One Zero-Day, 11 High-Risk Flaws

One Zero-Day, 11 High-Risk Flaws

Microsoft Patch Tuesday for April 2025 included fixes for 135 vulnerabilities in all, including one actively exploited zero-day and an additional 11 high-risk vulnerabilities.

In all, Patch Tuesday April 2025 included 126 Microsoft vulnerabilities and nine Chrome/Microsoft Edge vulnerabilities.

The zero-day is a 7.8-rated Windows Common Log File System Driver use-after-free vulnerability that the U.S. Cybersecurity and Infrastructure Security Agency (CISA) promptly added to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability, CVE-2025-29824, could allow an attacker to elevate privileges locally. Microsoft revealed that the vulnerability has been exploited in ransomware attacks.

The single zero-day vulnerability marks a significant decline from the six reported in March. So far this year, Microsoft has reported 405 vulnerabilities in its Patch Tuesday reports, including 12 actively exploited zero days.

Patch Tuesday April 2025 High-Risk Vulnerabilities

The 11 vulnerabilities labeled “Exploitation More Likely” range in severity from 5.4 (a Windows Mark of the Web Security Feature Bypass vulnerability) to 8.8 (a SharePoint Remote Code Execution vulnerability), and another four are rated 8.1.

The high-risk vulnerabilities include:


  • CVE-2025-29794: SharePoint Remote Code Execution (RCE) Vulnerability (8.8)
  • CVE-2025-29793: Microsoft SharePoint Remote Code Execution Vulnerability (7.2)
  • CVE-2025-26663: Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability (8.1)
  • CVE-2025-26670: LDAP Client Remote Code Execution Vulnerability (8.1)
  • CVE-2025-27480: Windows Remote Desktop Services Remote Code Execution Vulnerability (8.1)
  • CVE-2025-27482: Windows Remote Desktop Services Remote Code Execution Vulnerability (8.1)
  • CVE-2025-27727: Windows Installer Elevation of Privilege Vulnerability (7.8)
  • CVE-2025-29792: Microsoft Office Elevation of Privilege Vulnerability (7.3)
  • CVE-2025-29809: Windows Kerberos Security Feature Bypass Vulnerability (7.1)
  • CVE-2025-29812: DirectX Graphics Kernel Elevation of Privilege Vulnerability (7.8)
  • CVE-2025-27472: Windows Mark of the Web Security Feature Bypass Vulnerability (5.4)

Other Vendors Issuing Patches

The second Tuesday of the month is a day when other IT vendors issue patches too, and April 2025 is no exception. Among the other vendors and projects issuing patches within the last day were:

 

Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.


Source link