Microsoft has launched its newest month-to-month Patch Tuesday replace, this time providing fixes for 72 safety vulnerabilities throughout its methods. 5 of the malicious bugs addressed are zero-days which have been actively exploited, and two have been publicly disclosed.
As Bleeping Laptop studies, the Could replace addresses 17 elevation of privilege flaws, two safety characteristic bypass flaws, 28 distant code execution flaws, 15 data disclosure flaws, seven denial of service flaws, and two spoofing flaws. Along with the zero-day exploits, six of the distant code execution vulnerabilities are labeled “crucial” together with one data disclosure flaw.
When you’re a Home windows or Microsoft person, it is best to guarantee your methods are updated.
Patch Tuesday updates for Could 2025
Whereas all of Microsoft’s safety updates are essential to keep up the integrity of your gadgets and information, this Patch Tuesday is especially heavy on zero-days—flaws which are actively exploited or publicly disclosed earlier than the developer points an official repair.
4 of the 5 actively exploited zero-days fastened with this replace are elevation of privilege flaws. CVE-2025-32701 and CVE-2025-32706 each have an effect on Home windows Widespread Log File System Driver, whereas CVE-2025-30400 impacts Microsoft DWM Core Library, and CVE-2025-32709 Home windows Ancillary Perform Driver for WinSock. All enable attackers SYSTEM privileges domestically.
The fifth lively exploit is a distant code execution vulnerability (labeled CVE-2025-30397) in Microsoft Scripting Engine. The flaw might be exploited if an authenticated person clicks a fraudulent hyperlink in Microsoft Edge or Web Explorer, permitting attackers to execute code over a community.
What do you suppose up to now?
CVE-2025-30397, CVE-2025-32701, and CVE-2025-30400 have been found by the Microsoft Risk Intelligence Heart. CVE-2025-32706 was disclosed by the Google Risk Intelligence Group and the CrowdStrike Superior Analysis Workforce, whereas CVE-2025-32709 got here from an “nameless” researcher. Microsoft has not disclosed how these flaws have been exploited.
One of many publicly disclosed zero-days patched this month is a spoofing flaw in Microsoft Defender (CVE-2025-26685) that permits unauthenticated attackers with LAN entry to spoof one other account. This was found by Joshua Murrell with NetSPI. The ultimate zero-day (CVE-2025-32702) is a distant code execution vulnerability in Visible Studio—Microsoft has not revealed any extra particulars.
How you can shield your PC
It’s best to at all times set up safety updates as quickly as they develop into accessible to reduce the danger to your system. Home windows and Microsoft patches are normally downloaded and put in mechanically, however you may make certain your PC is sweet to go by way of Begin > Settings > Home windows Replace and deciding on Test for Home windows updates.
