CVE-2025-24985

Microsoft patches Windows Kernel zero-day exploited since 2023 By Sergiu Gatlan March 12, 2025 10:30 AM 0 Slovak cybersecurity company ESET says a newly patched zero-day vulnerability in the Windows Win32 Kernel Subsystem has been exploited in attacks since March 2023. Fixed in Windows security updates released during this month's Patch Tuesday, the security flaw is now tracked as CVE-2025-24983 and was reported to Microsoft by ESET researcher Filip Jurčacko. The vulnerability is caused by a us...

Microsoft March 2025 Patch Tuesday fixes 7 zero-days, 57 flaws By Lawrence Abrams March 11, 2025 01:45 PM 2 .crit { font-weight:bold; color:red; } .article_section td { font-size: 14px!important; } Today is Microsoft's March 2025 Patch Tuesday, which includes security updates for 57 flaws, including six actively exploited zero-day vulnerabilities. This Patch Tuesday also fixes six "Critical" vulnerabilities, all remote code execution vulnerabilities. The number of bugs in each vulnerability...

Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Microsoft tackles 50-plus security blunders, Adobe splats 3D bugs, and Apple deals with a doozy

Patch Tuesday Microsoft’s Patch Tuesday bundle has appeared, with a dirty dozen flaws competing for your urgent attention – six of them rated critical and another six already being exploited by criminals. Let’s start with the six already exploited vulnerabilities, three of which impact Windows NTFS. The first is CVE-2025-24993 - a heap-based buffer overflow in NTFS used by Windows Server 2008 and later systems, as well as Windows 10 and 11. The flaw makes remote code execution (RCE) a poss...