Microsoft Patch Tuesday for April 2025 included fixes for 135 vulnerabilities in all, including one actively exploited zero-day and an additional 11 high-risk vulnerabilities.
In all, Patch Tuesday April 2025 included 126 Microsoft vulnerabilities and nine Chrome/Microsoft Edge vulnerabilities.
The zero-day is a 7.8-rated Windows Common Log File System Driver use-after-free vulnerability that the U.S. Cybersecurity and Infrastructure Security Agency (CISA) promptly added to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability, CVE-2025-29824, could allow an attacker to elevate privileges locally. Microsoft revealed that the vulnerability has been exploited in ransomware attacks.
The single zero-day vulnerability marks a significant decline from the six reported in March. So far this year, Microsoft has reported 405 vulnerabilities in its Patch Tuesday reports, including 12 actively exploited zero days.
Patch Tuesday April 2025 High-Risk Vulnerabilities
The 11 vulnerabilities labeled “Exploitation More Likely” range in severity from 5.4 (a Windows Mark of the Web Security Feature Bypass vulnerability) to 8.8 (a SharePoint Remote Code Execution vulnerability), and another four are rated 8.1.
The high-risk vulnerabilities include:
- CVE-2025-29794: SharePoint Remote Code Execution (RCE) Vulnerability (8.8)
- CVE-2025-29793: Microsoft SharePoint Remote Code Execution Vulnerability (7.2)
- CVE-2025-26663: Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability (8.1)
- CVE-2025-26670: LDAP Client Remote Code Execution Vulnerability (8.1)
- CVE-2025-27480: Windows Remote Desktop Services Remote Code Execution Vulnerability (8.1)
- CVE-2025-27482: Windows Remote Desktop Services Remote Code Execution Vulnerability (8.1)
- CVE-2025-27727: Windows Installer Elevation of Privilege Vulnerability (7.8)
- CVE-2025-29792: Microsoft Office Elevation of Privilege Vulnerability (7.3)
- CVE-2025-29809: Windows Kerberos Security Feature Bypass Vulnerability (7.1)
- CVE-2025-29812: DirectX Graphics Kernel Elevation of Privilege Vulnerability (7.8)
- CVE-2025-27472: Windows Mark of the Web Security Feature Bypass Vulnerability (5.4)
Other Vendors Issuing Patches
The second Tuesday of the month is a day when other IT vendors issue patches too, and April 2025 is no exception. Among the other vendors and projects issuing patches within the last day were:
Source: Read More
