Office Excel<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29977\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29977<\/a><\/td>\n<td>Microsoft Excel Remote Code Execution Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Office Excel<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-30383\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-30383<\/a><\/td>\n<td>Microsoft Excel Remote Code Execution Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Office Excel<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29979\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29979<\/a><\/td>\n<td>Microsoft Excel Remote Code Execution Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Office Excel<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-30376\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-30376<\/a><\/td>\n<td>Microsoft Excel Remote Code Execution Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Office Excel<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-30393\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-30393<\/a><\/td>\n<td>Microsoft Excel Remote Code Execution Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Office Excel<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-32704\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-32704<\/a><\/td>\n<td>Microsoft Excel Remote Code Execution Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Office Excel<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-30375\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-30375<\/a><\/td>\n<td>Microsoft Excel Remote Code Execution Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Office Excel<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-30379\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-30379<\/a><\/td>\n<td>Microsoft Excel Remote Code Execution Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Office Excel<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-30381\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-30381<\/a><\/td>\n<td>Microsoft Excel Remote Code Execution Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Office Outlook<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-32705\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-32705<\/a><\/td>\n<td>Microsoft Outlook Remote Code Execution Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Office PowerPoint<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29978\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29978<\/a><\/td>\n<td>Microsoft PowerPoint Remote Code Execution Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Office SharePoint<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-30378\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-30378<\/a><\/td>\n<td>Microsoft SharePoint Server Remote Code Execution Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Office SharePoint<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-30382\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-30382<\/a><\/td>\n<td>Microsoft SharePoint Server Remote Code Execution Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Office SharePoint<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-30384\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-30384<\/a><\/td>\n<td>Microsoft SharePoint Server Remote Code Execution Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Office SharePoint<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29976\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29976<\/a><\/td>\n<td>Microsoft SharePoint Server Elevation of Privilege Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Microsoft PC Manager<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29975\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29975<\/a><\/td>\n<td>Microsoft PC Manager Elevation of Privilege Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Power Apps<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-47733\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-47733<\/a><\/td>\n<td>Microsoft Power Apps Information Disclosure Vulnerability<\/td>\n<td><span class=\"crit\">Critical<\/span><\/td>\n<\/tr>\n<tr>\n<td>Microsoft Scripting Engine<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-30397\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-30397<\/a><\/td>\n<td>Scripting Engine Memory Corruption Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Remote Desktop Gateway Service<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-26677\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-26677<\/a><\/td>\n<td>Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Remote Desktop Gateway Service<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29967\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29967<\/a><\/td>\n<td>Remote Desktop Client Remote Code Execution Vulnerability<\/td>\n<td><span class=\"crit\">Critical<\/span><\/td>\n<\/tr>\n<tr>\n<td>Remote Desktop Gateway Service<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29831\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29831<\/a><\/td>\n<td>Windows Remote Desktop Services Remote Code Execution Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Remote Desktop Gateway Service<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-30394\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-30394<\/a><\/td>\n<td>Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Role: Windows Hyper-V<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29955\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29955<\/a><\/td>\n<td>Windows Hyper-V Denial of Service Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Universal Print Management Service<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29841\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29841<\/a><\/td>\n<td>Universal Print Management Service Elevation of Privilege Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>UrlMon<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29842\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29842<\/a><\/td>\n<td>UrlMon Security Feature Bypass Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Visual Studio<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-32703\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-32703<\/a><\/td>\n<td>Visual Studio Information Disclosure Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Visual Studio<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-32702\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-32702<\/a><\/td>\n<td>Visual Studio Remote Code Execution Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Visual Studio