Microsoft has released security fixes to solve a massive set 126 deficiencies The impact on its software, including one vulnerability, which, he said, is actively exploited in the wild.
Of the 126 vulnerabilities, 11 are evaluated critical, 112 are important and two are low in severity. Forty-nine of these vulnerabilities are classified as an escalation of privileges, 34 as removed code, 16 as disclosure of information, and 14-like bug refusal (DOS).
Updates other than 22 Disadvantages The company fixed in its browser based on Chromium from the last month’s exit Update on Tuesday patch.
The vulnerability that has been labeled as an active attack is an exaltation of the deficiency of privileges (EOP) affectingCve-2025-29824.
Cve-2025-29824-it Sixth vulnerability eop Detection in the same components that have been used in the wild since 2022, the rest-Cve-2022-24521, Cve-202-37969, Cve-2023-2376, Cve-20252 and Cve-2024-49138 (CVSSS: 7.8).
“From the attacker’s point of view, after computer activity, it is necessary to get the necessary privileges for the next activity in the compromise system, such as lateral motion,” said Satam Narang, senior engineer on Tenable staff.
“Thus, the exaltation of privilege errors are usually popular in targeted attacks. However, the elevation of the flaws in CLF has become particularly popular with ransomware operators over the years.”
Mike Walters, president and co -founder Action1, – Note The vulnerability allows you to privilege the escalation to the level of the system, thereby giving the attacker the ability to install malicious software, change the system settings, support security features, access to data and maintain permanent access.
“Particularly making this vulnerability is that Microsoft has confirmed active exploitation in the wild, but at this time the patch was not released for Windows 10 32-bit or 64-bit systems,” said Ben Makartky, leading cybersecurity engineer at emmersive. “The lack of a patch leaves a critical gap in defense for a wide Windows ecosystem.”
“Under certain conditions of memory manipulation, it can be launched without use, which attacker can use to perform the code at the highest level of privileges in Windows. It is important that the attacker does not need administrative privileges for the use of vulnerability-only local access is.”
Active exploitation of the deficiency according to Microsoft has been linked to ransomware attacks on a small number of goals. Development has pushed the US Agency for Cybersecurity and Infrastructure (CISA) to add This is up to known exploited vulnerabilities (Ship) A catalog that requires federal agencies to apply by April 29, 2025.
Some of the other noticeable vulnerabilities that are fixed this month include the lack of security (SFB), which affects Windows Kerberos (Cve-2025-29809), as well as the shortcomings of the remote code in the Windows deleted desktop (Cve-2025-27480. Cve-2025-27482) and the access protocol to Windows Lightweight Directory (Cve-2025-2663. Cve-2025-26670)
It is also worth noting a few drawbacks of remote code in Microsoft Office and Excel (Excel (Excel (Cve-2025-29791. Cve-2025-2749. Cve-2025-2748. Cve-2025-2745and Cve-2025-2752) This can be used by a bad actor using a specially designed Excel document, resulting in complete control of the system.
Disabling the list of critical deficiencies is the vulnerability of the remote code that affect Windows TCP/IP (Cve-2025-26686) and Windows Hyper-V (Cve-2025-27491) This can allow the attacker to follow the code on the net under certain conditions.
It is worth noting that several vulnerabilities will not yet receive the Patch for Windows 10. Microsoft said the updates will “released as soon as possible, and if available, customers will be reported by reviewing this CVE information.”
Software patches from other suppliers
In addition to Microsoft, over the past few weeks have also been released security updates to fix multiple vulnerabilities, including –
