We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

NewApp Digest
search bot

Microsoft Patches a Whopping Seven Zero-Days in March

March 13, 2025

Microsoft’s March Patch Tuesday has introduced a significant wave of challenges for system administrators, unveiling over 50 new vulnerabilities that require immediate attention. Among these, seven zero-day vulnerabilities stand out, with six of them currently being exploited in the wild.

Notable Vulnerabilities

The vulnerabilities of particular concern include:

  • CVE-2025-26633: A security feature bypass in Microsoft Management Console, assigned a CVSS score of 7.0.
  • CVE-2025-24993: A remote code execution (RCE) vulnerability in Windows NTFS, with a CVSS score of 7.8.
  • CVE-2025-24991: An information disclosure vulnerability in Windows NTFS, rated at a CVSS score of 5.5.
  • CVE-2025-24985: An RCE vulnerability in the Windows Fast FAT File System Driver, also scoring 7.8.
  • CVE-2025-24984: Another information disclosure bug in Windows NTFS, with a CVSS score of 4.6.
  • CVE-2025-24983: An elevation of privilege (EoP) vulnerability in the Windows Win32 Kernel Subsystem, rated at 7.0.

In addition, Microsoft has disclosed a zero-day vulnerability, CVE-2025-26630, which is a remote code execution vulnerability in Microsoft Access. This vulnerability carries a CVSS score of 7.8, categorizing it as “important.” Chris Goettl, VP of security product management at Ivanti, noted that while the disclosure may offer attackers some insights for potential exploitation, the absence of code samples would complicate their efforts. “Risk-based prioritization would indicate a slightly higher risk for a disclosure without functional code, but not enough to bump this CVE up to critical,” he explained.

This month’s patch list includes a total of 23 EoP and 23 RCE vulnerabilities. Notably, all six vulnerabilities rated as “critical” are RCE vulnerabilities, including CVE-2025-24084, which impacts the Windows Subsystem for Linux (WSL2) kernel. Rapid7 lead software engineer Adam Barnett elaborated on the potential risks, stating, “The advisory describes multiple possible attack vectors, but in the worst case, there is no requirement for user interaction, since simply receiving a malicious email would be enough to trigger the vulnerability.” The implications of this “magic email” attack vector are particularly concerning, prompting a call for prompt patching.

Another critical RCE vulnerability addressed this month is CVE-2025-26645, which affects the widely used remote desktop client (RDP). Barnett cautioned that this flaw could enable threat actors to easily navigate laterally through a victim’s network. “How much do you trust the RDP server you’re about to connect to?” he queried. “An attacker in control of a malicious RDP server simply has to wait for a client vulnerable to CVE-2025-26645 to connect in order to achieve remote code execution on the client.”

Winsage
Microsoft Patches a Whopping Seven Zero-Days in March