Microsoft Monthly Security Update – 12 March 2025

In Cyber Security by Matsco Engineering Team

 

Microsoft have released a security advisory on the 12th of March 2025 which includes a number of updates to address vulnerabilities in two (2) High Risk, three (3) Medium Risk, and 1 Low Risk products. 

These updates address vulnerabilities which may impact services through Elevation of Privilege, Remote Code Execution, Denial of Service, Security Restriction Bypass, Spoofing, and Information Disclosure. 

For more information please see: Microsoft Security Update

This release consists of security updates for the following products, features and roles:

  • .NET
  • ASP.NET Core & Visual Studio
  • Azure Agent Installer
  • Azure Arc
  • Azure CLI
  • Azure PromptFlow
  • Kernel Streaming WOW Thunk Service Driver
  • Microsoft Edge (Chromium-based)
  • Microsoft Local Security Authority Server (lsasrv)
  • Microsoft Management Console
  • Microsoft Office
  • Microsoft Office Access
  • Microsoft Office Excel
  • Microsoft Office Word
  • Microsoft Streaming Service
  • Microsoft Windows
  • Remote Desktop Client
  • Role: DNS Server
  • Role: Windows Hyper-V
  • Visual Studio
  • Visual Studio Code
  • Windows Common Log File System Driver
  • Windows Cross Device Service
  • Windows exFAT File System
  • Windows Fast FAT Driver
  • Windows File Explorer
  • Windows Kernel Memory
  • Windows Kernel-Mode Drivers
  • Windows MapUrlToZone
  • Windows Mark of the Web (MOTW)
  • Windows NTFS
  • Windows NTLM
  • Windows Remote Desktop Services
  • Windows Resilient File System (ReFS) Deduplication Service
  • Windows Routing and Remote Access Service (RRAS)
  • Windows Subsystem for Linux
  • Windows Telephony Server
  • Windows USB Video Driver
  • Windows Win32 Kernel Subsystem

 

CVE-2025-24983 is being exploited in the wild and an attacker with local and user privileges could perform elevation of privilege on the targeted system.

CVE-2025-24984 and CVE-2025-24991 are being exploited in the wild and an attacker with local and user privileges could perform information disclosure on the targeted system.

CVE-2025-24985 and CVE-2025-24993 are being exploited in the wild and an attacker with local and user privileges could perform code execution on the targeted system locally.

CVE-2025-26633 is being exploited in the wild and an attacker with local and user privileges could perform security restriction bypass on the targeted system.

CVE-2025-26630 is being exploited in the wild and an attacker with local and user privileges could perform code execution on the targeted system locally.

Please contact the Matsco Solutions team on the below if you would like any further information or would like to schedule a maintenance.

support@matscosolutions.com

Beijing  +86 400 120 2782
Hong Kong  +852 8101 8418
London   +44 (0)20 7821 4950
New York  +1 866 446 9226
Singapore  +65 6100 1090

Share this Post