Pierluigi Paganini
March 12, 2025
Microsoft Patch Tuesday security updates for March 2025 addressed 56 vulnerabilities in Windows and Windows Components, Office and Office Components, Azure, .NET and Visual Studio, Remote Desktop Services, DNS Server, and Hyper-V Server.
This Patch Tuesday stands out for the number of actively exploited zero-day vulnerabilities addressed by the IT giant, which totals six.
Six vulnerabilities are rated Critical, and 50 are rated Important in severity.
“Of the patches released today, six are rated Critical, and 50 are rated Important in severity. This is nearly identical to the release last month in volume, but the number of actively exploited bugs is extraordinary.” reported ZDI. “One of these bugs is listed as publicly known, and six(!) others are listed as under active attack at the time of release”
The six vulnerabilities that have been actively exploited in the wild are:
ESET researchers, who discovered the vulnerability CVE-2025-24983, reported that the zero-day CVE-2025-24983 has been exploited since March 2023. The flaw enables attackers with low privileges to escalate to SYSTEM privileges but requires winning a race condition. The exploit, linked to the PipeMagic backdoor, has targeted unsupported Windows versions like Server 2012 R2 and 8.1 but also affects Windows 10 (build 1809 and earlier) and Server 2016.
#ESETresearch has discovered a zero day exploit abusing #CVE-2025-24983 vulnerability in Windows Kernel to elevate privileges (#LPE). First seen in the wild in March 2023, the exploit was deployed through #PipeMagic backdoor on the compromised machines. 1/4 pic.twitter.com/qCOgYiltfs
— ESET Research (@ESETresearch) March 11, 2025
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Microsoft Patch Tuesday)
