- 77/2025
- High
Microsoft has released its monthly patch of security updates, known as Patch Tuesday. The mentioned patch addressed one actively exploited zero-day vulnerability.
Microsoft has fixed (134) vulnerabilities as they could allow the attacker to gain elevated privileges, bypass security restrictions, disclose sensitive information, perform spoofing or execute arbitrary code, and gain access to the affected systems.
April’s Patch Tuesday was released to fix security flaws in several Microsoft products such as Windows Remote Desktop Services, Microsoft Streaming Service, Windows Hyper-V, Azure CLI, Windows USB Print Driver, Windows Telephony Server, Windows Common Log File System Driver, Windows Kernel-Mode Drivers, Microsoft Edge (Chromium-based), Microsoft Visual Studio, Windows Kernel Memory, Windows NTFS, and Microsoft Active Directory Domain Services.
The actively exploited zero-day vulnerability in April’s Patch is:
- Windows Common Log File System Driver Elevation of Privilege Vulnerability “CVE-2025-29824” allows the local attacker to gain SYSTEM privileges on the vulnerable device.
Sample of the addressed vulnerabilities:
1. Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability (CVE-2025-26669):
- CVSS: 8.8
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Consequences: Obtain Information
2. Windows Kerberos Elevation of Privilege Vulnerability (CVE-2025-26647):
- CVSS: 8.1
- Attack Vector: Network
- Attack Complexity: High
- Privileges Required: None
- User Interaction: None
- Consequences: Gain Privileges
Vulnerabilities
Mitigations
The enterprise should deploy this patch as soon as the testing phase is completed.