Code<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-21264\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-21264<\/a><\/td>\n<td>Visual Studio Code Security Feature Bypass Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Web Threat Defense (WTD.sys)<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29971\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29971<\/a><\/td>\n<td>Web Threat Defense (WTD.sys) Denial of Service Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Windows Ancillary Function Driver for WinSock<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-32709\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-32709<\/a><\/td>\n<td>Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Windows Common Log File System Driver<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-32701\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-32701<\/a><\/td>\n<td>Windows Common Log File System Driver Elevation of Privilege Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Windows Common Log File System Driver<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-30385\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-30385<\/a><\/td>\n<td>Windows Common Log File System Driver Elevation of Privilege Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Windows Common Log File System Driver<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-32706\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-32706<\/a><\/td>\n<td>Windows Common Log File System Driver Elevation of Privilege Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Windows Deployment Services<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29957\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29957<\/a><\/td>\n<td>Windows Deployment Services Denial of Service Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Windows Drivers<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29838\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29838<\/a><\/td>\n<td>Windows ExecutionContext Driver Elevation of Privilege Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Windows DWM<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-30400\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-30400<\/a><\/td>\n<td>Microsoft DWM Core Library Elevation of Privilege Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Windows File Server<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29839\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29839<\/a><\/td>\n<td>Windows Multiple UNC Provider Driver Information Disclosure Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Windows Fundamentals<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29969\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29969<\/a><\/td>\n<td>MS-EVEN RPC Remote Code Execution Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Windows Hardware Lab Kit<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-27488\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-27488<\/a><\/td>\n<td>Microsoft Windows Hardware Lab Kit (HLK) Elevation of Privilege Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Windows Installer<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29837\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29837<\/a><\/td>\n<td>Windows Installer Information Disclosure Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Windows Kernel<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-24063\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-24063<\/a><\/td>\n<td>Kernel Streaming Service Driver Elevation of Privilege Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Windows Kernel<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29974\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29974<\/a><\/td>\n<td>Windows Kernel Information Disclosure Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Windows LDAP &#8211; Lightweight Directory Access Protocol<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29954\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29954<\/a><\/td>\n<td>Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Windows Media<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29962\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29962<\/a><\/td>\n<td>Windows Media Remote Code Execution Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Windows Media<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29963\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29963<\/a><\/td>\n<td>Windows Media Remote Code Execution Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Windows Media<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29964\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29964<\/a><\/td>\n<td>Windows Media Remote Code Execution Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Windows Media<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29840\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29840<\/a><\/td>\n<td>Windows Media Remote Code Execution Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Windows NTFS<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-32707\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-32707<\/a><\/td>\n<td>NTFS Elevation of Privilege Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Windows Remote Desktop<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29966\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29966<\/a><\/td>\n<td>Remote Desktop Client Remote Code Execution Vulnerability<\/td>\n<td><span class=\"crit\">Critical<\/span><\/td>\n<\/tr>\n<tr>\n<td>Windows Routing and Remote Access Service (RRAS)<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29836\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29836<\/a><\/td>\n<td>Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Windows Routing and Remote Access Service (RRAS)<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29959\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29959<\/a><\/td>\n<td>Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Windows Routing and Remote Access Service (RRAS)<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29835\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29835<\/a><\/td>\n<td>Windows Remote Access Connection Manager Information Disclosure Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Windows Routing and Remote Access Service (RRAS)<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29960\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29960<\/a><\/td>\n<td>Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Windows Routing and Remote Access Service (RRAS)<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29832\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29832<\/a><\/td>\n<td>Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Windows