Microsoft has released its monthly security updates for April, addressing a wide range of vulnerabilities. This month’s Patch Tuesday includes fixes for over a hundred different security issues, with a particular focus on a zero-day flaw that was actively exploited. It is crucial for users to promptly update their devices to protect against potential threats.
Highlights of Microsoft’s April 2025 Patch Tuesday
The security updates for April include patches for 11 critical-severity vulnerabilities. These vulnerabilities impact various Microsoft products such as Excel, Windows Remote Desktop Services, Windows Hyper-V, LDAP, and TCP/IP.
Additionally, the update addresses 110 important severity vulnerabilities that could result in remote code execution, denial of service, privilege escalation, security feature bypass, information disclosure, and spoofing.
Some of the most significant vulnerabilities fixed in this update are:
- CVE-2025-26670 (critical; CVSS 8.1): A use-after-free flaw in LDAP Client that allows remote code execution.
- CVE-2025-26686 (critical; CVSS 7.5): A remote code execution vulnerability in Windows TCP/IP.
- CVE-2025-27740 (important; CVSS 8.8): A privilege escalation vulnerability in Active Directory Certificate Services.
- CVE-2025-26669 (important; CVSS 8.8): An out-of-bounds read vulnerability in Windows RRAS.
- CVE-2025-26678 (important; CVSS 8.4): A security feature bypass in Windows Defender Application Control.
One of the critical vulnerabilities addressed in this update could allow attackers to execute arbitrary code by exploiting a race condition.
Zero-Day Vulnerability Resolved
Microsoft has also fixed a zero-day vulnerability in the Windows Common Log File System Driver that was actively exploited. This use-after-free flaw could grant elevated privileges to unauthorized users, including SYSTEM privileges.
The vulnerability, assigned CVE ID CVE-2025-29824 with a CVSS score of 7.8, attracted the attention of threat actors before a patch was available. Microsoft confirmed active exploitation attempts of this vulnerability.
While updates have been released for most devices, Windows 10 systems are still awaiting a fix. Users are advised to exercise caution when using Windows 10 devices until the patch is available. Alternatively, upgrading to Windows 11 will ensure prompt security updates.
Share your thoughts in the comments section below.
