Microsoft on Tuesday sent fixes to decide everything 78 security disadvantages Through its program warehouse, including a set of five zero days, which have been actively operating in the wild.
Of the 78 deficiencies resolved by the technological giant, 11 are evaluated by critical, 66 is important and one is low in severity. Twenty-eight of these vulnerabilities lead to a remote code, 21 of them are privileges of errors, and 16 others are classified as deficiencies in information disclosure.
Updates in addition to Another eight security defects Since the exit of last month company in its browser based Chromium based Chromium Update on Tuesday patch.
Below are five vulnerabilities that have been actively exploited in the wild – given below –
- Cve-2025-30397 (CVSS assessment: 7.5) – vulnerability of corruption of the engine memory. Corruption’s vulnerability
- Cve-2025-30400 (CVSS Assessment: 7.8) – Microsoft Desktop Window Manager (DWM) Basic Library Exaltation Vulnecs
- Cve-2025-32701 (CVSS assessment: 7.8) – Window
- Cve-2025-32706 (CVSS assessment: 7.8) – Windows file driver height
- Cve-2025-32709 (CVSS assessment: 7.8) – Windows Auxiliary Driver for Exaltation WinSock Privilee
While the first three shortcomings were credited with Microsoft’s own intelligence group, Benoit Sevens from Google Persaint Intelligence Group and Crowdstrike Advanced Research Team were recognized for opening Cve-2025-32706. Anonymous researcher was credited with Cve-2025-32709 reports.
“Another zero day vulnerability was discovered in Microsoft Scripting Engine, a key component used in Internet Explorer and Internet Explorer in Microsoft Edge,” Alex Vovk, CEO and Consignment – Note Near the Cve-2025-30397.
“Attackers can use a deficiency through a malicious web page or script that causes the script engine to incorrectly interpret the types of objects, which will lead to corruption and arbitrary code in the context of the current user. If the user has administrative privileges, attackers can get full control of the system.
The CVE-2025-30400-third lack of escalation of privileges in the main library of DWM, which must be armed in the wild since 2023. In May 2024, Microsoft gave out the patches for Cve-2024-30051, which Caspersorski – Note used in attacks that distribute malicious QAKBOT software (aka QWake Mantis).
“Since 2022, Patch on Tuesday addressed up to 26 vulnerabilities in DWM,” said Hacker News Satnam Narang, senior Tenable research engineer.
“In fact, in the issue of April 2025, the fixes for five major vulnerabilities in the vulnerabilities for five DWM were included. Cve-2023-36033 In 2023 “
CVE-2025-32701 and Cve-2015-32706-seventh and eighth deficiencies of privileges that will be found in the CLFS components and were used in real attacks from 2022. Last month, Microsoft disclosed that CVE-2025-29824 was used in limited attacks on target companies in the US, Venezuela, Spain and Saudi Arabia.
Cve-2025-29824 also as they say exploited As a zero day by the subjects of the threat associated with the family of the performance of the ransomware, as part of an attack aimed at an unnamed organization in the United States, Broadcom Symantec showed earlier this month.
CVE-2025-32709 is also the third drawback of privileges in the auxiliary driver for the WinSock component, which was abused during the year, after Cve-2024-38193 and Cve-2025-21418. It should be noted that the operation of the CVE-2024-38193 was associated with the Lazarus group associated with North Korea.
Development has pushed the US Cybersecurity and infrastructure (CISA) adding all five vulnerabilities to its well -known exploited vulnerabilities (Ship) A catalog that requires federal agencies to apply by June 3, 2025.
Microsoft Patch update on Tuesday also reviews the escalation error in Microsoft Defender for the final point for Linux (Cve-2025-26684.
Researcher Stratascale Rich Mirch, which is one of two researchers recognized for reports of vulnerability, said the problem is rooted in the Python Helper script, which includes a function (“Grava_version ()”) to determine the Java Runtime (JRE) version.
‘The function determines the Binari location Java on the disk by checking /proc /
Another noticeable disadvantage is the fake of vulnerability that affects Microsoft Defender for identity (Cve-2025-26685.
” A feature of detecting lateral motion Potentially can be used by the enemy to obtain the hash NTLM, ” – said in a statement Adam Barnet, a leading engineer of the Rapid7 software.
Vulnerability with maximum speed Cve-2025-29813 (CVSS assessment: 10.0), lack of escalation of privileges on the Azure Devops server, which allows an unauthorized attacker to exalt the privileges on the network. Microsoft said the deficiency is already deployed in the cloud and no customer required any action.
Software patches from other suppliers
In addition to Microsoft, over the past few weeks have also been released security updates to fix multiple vulnerabilities, including –
