logo
Home/News/News article/

Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws

Patch Tuesday

Today is Microsoft's April 2025 Patch Tuesday, which includes security updates for 134 flaws, including one actively exploited zero-day vulnerability.

This Patch Tuesday also fixes eleven "Critical" vulnerabilities, all remote code execution vulnerabilities.

The number of bugs in each vulnerability category is listed below:

  • 49 Elevation of Privilege Vulnerabilities
  • 9 Security Feature Bypass Vulnerabilities
  • 31 Remote Code Execution Vulnerabilities
  • 17 Information Disclosure Vulnerabilities
  • 14 Denial of Service Vulnerabilities
  • 3 Spoofing Vulnerabilities

The above numbers do not include Mariner flaws and 13 Microsoft Edge vulnerabilities fixed earlier this month.

To learn more about the non-security updates released today, you can review our dedicated articles on the Windows 11 KB5055523 & KB5055528 cumulative updates and the Windows 10 KB5055518 update.

One actively exploited zero-days

This month's Patch Tuesday fixes one actively exploited zero-day. Microsoft classifies a zero-day flaw as publicly disclosed or actively exploited while no official fix is available.

The actively exploited zero-day vulnerability in today's updates is:

CVE-2025-29824 - Windows Common Log File System Driver Elevation of Privilege Vulnerability

Microsoft says this vulnerability allows local attackers to gain SYSTEM privileges on the device/

The security updates are only available now for Windows Server and Windows 11, with Microsoft releasing the Windows 10 updates later.

"The security update for Windows 10 for x64-based Systems and Windows 10 for 32-bit Systems are not immediately available," explained Microsoft.

"The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information."

It is unclear how the flaw was exploited in attacks.

Microsoft attributes the discovery of this flaw to the Microsoft Threat Intelligence Center.

Recent updates from other companies

Other vendors who released updates or advisories in April 2025 include:

The April 2025 Patch Tuesday Security Updates

Below is the complete list of resolved vulnerabilities in the April 2025 Patch Tuesday updates.

To access the full description of each vulnerability and the systems it affects, you can view the full report here.

