Microsoft Patch Tuesday Security Updates for March 2025 Fix Six Actively Exploited Zero-Days

Microsoft has released its quarterly security updates, affectionately known as Patch Tuesday, which address a staggering 56 security vulnerabilities in its products. This latest round of patches is notable not only for the sheer number of fixes but also for the fact that six of them are actively exploited zero-days.

The updates apply to various Microsoft products and services, including Windows and Windows Components, Office and Office Components, Azure, .NET, Visual Studio, Remote Desktop Services, DNS Server, and Hyper-V Server. The company has taken a proactive approach to securing its customers' systems by releasing these patches, which will help prevent malicious actors from exploiting these vulnerabilities.

According to ZDI (Zombie Administration), the number of actively exploited zero-day vulnerabilities addressed by Microsoft Patch Tuesday is extraordinary. "Of the patches released today, six are rated Critical, and 50 are rated Important in severity," reported ZDI. "One of these bugs is listed as publicly known, and six(!) others are listed as under active attack at the time of release."

The six actively exploited zero-days that Microsoft has addressed are particularly concerning, as they have been used in the wild since March 2023. The first one, CVE-2025-24983, was discovered by ESET researchers and allows attackers with low privileges to escalate to SYSTEM privileges. This flaw requires a race condition to be exploited and targets unsupported Windows versions such as Server 2012 R2 and 8.1, as well as Windows 10 (build 1809 and earlier) and Server 2016.

The exploitation of this vulnerability is linked to the PipeMagic backdoor, which has been used in various attacks since its discovery. The fact that this zero-day has been exploited since March 2023 highlights the importance of timely patching and highlights the need for organizations to prioritize security updates.

The full list of vulnerabilities addressed by Microsoft Patch Tuesday security updates for March 2025 is available here. It's essential for organizations to review these patches and apply them as soon as possible to prevent potential attacks.

Stay informed about the latest security threats and patch releases by following me on Twitter (@securityaffairs), Facebook, and Mastodon (SecurityAffairs – hacking, Microsoft Patch Tuesday).

The Full List of Vulnerabilities Addressed by Microsoft Patch Tuesday

• CVE-2025-24983: Windows Kernel vulnerability allowing attackers to escalate privileges using the PipeMagic backdoor.
• Other publicly known vulnerabilities listed as Important in severity, such as CVE-2025-24892 and CVE-2025-24792.

Please Apply These Patches ASAP to Prevent Potential Attacks

The six actively exploited zero-days addressed by Microsoft Patch Tuesday are a clear reminder of the importance of timely patching. Organizations should review the full list of vulnerabilities addressed and apply the necessary patches as soon as possible to prevent potential attacks.