Microsoft has launched its April 2025 Patch Tuesday replace, which fixes 134 malicious bugs throughout its techniques—together with one zero-day exploit. Home windows and Microsoft customers ought to guarantee their units are updated with the most recent patches.
Patch Tuesday updates for April 2025
One of many vulnerabilities fastened this month was a zero-day, which is a flaw that’s exploited or publicly disclosed earlier than an official patch is launched by builders.
The lively exploit—labeled CVE-2025-29824—is an elevation of privilege vulnerability within the Home windows Widespread Log File System (CLFS) Driver. The flaw, which was recognized by the Microsoft Menace Intelligence Middle, allowed attackers to achieve SYSTEM privileges regionally. In line with reporting from Bleeping Pc, this zero-day was exploited by the RansomEXX ransomware gang.
Microsoft has launched a patch for Home windows Server and Home windows 11 and expects to inform customers when safety updates for Home windows 10 for x64-based Programs and Home windows 10 for 32-bit Programs.
April’s replace fixes 49 elevation of privilege flaws, 9 safety function bypass flaws, 31 distant code execution flaws, 17 data disclosure flaws, 14 denial of service flaws, and three spoofing flaws.
What do you suppose up to now?
Eleven of the distant code execution vulnerabilities have been categorized as “vital” and have been discovered throughout Microsoft Workplace, Microsoft Workplace Excel, Distant Desktop Gateway Service, Home windows Hyper-V, Home windows LDAP, and Home windows TCP/IP. Microsoft additionally launched patches to vulnerabilities in Mariner and 13 Microsoft Edge bugs this month.
What Microsoft customers must do
Safety updates for Home windows and Microsoft are often downloaded and put in mechanically, however you may examine your PC’s standing by going to Begin > Settings > Home windows Replace and choosing Examine for Home windows updates. Patch Tuesday fixes are launched on the second Tuesday of each month at 10 a.m. PT, so now is an efficient time to make sure your system is updated.