Routing and Remote Access Service (RRAS)<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29830\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29830<\/a><\/td>\n<td>Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Windows Routing and Remote Access Service (RRAS)<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29961\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29961<\/a><\/td>\n<td>Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Windows Routing and Remote Access Service (RRAS)<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29958\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29958<\/a><\/td>\n<td>Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Windows Secure Kernel Mode<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-27468\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-27468<\/a><\/td>\n<td>Windows Kernel-Mode Driver Elevation of Privilege Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Windows SMB<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29956\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29956<\/a><\/td>\n<td>Windows SMB Information Disclosure Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Windows Trusted Runtime Interface Driver<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29829\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29829<\/a><\/td>\n<td>Windows Trusted Runtime Interface Driver Information Disclosure Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<tr>\n<td>Windows Virtual Machine Bus<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-29833\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-29833<\/a><\/td>\n<td>Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability<\/td>\n<td><span class=\"crit\">Critical<\/span><\/td>\n<\/tr>\n<tr>\n<td>Windows Win32K &#8211; GRFX<\/td>\n<td><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/advisory\/CVE-2025-30388\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2025-30388<\/a><\/td>\n<td>Windows Graphics Component Remote Code Execution Vulnerability<\/td>\n<td>Important<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p class=\"my-0\"><strong>For more Microsoft security news, updates, and how-to guides, visit <a href=\"https:\/\/msftnewsnow.com\/\" target=\"_blank\" rel=\"noopener\">msftnewsnow.com<\/a>.<\/strong><\/p>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Yesterday, Microsoft released its latest Patch Tuesday security updates, addressing a total of 72 vulnerabilities across its product portfolio-including Windows, Office, Azure, and more. This month\u2019s update is especially urgent, as it patches five zero-day vulnerabilities already being exploited in the wild and two additional flaws that were publicly disclosed prior to the release. May &#8230; <a title=\"Microsoft\u2019s May 2025 Patch Tuesday: Five New Zero-Days Exploited, 72 Flaws Patched: What You Need to Know\" class=\"read-more\" href=\"https:\/\/msftnewsnow.com\/microsofts-may-2025-patch-tuesday-five-zero-days\/\" aria-label=\"Read more about Microsoft\u2019s May 2025 Patch Tuesday: Five New Zero-Days Exploited, 72 Flaws Patched: What You Need to Know\">Read more<\/a><\/p>\n","protected":false},"author":208461344,"featured_media":341992,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"enabled":false},"version":2}},"categories":[24,2540],"tags":[40,778,1066,1133,249,927,926,1155,2181,123,32,1175,1083,1188,1275,275,1205,1213,1228],"class_list":["post-341923","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","category-security","tag-azure","tag-microsoft","tag-microsoft-azure","tag-microsoft-defender","tag-microsoft-edge","tag-microsoft-office","tag-microsoft-outlook","tag-microsoft-pc-manager","tag-microsoft-security","tag-outlook","tag-patch-tuesday","tag-powerpoint","tag-security","tag-sharepoint","tag-visual-studio","tag-windows","tag-windows-10","tag-windows-11","tag-windows-server"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/msftnewsnow.com\/wp-content\/uploads\/2025\/05\/download-10.jpg","jetpack_shortlink":"https:\/\/wp.me\/pfgCZY-1qWT","jetpack-related-posts":[{"id":332492,"url":"https:\/\/msftnewsnow.com\/microsofts-march-2025-patch-tuesday-7-zero-days\/","url_meta":{"origin":341923,"position":0},"title":"Microsoft&#8217;s March 2025 Patch Tuesday Addresses 57 Vulnerabilities, Including 7 Critical Zero-Day Flaws","author":"Dave W. Shanahan","date":"March 12, 2025","format":false,"excerpt":"Microsoft has released its March 2025 Patch Tuesday updates, resolving a total of 57 security vulnerabilities affecting various products, including Windows, Office, Remote Desktop Services, and more. As reported by Bleeping Computer, among these vulnerabilities are seven critical zero-day flaws\u2014six of which were actively exploited in the wild prior to\u2026","rel":"","context":"In &quot;News&quot;","block_context":{"text":"News","link":"https:\/\/msftnewsnow.com\/news\/"},"img":{"alt_text":"Microsoft's March 2025 Patch Tuesday Addresses 57 Vulnerabilities, Including 7 Critical Zero-Day Flaws, CVE-2025-24983, CVE-2025-24991, CVE-2025-24984, CVE-2025-26630, CVE-2025-24985, CVE-2025-24993, CVE-2025-26633, CVE-2025-25001, CVE-2025-25002, CVE-2025-25003, CVE-2025-25004, CVE-2025-25005","src":"https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2025\/03\/f573b6ca-d63d-40aa-b938-eca52a0cc389-1.jpg?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2025\/03\/f573b6ca-d63d-40aa-b938-eca52a0cc389-1.jpg?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2025\/03\/f573b6ca-d63d-40aa-b938-eca52a0cc389-1.jpg?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2025\/03\/f573b6ca-d63d-40aa-b938-eca52a0cc389-1.jpg?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":329309,"url":"https:\/\/msftnewsnow.com\/microsoft-issues-largest-security-update-in-years\/","url_meta":{"origin":341923,"position":1},"title":"Microsoft issues largest security update in years for Patch Tuesday January 2025, patches 3 critical zero-day vulnerabilities","author":"Dave W. Shanahan","date":"January 15, 2025","format":false,"excerpt":"Microsoft has released its first Patch Tuesday update of 2025, addressing a staggering 161 security vulnerabilities - the largest number of fixes in a single month since 2017. As reported by Bleeping Computer, the massive update includes security patches for three actively exploited zero-day flaws and multiple critical vulnerabilities that\u2026","rel":"","context":"In &quot;News&quot;","block_context":{"text":"News","link":"https:\/\/msftnewsnow.com\/news\/"},"img":{"alt_text":"Microsoft issues January 2025 largest security updates in years, patches 3 critical zero-day vulnerabilities for January 2025","src":"https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2025\/01\/mvz7aywqxsgp9jdu7liv-e1736965366518.jpg?