Tag CVE ID CVE Title Severity
Active Directory Domain Services CVE-2025-29810 Active Directory Domain Services Elevation of Privilege Vulnerability Important
ASP.NET Core CVE-2025-26682 ASP.NET Core and Visual Studio Denial of Service Vulnerability Important
Azure Local CVE-2025-27489 Azure Local Elevation of Privilege Vulnerability Important
Azure Local Cluster CVE-2025-26628 Azure Local Cluster Information Disclosure Vulnerability Important
Azure Local Cluster CVE-2025-25002 Azure Local Cluster Information Disclosure Vulnerability Important
Azure Portal Windows Admin Center CVE-2025-29819 Windows Admin Center in Azure Portal Information Disclosure Vulnerability Important
Dynamics Business Central CVE-2025-29821 Microsoft Dynamics Business Central Information Disclosure Vulnerability Important
Microsoft AutoUpdate (MAU) CVE-2025-29800 Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability Important
Microsoft AutoUpdate (MAU) CVE-2025-29801 Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability Important
Microsoft Edge (Chromium-based) CVE-2025-3073 Chromium: CVE-2025-3073 Inappropriate implementation in Autofill Unknown
Microsoft Edge (Chromium-based) CVE-2025-3068 Chromium: CVE-2025-3068 Inappropriate implementation in Intents Unknown
Microsoft Edge (Chromium-based) CVE-2025-3074 Chromium: CVE-2025-3074 Inappropriate implementation in Downloads Unknown
Microsoft Edge (Chromium-based) CVE-2025-3067 Chromium: CVE-2025-3067 Inappropriate implementation in Custom Tabs Unknown
Microsoft Edge (Chromium-based) CVE-2025-3071 Chromium: CVE-2025-3071 Inappropriate implementation in Navigations Unknown
Microsoft Edge (Chromium-based) CVE-2025-3072 Chromium: CVE-2025-3072 Inappropriate implementation in Custom Tabs Unknown
Microsoft Edge (Chromium-based) CVE-2025-3070 Chromium: CVE-2025-3070 Insufficient validation of untrusted input in Extensions Unknown
Microsoft Edge (Chromium-based) CVE-2025-3069 Chromium: CVE-2025-3069 Inappropriate implementation in Extensions Unknown
Microsoft Edge (Chromium-based) CVE-2025-25000 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Important
Microsoft Edge (Chromium-based) CVE-2025-29815 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Important
Microsoft Edge (Chromium-based) CVE-2025-25001 Microsoft Edge for iOS Spoofing Vulnerability Low
Microsoft Edge (Chromium-based) CVE-2025-3066 Chromium: CVE-2025-3066 Use after free in Navigations Unknown
Microsoft Edge for iOS CVE-2025-29796 Microsoft Edge for iOS Spoofing Vulnerability Low
Microsoft Office CVE-2025-27745 Microsoft Office Remote Code Execution Vulnerability Critical
Microsoft Office CVE-2025-27744 Microsoft Office Elevation of Privilege Vulnerability Important
Microsoft Office CVE-2025-26642 Microsoft Office Remote Code Execution Vulnerability Important
Microsoft Office CVE-2025-29792 Microsoft Office Elevation of Privilege Vulnerability Important
Microsoft Office CVE-2025-29791 Microsoft Excel Remote Code Execution Vulnerability Critical
Microsoft Office CVE-2025-27748 Microsoft Office Remote Code Execution Vulnerability Critical
Microsoft Office CVE-2025-27746 Microsoft Office Remote Code Execution Vulnerability Important
Microsoft Office CVE-2025-27749 Microsoft Office Remote Code Execution Vulnerability Critical
Microsoft Office Excel CVE-2025-27751 Microsoft Excel Remote Code Execution Vulnerability Important
Microsoft Office Excel CVE-2025-27750 Microsoft Excel Remote Code Execution Vulnerability Important
Microsoft Office Excel CVE-2025-29823 Microsoft Excel Remote Code Execution Vulnerability Important
Microsoft Office Excel CVE-2025-27752 Microsoft Excel Remote Code Execution Vulnerability Critical
Microsoft Office OneNote CVE-2025-29822 Microsoft OneNote Security Feature Bypass Vulnerability Important
Microsoft Office SharePoint CVE-2025-29794 Microsoft SharePoint Remote Code Execution Vulnerability Important
Microsoft Office SharePoint CVE-2025-29793 Microsoft SharePoint Remote Code Execution Vulnerability Important
Microsoft Office Word CVE-2025-27747 Microsoft Word Remote Code Execution Vulnerability Important
Microsoft Office Word CVE-2025-29816 Microsoft Word Security Feature Bypass Vulnerability Important
Microsoft Office Word CVE-2025-29820 Microsoft Word Remote Code Execution Vulnerability Important
Microsoft Streaming Service CVE-2025-27471 Microsoft Streaming Service Denial of Service Vulnerability Important
Microsoft Virtual Hard Drive CVE-2025-26688 Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability Important
OpenSSH for Windows CVE-2025-27731 Microsoft OpenSSH for Windows Elevation of Privilege Vulnerability Important
Outlook for Android CVE-2025-29805 Outlook for Android Information Disclosure Vulnerability Important
Remote Desktop Client CVE-2025-27487 Remote Desktop Client Remote Code Execution Vulnerability Important
Remote Desktop Gateway Service CVE-2025-27482 Windows Remote Desktop Services Remote Code Execution Vulnerability Critical
