On-demand webinar: Building a secure and employee-centric digital workplace

WATCH NOW

Microsoft Patch Tuesday March 2025 - Summary

152

Patches

57

Vulnerabilities

23

Articles

6

Impacts

CVE Index for March 2025 Patch Tuesday Updates

Vulnerable Component Impact CVE ID
Remote Desktop Client Remote Code Execution CVE-2025-26645
Windows Subsystem for Linux (WSL2) Kernel Remote Code Execution CVE-2025-24084
Windows Domain Name Service Remote Code Execution CVE-2025-24064
Microsoft Office Remote Code Execution CVE-2025-24057
Windows Remote Desktop Services Remote Code Execution CVE-2025-24045
Windows Remote Desktop Services Remote Code Execution CVE-2025-24035
Windows Remote Desktop Services Remote Code Execution CVE-2024-49116
Vulnerable Component Impact CVE ID
Windows NTFS Remote Code Execution CVE-2025-24993
Windows NTFS Information Disclosure CVE-2025-24991
Windows Fast FAT File System Driver Remote Code Execution CVE-2025-24985
Windows NTFS Information Disclosure CVE-2025-24984
Windows Win32 Kernel Subsystem Elevation of Privilege CVE-2025-24983
Microsoft Management Console Security Feature Bypass CVE-2025-26633
Microsoft Access Remote Code Execution CVE-2025-26630
CVE ID Severity Impact
CVE-2025-24997 Important Denial of Service
CVE-2025-24996 Important Spoofing
CVE-2025-24994 Important Elevation of Privilege
CVE-2025-24992 Important Information Disclosure
CVE-2025-24988 Important Elevation of Privilege
CVE-2025-24987 Important Elevation of Privilege
CVE-2025-24076 Important Elevation of Privilege
CVE-2025-24072 Important Elevation of Privilege
CVE-2025-24071 Important Spoofing
CVE-2025-24067 Important Elevation of Privilege
CVE-2025-24066 Important Elevation of Privilege
CVE-2025-24061 Important Security Feature Bypass
CVE-2025-24059 Important Elevation of Privilege
CVE-2025-24056 Important Remote Code Execution
CVE-2025-24055 Important Information Disclosure
CVE-2025-24054 Important Spoofing
CVE-2025-24051 Important Remote Code Execution
CVE-2025-24050 Important Elevation of Privilege
CVE-2025-24048 Important Elevation of Privilege
CVE-2025-24046 Important Elevation of Privilege
CVE-2025-24044 Important Elevation of Privilege
CVE-2025-24036 Important Elevation of Privilege
CVE-2025-21247 Important Security Feature Bypass
CVE-2025-21180 Important Remote Code Execution
CVE-2024-9157 Important Elevation of Privilege
CVE-2025-25008 Important Elevation of Privilege
CVE-2024-30098 Important Security Feature Bypass
CVE-2022-30170 Important Elevation of Privilege
CVE ID Severity Impact
CVE-2025-24083 Important Remote Code Execution
CVE-2025-24082 Important Remote Code Execution
CVE-2025-24081 Important Remote Code Execution
CVE-2025-24080 Important Remote Code Execution
CVE-2025-24079 Important Remote Code Execution
CVE-2025-24078 Important Remote Code Execution
CVE-2025-24077 Important Remote Code Execution
CVE-2025-24075 Important Remote Code Execution
CVE-2025-26629 Important Remote Code Execution
CVE ID Severity Impact
CVE-2025-25003 Important Elevation of Privilege
CVE-2025-24998 Important Elevation of Privilege
CVE-2025-24070 Important Elevation of Privilege
CVE-2025-26631 Important Elevation of Privilege
CVE-2025-24043 Important Remote Code Execution
CVE ID Severity Impact
CVE-2025-24986 Important Remote Code Execution
CVE-2025-24049 Important Elevation of Privilege
CVE-2025-26627 Important Elevation of Privilege
CVE-2025-21199 Important Elevation of Privilege
Vulnerable Component CVE ID Severity Impact
Kernel Streaming WOW Thunk Service Driver CVE-2025-24995 Important Elevation of Privilege

Previous Patch Tuesday Updates and Fixes

Microsoft Windows Patch Tuesday - Overview

What is Patch Tuesday?

Patch Tuesday or Update Tuesday is the common name for the second Tuesday of every month when Microsoft releases security updates for its operating system and other software. Coinciding with the Patch Tuesday, several other vendors such as Oracle, Mozilla, Adobe, and many others roll out updates for the third-party applications.

When is Patch Tuesday?

Patch Tuesday falls on the second Tuesday of each month. The upcoming Patch Tuesday is on March 11 , 2025.

What is patching and why is it important?

Patches are nothing but pieces of software code that are written to fix a bug in a software application, that might lead to a vulnerability. Such vulnerabilities in any application are loop holes for attackers to get their hands on business critical data and information. So it is highly crucial to keep all the applications in a network updated to its latest versions. Updating applications in mobile phones and laptops also work in the same manner by preventing theft of personal data, through security flaws.

What kind of patch updates are released during Patch Tuesday?

Predominantly security patch updates of varying severity like Critical, Important, Moderate & Low are labeled and released. It is always a best practice to prioritize your patching based on the severity level mentioned.

What are CVE IDs?

CVE ID - Common Vulnerabilities and Exposure ID is a format in which each vulnerability is disclosed and cataloged in the National Vulnerability Database (NVD). You can look up for a detailed explanation of each vulnerability in the NVD with the help of CVE ID. In Patch Manager Plus you can make use of these CVE IDs to fetch the appropriate patches to deploy. You can find the CVE IDs here.

How to register for ManageEngine's Free Patch Tuesday webinar?

The upcoming Free Patch Tuesday webinar by ManageEngine is scheduled on March 13, 2025. You can make your registrations here.

Where can I find more details about individual bulletins?

Each CVE ID listed in the CVE Index section has been linked to its security advisory.

 

Back to Top