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2025\/01\/mvz7aywqxsgp9jdu7liv-e1736965366518.jpg?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2025\/01\/mvz7aywqxsgp9jdu7liv-e1736965366518.jpg?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2025\/01\/mvz7aywqxsgp9jdu7liv-e1736965366518.jpg?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":22789,"url":"https:\/\/msftnewsnow.com\/microsoft-october-2024-patch-tuesday-update\/","url_meta":{"origin":341923,"position":2},"title":"Microsoft releases critical October 2024 Patch Tuesday update, patching 118 security flaws and 2 crucial zero-days","author":"Dave W. Shanahan","date":"October 9, 2024","format":false,"excerpt":"Microsoft has unveiled its October 2024 Patch Tuesday update, addressing a significant number of security vulnerabilities across its product line. This month's release is particularly crucial, as it tackles 118 security flaws, including five zero-day vulnerabilities, two of which are already being actively exploited by malicious actors.","rel":"","context":"In &quot;News&quot;","block_context":{"text":"News","link":"https:\/\/msftnewsnow.com\/news\/"},"img":{"alt_text":"Microsoft releases critical October 2024 Patch Tuesday update, patching 118 security flaws and 2 crucial zero-days","src":"https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2024\/10\/odgyugr7wfqrk8a5w5yy.jpg?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2024\/10\/odgyugr7wfqrk8a5w5yy.jpg?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2024\/10\/odgyugr7wfqrk8a5w5yy.jpg?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2024\/10\/odgyugr7wfqrk8a5w5yy.jpg?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":18938,"url":"https:\/\/msftnewsnow.com\/july-2024-patch-tuesday-update-142-vulnerabilities\/","url_meta":{"origin":341923,"position":3},"title":"Microsoft releases critical July 2024 Patch Tuesday updates, addressing 142 vulnerabilities","author":"Dave W. Shanahan","date":"July 9, 2024","format":false,"excerpt":"The July 2024 Patch Tuesday underscores the ongoing importance of regular security updates in the face of evolving cyber threats. With 142 vulnerabilities addressed, including critical and actively exploited flaws, it's crucial for users and administrators to apply these updates as soon as possible to maintain the security of their\u2026","rel":"","context":"In &quot;News&quot;","block_context":{"text":"News","link":"https:\/\/msftnewsnow.com\/news\/"},"img":{"alt_text":"Microsoft releases critical July 2024 Patch Tuesday updates, addressing 142 vulnerabilities","src":"https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2024\/07\/un2ya4gejp8770e67u7p.jpg?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2024\/07\/un2ya4gejp8770e67u7p.jpg?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2024\/07\/un2ya4gejp8770e67u7p.jpg?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2024\/07\/un2ya4gejp8770e67u7p.jpg?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":17611,"url":"https:\/\/msftnewsnow.com\/microsoft-patch-tuesday-security-updates-6-2024\/","url_meta":{"origin":341923,"position":4},"title":"Microsoft Patch Tuesday security updates June 2024: Critical MSMQ and Wi-Fi driver vulnerabilities fixed","author":"Dave W. Shanahan","date":"June 12, 2024","format":false,"excerpt":"Microsoft Patch Tuesday security updates were released for June 2024, addressing a total of 51 security vulnerabilities across its products. This month's update includes fixes for one critical vulnerability in Microsoft Message Queuing (MSMQ) and another in the Windows Wi-Fi driver, both of which pose significant security risks.","rel":"","context":"In &quot;News&quot;","block_context":{"text":"News","link":"https:\/\/msftnewsnow.com\/news\/"},"img":{"alt_text":"Microsoft Patch Tuesday security updates June 2024: Critical MSMQ and Wi-Fi driver vulnerabilities fixed","src":"https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2024\/06\/508b9014-2b00-47c4-af7b-ff8c6ccf84f0.jpg?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2024\/06\/508b9014-2b00-47c4-af7b-ff8c6ccf84f0.jpg?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2024\/06\/508b9014-2b00-47c4-af7b-ff8c6ccf84f0.jpg?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2024\/06\/508b9014-2b00-47c4-af7b-ff8c6ccf84f0.jpg?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":20118,"url":"https:\/\/msftnewsnow.com\/security-updates-for-office-products-july-2024\/","url_meta":{"origin":341923,"position":5},"title":"Microsoft releases critical security updates for Office products, including SharePoint Server and Outlook in July 2024 Patch Tuesday","author":"Dave W. Shanahan","date":"July 26, 2024","format":false,"excerpt":"Microsoft has issued a series of important security updates for Office products as part of the July 2024 Patch Tuesday release. These updates address several vulnerabilities across various Office applications and services, aiming to enhance the security posture of Microsoft's productivity suite.","rel":"","context":"In &quot;News&quot;","block_context":{"text":"News","link":"https:\/\/msftnewsnow.com\/news\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2024\/02\/office.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2024\/02\/office.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2024\/02\/office.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2024\/02\/office.webp?resize=700%2C400&ssl=1 2x"},"classes":[]}],"jetpack_likes_enabled":true,"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/msftnewsnow.com\/wp-json\/wp\/v2\/posts\/341923","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/msftnewsnow.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/msftnewsnow.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/msftnewsnow.com\/wp-json\/wp\/v2\/users\/208461344"}],"replies":[{"embeddable":true,"href":"https:\/\/msftnewsnow.com\/wp-json\/wp\/v2\/comments?post=341923"}],"version-history":[{"count":0,"href":"https:\/\/msftnewsnow.com\/wp-json\/wp\/v2\/posts\/341923\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/msftnewsnow.com\/wp-json\/wp\/v2\/media\/341992"}],"wp:attachment":[{"href":"https:\/\/msftnewsnow.com\/wp-json\/wp\/v2\/media?parent=341923"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/msftnewsnow.com\/wp-json\/wp\/v2\/categories?post=341923"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/msftnewsnow.com\/wp-json\/wp\/v2\/tags?post=341923"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}