Remote Desktop Gateway Service CVE-2025-27480 Windows Remote Desktop Services Remote Code Execution Vulnerability Critical
RPC Endpoint Mapper Service CVE-2025-26679 RPC Endpoint Mapper Service Elevation of Privilege Vulnerability Important
System Center CVE-2025-27743 Microsoft System Center Elevation of Privilege Vulnerability Important
Visual Studio CVE-2025-29802 Visual Studio Elevation of Privilege Vulnerability Important
Visual Studio CVE-2025-29804 Visual Studio Elevation of Privilege Vulnerability Important
Visual Studio Code CVE-2025-20570 Visual Studio Code Elevation of Privilege Vulnerability Important
Visual Studio Tools for Applications and SQL Server Management Studio CVE-2025-29803 Visual Studio Tools for Applications and SQL Server Management Studio Elevation of Privilege Vulnerability Important
Windows Active Directory Certificate Services CVE-2025-27740 Active Directory Certificate Services Elevation of Privilege Vulnerability Important
Windows BitLocker CVE-2025-26637 BitLocker Security Feature Bypass Vulnerability Important
Windows Bluetooth Service CVE-2025-27490 Windows Bluetooth Service Elevation of Privilege Vulnerability Important
Windows Common Log File System Driver CVE-2025-29824 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important
Windows Cryptographic Services CVE-2025-29808 Windows Cryptographic Services Information Disclosure Vulnerability Important
Windows Cryptographic Services CVE-2025-26641 Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability Important
Windows Defender Application Control (WDAC) CVE-2025-26678 Windows Defender Application Control Security Feature Bypass Vulnerability Important
Windows Digital Media CVE-2025-27730 Windows Digital Media Elevation of Privilege Vulnerability Important
Windows Digital Media CVE-2025-27467 Windows Digital Media Elevation of Privilege Vulnerability Important
Windows Digital Media CVE-2025-26640 Windows Digital Media Elevation of Privilege Vulnerability Important
Windows Digital Media CVE-2025-27476 Windows Digital Media Elevation of Privilege Vulnerability Important
Windows DWM Core Library CVE-2025-24074 Microsoft DWM Core Library Elevation of Privilege Vulnerability Important
Windows DWM Core Library CVE-2025-24073 Microsoft DWM Core Library Elevation of Privilege Vulnerability Important
Windows DWM Core Library CVE-2025-24058 Windows DWM Core Library Elevation of Privilege Vulnerability Important
Windows DWM Core Library CVE-2025-24062 Microsoft DWM Core Library Elevation of Privilege Vulnerability Important
Windows DWM Core Library CVE-2025-24060 Microsoft DWM Core Library Elevation of Privilege Vulnerability Important
Windows Hello CVE-2025-26635 Windows Hello Security Feature Bypass Vulnerability Important
Windows Hello CVE-2025-26644 Windows Hello Spoofing Vulnerability Important
Windows HTTP.sys CVE-2025-27473 HTTP.sys Denial of Service Vulnerability Important
Windows Hyper-V CVE-2025-27491 Windows Hyper-V Remote Code Execution Vulnerability Critical
Windows Installer CVE-2025-27727 Windows Installer Elevation of Privilege Vulnerability Important
Windows Kerberos CVE-2025-26647 Windows Kerberos Elevation of Privilege Vulnerability Important
Windows Kerberos CVE-2025-27479 Kerberos Key Distribution Proxy Service Denial of Service Vulnerability Important
Windows Kerberos CVE-2025-29809 Windows Kerberos Security Feature Bypass Vulnerability Important
Windows Kernel CVE-2025-26648 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Kernel CVE-2025-27739 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Kernel Memory CVE-2025-29812 DirectX Graphics Kernel Elevation of Privilege Vulnerability Important
Windows Kernel-Mode Drivers CVE-2025-27728 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability Important
Windows LDAP - Lightweight Directory Access Protocol CVE-2025-26673 Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability Important
Windows LDAP - Lightweight Directory Access Protocol CVE-2025-26663 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability Critical
Windows LDAP - Lightweight Directory Access Protocol CVE-2025-27469 Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability Important
Windows LDAP - Lightweight Directory Access Protocol CVE-2025-26670 Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability Critical
Windows Local Security Authority (LSA) CVE-2025-21191 Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability Important
Windows Local Security Authority (LSA) CVE-2025-27478 Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability Important
Windows Local Session Manager (LSM) CVE-2025-26651 Windows Local Session Manager (LSM) Denial of Service Vulnerability Important
Windows Mark of the Web (MOTW) CVE-2025-27472 Windows Mark of the Web Security Feature Bypass Vulnerability Important
Windows Media CVE-2025-26666 Windows Media Remote Code Execution Vulnerability Important
Windows Media CVE-2025-26674 Windows Media Remote Code Execution Vulnerability Important
