February 2025 Patch Tuesday: Microsoft Addressed 57 Vulnerabilities, Including 6 actively exploited ZeroDays

Microsoft has rolled out its March 2025 Patch Tuesday updates, addressing critical security risks across its software ecosystem. The update resolves 57 vulnerabilities which includes 6 zero-day vulnerabilities which are actively exploited and also 10 non-Microsoft CVEs. The patches aim to strengthen defences against potential cyberattacks. Users are advised to update immediately.

The major categories for these vulnerabilities are as follows:

• Elevation of Privilege – 22
• Security Feature Bypass – 03
• Denial of Service – 01
• Remote Code Execution (RCE)- 23
• Information Disclosure – 04
• Spoofing – 4

Of the vulnerabilities addressed this month, 40.3% were related to Remote Code Execution, while 38.6% were related to Elevation of Privilege.

Following is the 6 zero days being actively exploited vulnerabilities:

• CVE-2025-24983
• CVE-2025-24984
• CVE-2025-24985
• CVE-2025-24991
• CVE-2025-24993
• CVE-2025-26633

CVE-2025-24983 is Windows Win32 Kernel Subsystem use-after-free (UAF) vulnerability, CVE-2025-24984 is related to Windows NTFS information disclosure vulnerability that allows an attacker with physical access to a target device. CVE-2025-24985 is integer overflow vulnerability in Windows Fast FAT File System Driver.  CVE-2025-24991 is out-of-bounds read vulnerability in Windows NTFS while CVE-2025-24993 is heap-based buffer overflow vulnerability in Windows NTFS and CVE-2025-26633 is Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally.

10 non-Microsoft CVEs are:

• CVE-2024-9157
• CVE-2025-1914
• CVE-2025-1915
• CVE-2025-1916
• CVE-2025-1917
• CVE-2025-1918
• CVE-2025-1919
• CVE-2025-1921
• CVE-2025-1922
• CVE-2025-1923

Apart from Microsoft few other popular vendors have also provided fixes:

Adobe: Adobe released updates for applications including Adobe Acrobat Reader, Adobe Illustrator and Adobe Substance 3D Designer/3D Modeler/ 3D Painter / 3D Sampler and Adobe InDesign.

Apple: Apple released updates for its products including Apple Vision Pro, macOS Sequoia and others.

Cisco: Cisco released updates for its products including Cisco IOS XR Software.

Citrix: Citrix released updates for its products including NetScaler ADC and NetScaler Gateway Security.

Fortinet: Fortinet released updates for its products including FortiOS, FortiAnalyzer and FortiSandbox

F5: F5 released updates for the vulnerabilities reported with several products including BIG-IP and BIG-IQ.

Google: Google has released updates to patch vulnerabilities with Google Chrome, Google Cloud and Google WearOS.

Ivanti: Ivanti released updates for its products including Secure Access Client and Ivanti Neurons.

SAP: SAP released updates for multiple products including SAP NetWeaver and SAP Commerce.

Here are few essential pieces of advice for users regarding Microsoft’s March 2025 Patch Tuesday updates:

1. Update Immediately: Install the March2025 Patch Tuesday updates as soon as possible. Microsoft has addressed four zero-day vulnerabilities that are actively exploited in the wild, so prompt action will minimize risk.
2. Prioritize Critical Systems: If managing a large IT environment, prioritize updating critical systems such as Windows servers and workstations first, especially those exposed to external networks, to quickly bolster key defences.
3. Use Microsoft Update Tools: Ensure that automatic updates are enabled in Windows Update for personal devices, and consider using centralized tools like Windows Server Update Services (WSUS) or Microsoft Endpoint Configuration Manager for enterprise environments.
4. Secure Edge and Office Applications: Make sure to update Microsoft Edge and Office applications, as some of the vulnerabilities affect these programs. Keeping them updated helps protect against potential threats targeting popular productivity tools.
5. Patch All Network-Exposed Devices: Network-exposed devices are particularly vulnerable to attacks. Make sure to patch any device connected to the internet or other untrusted networks, including endpoints and remote machines.
6. Disable Workarounds Where Applicable: If any previous workarounds or temporary mitigations were applied to address vulnerabilities, review and disable them after applying the patches to ensure software functionality returns to normal.
7. Review Microsoft’s Security Documentation: Microsoft often provides technical details on vulnerabilities and affected systems in their security bulletins. Review these documents to fully understand the patches’ scope and any additional steps required in your environment.

Following these best practices will help reduce your exposure to the vulnerabilities addressed in this month’s Patch Tuesday and strengthen your organization’s security posture against potential threats.