Microsoft’s April 2025 Patch Tuesday addresses 134 vulnerabilities across various categories. These include remote code execution, privilege elevation, and information disclosure flaws. Among the updates, one actively exploited zero-day vulnerability has been fixed. The zero-day vulnerability, CVE-2025-29824, allows local attackers to gain SYSTEM privileges on affected systems. This flaw was exploited by the RansomEXX ransomware gang to elevate their access.
In total, Microsoft resolved 49 Elevation of Privilege vulnerabilities, 9 Security Feature Bypass flaws, and 31 Remote Code Execution vulnerabilities. Other vulnerabilities addressed include Denial of Service, Spoofing, and Information Disclosure issues. Notably, 11 of these vulnerabilities were classified as “Critical,” meaning they pose a significant threat to affected systems. Microsoft is rolling out these updates for Windows Server and Windows 11, with updates for Windows 10 coming later.
The company also detailed various vulnerabilities in other Microsoft products. These include issues with Microsoft Office, Outlook, and Visual Studio. CVE-2025-27745, a critical vulnerability in Microsoft Office, was one of the highlights. It allows attackers to execute code remotely, impacting millions of users. Similarly, the CVE-2025-27752 flaw in Microsoft Excel also presents a critical remote code execution risk.
In addition to Microsoft’s updates, other vendors released security patches in April 2025. Apache addressed a severe RCE vulnerability in Apache Parquet. Apple and Google also released updates for their products, fixing several actively exploited flaws. Notably, Ivanti and Fortinet patched critical vulnerabilities in their systems. These collective updates aim to mitigate growing cyber threats in various industries and devices.