Windows Mobile Broadband CVE-2025-29811 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability Important
Windows NTFS CVE-2025-27742 NTFS Information Disclosure Vulnerability Important
Windows NTFS CVE-2025-21197 Windows NTFS Information Disclosure Vulnerability Important
Windows NTFS CVE-2025-27741 NTFS Elevation of Privilege Vulnerability Important
Windows NTFS CVE-2025-27483 NTFS Elevation of Privilege Vulnerability Important
Windows NTFS CVE-2025-27733 NTFS Elevation of Privilege Vulnerability Important
Windows Power Dependency Coordinator CVE-2025-27736 Windows Power Dependency Coordinator Information Disclosure Vulnerability Important
Windows Remote Desktop Services CVE-2025-26671 Windows Remote Desktop Services Remote Code Execution Vulnerability Important
Windows Resilient File System (ReFS) CVE-2025-27738 Windows Resilient File System (ReFS) Information Disclosure Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2025-27474 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2025-21203 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2025-26668 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2025-26667 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2025-26664 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2025-26672 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2025-26669 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability Important
Windows Routing and Remote Access Service (RRAS) CVE-2025-26676 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability Important
Windows Secure Channel CVE-2025-27492 Windows Secure Channel Elevation of Privilege Vulnerability Important
Windows Secure Channel CVE-2025-26649 Windows Secure Channel Elevation of Privilege Vulnerability Important
Windows Security Zone Mapping CVE-2025-27737 Windows Security Zone Mapping Security Feature Bypass Vulnerability Important
Windows Shell CVE-2025-27729 Windows Shell Remote Code Execution Vulnerability Important
Windows Standards-Based Storage Management Service CVE-2025-27485 Windows Standards-Based Storage Management Service Denial of Service Vulnerability Important
Windows Standards-Based Storage Management Service CVE-2025-27486 Windows Standards-Based Storage Management Service Denial of Service Vulnerability Important
Windows Standards-Based Storage Management Service CVE-2025-21174 Windows Standards-Based Storage Management Service Denial of Service Vulnerability Important
Windows Standards-Based Storage Management Service CVE-2025-26680 Windows Standards-Based Storage Management Service Denial of Service Vulnerability Important
Windows Standards-Based Storage Management Service CVE-2025-27470 Windows Standards-Based Storage Management Service Denial of Service Vulnerability Important
Windows Standards-Based Storage Management Service CVE-2025-26652 Windows Standards-Based Storage Management Service Denial of Service Vulnerability Important
Windows Subsystem for Linux CVE-2025-26675 Windows Subsystem for Linux Elevation of Privilege Vulnerability Important
Windows TCP/IP CVE-2025-26686 Windows TCP/IP Remote Code Execution Vulnerability Critical
Windows Telephony Service CVE-2025-27481 Windows Telephony Service Remote Code Execution Vulnerability Important
Windows Telephony Service CVE-2025-21222 Windows Telephony Service Remote Code Execution Vulnerability Important
Windows Telephony Service CVE-2025-21205 Windows Telephony Service Remote Code Execution Vulnerability Important
Windows Telephony Service CVE-2025-21221 Windows Telephony Service Remote Code Execution Vulnerability Important
Windows Telephony Service CVE-2025-27477 Windows Telephony Service Remote Code Execution Vulnerability Important
Windows Universal Plug and Play (UPnP) Device Host CVE-2025-27484 Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability Important
Windows Update Stack CVE-2025-21204 Windows Process Activation Elevation of Privilege Vulnerability Important
Windows Update Stack CVE-2025-27475 Windows Update Stack Elevation of Privilege Vulnerability Important
Windows upnphost.dll CVE-2025-26665 Windows upnphost.dll Elevation of Privilege Vulnerability Important
Windows USB Print Driver CVE-2025-26639 Windows USB Print Driver Elevation of Privilege Vulnerability Important
Windows Virtualization-Based Security (VBS) Enclave CVE-2025-27735 Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability Important
Windows Win32K - GRFX CVE-2025-27732 Windows Graphics Component Elevation of Privilege Vulnerability Important
Windows Win32K - GRFX CVE-2025-26687 Win32k Elevation of Privilege Vulnerability Important
Windows Win32K - GRFX CVE-2025-26681 Win32k Elevation of Privilege Vulnerability Important

Top 10 MITRE ATT&CK© Techniques Behind 93% of Attacks

Based on an analysis of 14M malicious actions, discover the top 10 MITRE ATT&CK techniques behind 93% of attacks and how to defend against them.

Free online web security scanner

Top News: