Microsoft on Tuesday launched 57 patches affecting 10 product households. Six of the addressed points are thought of by Microsoft to be of Critical severity, and 9 have a CVSS base rating of 8.0 or greater. Six, all affecting Windows, are beneath lively exploit within the wild. One difficulty has been publicly disclosed however not but publicly exploited.
At patch time, 11 extra CVEs usually tend to be exploited within the subsequent 30 days by the corporate’s estimation. Four of this month’s points are amenable to direct detection by Sophos merchandise, and we embrace data on these within the normal desk under.
In addition to those patches, the discharge consists of advisory data on Servicing Stack Updates, in addition to on the month’s 12 Edge patches, which have been launched a number of days earlier. Nine Adobe Reader points are additionally lined.
We are as at all times together with on the finish of this put up extra appendices itemizing all Microsoft’s patches sorted by severity, by predicted exploitability timeline and CVSS Base rating, and by product household; an appendix overlaying the advisory-style updates; and a breakout of the patches affecting the varied Windows Server platforms nonetheless in help.
By the numbers
- Total CVEs: 57
- Publicly disclosed: 1
- Exploit detected: 6
- Severity
- Critical: 6
- Important: 51
- Impact
- Remote code execution: 23
- Elevation of privilege: 23
- Information disclosure: 4
- Security characteristic bypass: 3
- Spoofing: 3
- Denial of service: 1
- CVSS base rating 9.0 or better: 0
- CVSS base rating 8.0 or better: 9
Figure 1: Remote code execution points and elevation of privilege bugs are equally prevalent this month, however all of the critical-severity issues are RCE
- Windows: 37
- 365: 11
- Office: 11
- Azure: 4
- Visual Studio: 4
- Excel: 3
- Word: 2
- .NET: 1
- ASP.NET: 1
- Access: 1
As is our customized for this listing, CVEs that apply to a couple of product household are counted as soon as for every household they have an effect on.
Figure 2: Windows as ever accounts for the lion’s share of patches, together with a less-common client-only difficulty (CVE-2025-24994). Note that the 365 and Office tallies are for a similar 11 CVEs
Notable March updates
In addition to the problems mentioned above, quite a lot of particular objects benefit consideration.
CVE-2025-24057 — Microsoft Office Remote Code Execution Vulnerability
A heap-based buffer overflow difficulty affecting each 365 and Office may permit an unauthorized occasion to execute code regionally – and it really works in Preview Pane.
CVE-2025-26645 — Remote Desktop Client Remote Code Execution Vulnerability
Rating each a CVSS Base rating of 8.8 and a Microsoft designation of Critical severity, this can be a relative path traversal difficulty in RDC. All supported variations of the consumer and server in addition to in Remote Desktop Client for Windows are susceptible. An attacker controlling a Remote Desktop server may use this to set off RCE on a susceptible consumer when it connects.
CVE-2025-21180 – Windows exFAT File System Remote Code Execution Vulnerability
CVE-2025-24985 — Windows Fast FAT File System Driver Remote Code Execution Vulnerability
CVE-2025-24984 — Windows NTFS Information Disclosure Vulnerability
CVE-2025-24991 – Windows NTFS Information Disclosure Vulnerability
CVE-2025-24992 — Windows NTFS Information Disclosure Vulnerability
CVE-2025-24993 — Windows NTFS Remote Code Execution Vulnerability
A troublesome month for file programs. Fast FAT is carefully associated to the traditional FAT (File Allocation Table) system and primarily sees obligation nowadays for reminiscence gadgets, together with USB keys, SD playing cards, and floppies (!). exFAT, the “more modern” model of FAT, was launched virtually twenty years in the past and freed customers from the previous 4GB file-size restrict; the “ex” means “extended.” For each of these bugs, the attacker must trick a person on a susceptible system into mounting a specifically crafted and malicious VHD. Of the 4 NTFS points, CVE-2025-24984 requires bodily entry to the goal machine (to plug in a USB). The different three look like just like the VHD points described above. Three of the NTFS points and the Fast FAT difficulty are already beneath exploit within the wild; the opposite two usually tend to be so throughout the subsequent 30 days.
CVE-2024-9157 — Synaptics: CVE-2024-9157 Synaptics Service Binaries DLL Loading Vulnerability
Not a lot is certainly recognized but about this Synaptics-issued CVE, however what we do know signifies it’s doubtlessly disagreeable: The elevation-of-privilege downside exists in Synaptics’ Audio Effects audio-enhancement element, it’s a DLL-loading bug, and Microsoft considers it to be amongst these extra more likely to be exploited within the subsequent month. The excellent news is that the newest builds of Window are, Microsoft assures the world, not susceptible.
Figure 3: With the primary quarter of 2025 accounted for, RCE points have simply crossed the 100-CVE mark
Sophos direct protections
| CVE | Sophos Intercept X/Endpoint IPS | Sophos XGS Firewall |
| CVE-2025-21247 | sid:2310687 | sid:2310687 |
| CVE-2025-24066 | Exp/2524066-A | Exp/2524066-A |
| CVE-2025-24067 | Exp/2524067-A | Exp/2524067-A |
| CVE-2025-24983 | Exp/2524983-A | Exp/2524983-A |
As you possibly can each month, in case you don’t need to wait in your system to drag down Microsoft’s updates itself, you possibly can obtain them manually from the Windows Update Catalog web site. Run the winver.exe software to find out which construct of Windows 10 or 11 you’re operating, then obtain the Cumulative Update package deal in your particular system’s structure and construct quantity.
Appendix A: Vulnerability Impact and Severity
This is an inventory of March patches sorted by impression, then sub-sorted by severity. Each listing is additional organized by CVE.
Remote Code Execution (23 CVEs)
| Critical severity | |
| CVE-2025-24035 | Windows Remote Desktop Services Remote Code Execution Vulnerability |
| CVE-2025-24045 | Windows Remote Desktop Services Remote Code Execution Vulnerability |
| CVE-2025-24057 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2025-24064 | Windows Domain Name Service Remote Code Execution Vulnerability |
| CVE-2025-24084 | Windows Subsystem for Linux (WSL2) Kernel Remote Code Execution Vulnerability |
| CVE-2025-26645 | Remote Desktop Client Remote Code Execution Vulnerability |
| Important severity | |
| CVE-2025-21180 | Windows exFAT File System Remote Code Execution Vulnerability |
| CVE-2025-24043 | WinDbg Remote Code Execution Vulnerability |
| CVE-2025-24051 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| CVE-2025-24056 | Windows Telephony Service Remote Code Execution Vulnerability |
| CVE-2025-24075 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-24077 | Microsoft Word Remote Code Execution Vulnerability |
| CVE-2025-24078 | Microsoft Word Remote Code Execution Vulnerability |
| CVE-2025-24079 | Microsoft Word Remote Code Execution Vulnerability |
| CVE-2025-24080 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2025-24081 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-24082 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-24083 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2025-24985 | Windows Fast FAT File System Driver Remote Code Execution Vulnerability |
| CVE-2025-24986 | Azure Promptflow Remote Code Execution Vulnerability |
| CVE-2025-24993 | Windows NTFS Remote Code Execution Vulnerability |
| CVE-2025-26629 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2025-26630 | Microsoft Access Remote Code Execution Vulnerability |
Elevation of Privilege (23 CVEs)
| Important severity | |
| CVE-2024-9157 | Synaptics: CVE-2024-9157 Synaptics Service Binaries DLL Loading Vulnerability |
| CVE-2025-21199 | Azure Agent Installer for Backup and Site Recovery Elevation of Privilege Vulnerability |
| CVE-2025-24044 | Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability |
| CVE-2025-24046 | Kernel Streaming Service Driver Elevation of Privilege Vulnerability |
| CVE-2025-24048 | Windows Hyper-V Elevation of Privilege Vulnerability |
| CVE-2025-24049 | Azure Command Line Integration (CLI) Elevation of Privilege Vulnerability |
| CVE-2025-24050 | Windows Hyper-V Elevation of Privilege Vulnerability |
| CVE-2025-24059 | Windows Common Log File System Driver Elevation of Privilege Vulnerability |
| CVE-2025-24066 | Kernel Streaming Service Driver Elevation of Privilege Vulnerability |
| CVE-2025-24067 | Kernel Streaming Service Driver Elevation of Privilege Vulnerability |
| CVE-2025-24070 | ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability |
| CVE-2025-24072 | Microsoft Local Security Authority (LSA) Server Elevation of Privilege Vulnerability |
| CVE-2025-24076 | Microsoft Windows Cross Device Service Elevation of Privilege Vulnerability |
| CVE-2025-24983 | Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability |
| CVE-2025-24987 | Windows USB Video Class System Driver Elevation of Privilege Vulnerability |
| CVE-2025-24988 | Windows USB Video Class System Driver Elevation of Privilege Vulnerability |
| CVE-2025-24994 | Microsoft Windows Cross Device Service Elevation of Privilege Vulnerability |
| CVE-2025-24995 | Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability |
| CVE-2025-24998 | Visual Studio Installer Elevation of Privilege Vulnerability |
| CVE-2025-25003 | Visual Studio Elevation of Privilege Vulnerability |
| CVE-2025-25008 | Windows Server Elevation of Privilege Vulnerability |
| CVE-2025-26627 | Azure Arc Installer Elevation of Privilege Vulnerability |
| CVE-2025-26631 | Visual Studio Code Elevation of Privilege Vulnerability |
Information Disclosure (4 CVEs)
| Important severity | |
| CVE-2025-24055 | Windows USB Video Class System Driver Information Disclosure Vulnerability |
| CVE-2025-24984 | Windows NTFS Information Disclosure Vulnerability |
| CVE-2025-24991 | Windows NTFS Information Disclosure Vulnerability |
| CVE-2025-24992 | Windows NTFS Information Disclosure Vulnerability |
Security Feature Bypass (3 CVEs)
| Important severity | |
| CVE-2025-21247 | MapUrlToZone Security Feature Bypass Vulnerability |
| CVE-2025-24061 | Windows Mark of the Web Security Feature Bypass Vulnerability |
| CVE-2025-26633 | Microsoft Management Console Security Feature Bypass Vulnerability |
Spoofing (3 CVEs)
| Important severity | |
| CVE-2025-24054 | NTLM Hash Disclosure Spoofing Vulnerability |
| CVE-2025-24071 | Microsoft Windows File Explorer Spoofing Vulnerability |
| CVE-2025-24996 | NTLM Hash Disclosure Spoofing Vulnerability |
Denial of Service (1 CVE)
| Important severity | |
| CVE-2025-24997 | DirectX Graphics Kernel File Denial of Service Vulnerability |
Appendix B: Exploitability and CVSS
This is an inventory of the March CVEs judged by Microsoft to be both beneath exploitation within the wild or extra more likely to be exploited within the wild throughout the first 30 days post-release. The listing is additional organized by CVE.
| Exploitation detected | |
| CVE-2025-24983 | Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability |
| CVE-2025-24984 | Windows NTFS Information Disclosure Vulnerability |
| CVE-2025-24985 | Windows Fast FAT File System Driver Remote Code Execution Vulnerability |
| CVE-2025-24991 | Windows NTFS Information Disclosure Vulnerability |
| CVE-2025-24993 | Windows NTFS Remote Code Execution Vulnerability |
| CVE-2025-26633 | Microsoft Management Console Security Feature Bypass Vulnerability |
| Exploitation extra probably throughout the subsequent 30 days | |
| CVE-2024-9157 | Synaptics: CVE-2024-9157 Synaptics Service Binaries DLL Loading Vulnerability |
| CVE-2025-21180 | Windows exFAT File System Remote Code Execution Vulnerability |
| CVE-2025-21247 | MapUrlToZone Security Feature Bypass Vulnerability |
| CVE-2025-24035 | Windows Remote Desktop Services Remote Code Execution Vulnerability |
| CVE-2025-24044 | Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability |
| CVE-2025-24045 | Windows Remote Desktop Services Remote Code Execution Vulnerability |
| CVE-2025-24061 | Windows Mark of the Web Security Feature Bypass Vulnerability |
| CVE-2025-24066 | Kernel Streaming Service Driver Elevation of Privilege Vulnerability |
| CVE-2025-24067 | Kernel Streaming Service Driver Elevation of Privilege Vulnerability |
| CVE-2025-24992 | Windows NTFS Information Disclosure Vulnerability |
| CVE-2025-24995 | Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability |
This is an inventory of March CVEs with a Microsoft-assessed CVSS Base rating of 8.0 or greater. They are organized by rating and additional sorted by CVE. For extra data on how CVSS works, please see our collection on patch prioritization schema.
| CVSS Base | CVSS Temporal | CVE | Title |
| 8.8 | 7.7 | CVE-2025-24051 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| 8.8 | 7.7 | CVE-2025-24056 | Windows Telephony Service Remote Code Execution Vulnerability |
| 8.8 | 7.7 | CVE-2025-26645 | Remote Desktop Client Remote Code Execution Vulnerability |
| 8.4 | 7.3 | CVE-2025-24049 | Azure Command Line Integration (CLI) Elevation of Privilege Vulnerability |
| 8.4 | 7.3 | CVE-2025-24066 | Kernel Streaming Service Driver Elevation of Privilege Vulnerability |
| 8.4 | 7.3 | CVE-2025-24084 | Windows Subsystem for Linux (WSL2) Kernel Remote Code Execution Vulnerability |
| 8.1 | 7.1 | CVE-2025-24035 | Windows Remote Desktop Services Remote Code Execution Vulnerability |
| 8.1 | 7.1 | CVE-2025-24045 | Windows Remote Desktop Services Remote Code Execution Vulnerability |
| 8.1 | 7.1 | CVE-2025-24064 | Windows Domain Name Service Remote Code Execution Vulnerability |
Appendix C: Products Affected
This is an inventory of March’s patches sorted by product household, then sub-sorted by severity. Each listing is additional organized by CVE. Patches which can be shared amongst a number of product households are listed a number of occasions, as soon as for every product household. Issues affecting Windows Server are additional sorted in Appendix E.
Windows (37 CVEs)
| Critical severity | |
| CVE-2025-24035 | Windows Remote Desktop Services Remote Code Execution Vulnerability |
| CVE-2025-24045 | Windows Remote Desktop Services Remote Code Execution Vulnerability |
| CVE-2025-24064 | Windows Domain Name Service Remote Code Execution Vulnerability |
| CVE-2025-24084 | Windows Subsystem for Linux (WSL2) Kernel Remote Code Execution Vulnerability |
| CVE-2025-26645 | Remote Desktop Client Remote Code Execution Vulnerability |
| Important severity | |
| CVE-2024-9157 | Synaptics: CVE-2024-9157 Synaptics Service Binaries DLL Loading Vulnerability |
| CVE-2025-21180 | Windows exFAT File System Remote Code Execution Vulnerability |
| CVE-2025-21247 | MapUrlToZone Security Feature Bypass Vulnerability |
| CVE-2025-24044 | Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability |
| CVE-2025-24046 | Kernel Streaming Service Driver Elevation of Privilege Vulnerability |
| CVE-2025-24048 | Windows Hyper-V Elevation of Privilege Vulnerability |
| CVE-2025-24050 | Windows Hyper-V Elevation of Privilege Vulnerability |
| CVE-2025-24051 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| CVE-2025-24054 | NTLM Hash Disclosure Spoofing Vulnerability |
| CVE-2025-24055 | Windows USB Video Class System Driver Information Disclosure Vulnerability |
| CVE-2025-24056 | Windows Telephony Service Remote Code Execution Vulnerability |
| CVE-2025-24059 | Windows Common Log File System Driver Elevation of Privilege Vulnerability |
| CVE-2025-24061 | Windows Mark of the Web Security Feature Bypass Vulnerability |
| CVE-2025-24066 | Kernel Streaming Service Driver Elevation of Privilege Vulnerability |
| CVE-2025-24067 | Kernel Streaming Service Driver Elevation of Privilege Vulnerability |
| CVE-2025-24071 | Microsoft Windows File Explorer Spoofing Vulnerability |
| CVE-2025-24072 | Microsoft Local Security Authority (LSA) Server Elevation of Privilege Vulnerability |
| CVE-2025-24076 | Microsoft Windows Cross Device Service Elevation of Privilege Vulnerability |
| CVE-2025-24983 | Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability |
| CVE-2025-24984 | Windows NTFS Information Disclosure Vulnerability |
| CVE-2025-24985 | Windows Fast FAT File System Driver Remote Code Execution Vulnerability |
| CVE-2025-24987 | Windows USB Video Class System Driver Elevation of Privilege Vulnerability |
| CVE-2025-24988 | Windows USB Video Class System Driver Elevation of Privilege Vulnerability |
| CVE-2025-24991 | Windows NTFS Information Disclosure Vulnerability |
| CVE-2025-24992 | Windows NTFS Information Disclosure Vulnerability |
| CVE-2025-24993 | Windows NTFS Remote Code Execution Vulnerability |
| CVE-2025-24994 | Microsoft Windows Cross Device Service Elevation of Privilege Vulnerability |
| CVE-2025-24995 | Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability |
| CVE-2025-24996 | NTLM Hash Disclosure Spoofing Vulnerability |
| CVE-2025-24997 | DirectX Graphics Kernel File Denial of Service Vulnerability |
| CVE-2025-25008 | Windows Server Elevation of Privilege Vulnerability |
| CVE-2025-26633 | Microsoft Management Console Security Feature Bypass Vulnerability |
365 (11 CVEs)
| Critical severity | |
| CVE-2025-24057 | Microsoft Office Remote Code Execution Vulnerability |
| Important severity | |
| CVE-2025-24075 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-24077 | Microsoft Word Remote Code Execution Vulnerability |
| CVE-2025-24078 | Microsoft Word Remote Code Execution Vulnerability |
| CVE-2025-24079 | Microsoft Word Remote Code Execution Vulnerability |
| CVE-2025-24080 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2025-24081 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-24082 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-24083 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2025-26629 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2025-26630 | Microsoft Access Remote Code Execution Vulnerability |
Office (11 CVEs)
| Critical severity | |
| CVE-2025-24057 | Microsoft Office Remote Code Execution Vulnerability |
| Important severity | |
| CVE-2025-24075 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-24077 | Microsoft Word Remote Code Execution Vulnerability |
| CVE-2025-24078 | Microsoft Word Remote Code Execution Vulnerability |
| CVE-2025-24079 | Microsoft Word Remote Code Execution Vulnerability |
| CVE-2025-24080 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2025-24081 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-24082 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-24083 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2025-26629 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2025-26630 | Microsoft Access Remote Code Execution Vulnerability |
Azure (4 CVEs)
| Important severity | |
| CVE-2025-21199 | Azure Agent Installer for Backup and Site Recovery Elevation of Privilege Vulnerability |
| CVE-2025-24049 | Azure Command Line Integration (CLI) Elevation of Privilege Vulnerability |
| CVE-2025-24986 | Azure Promptflow Remote Code Execution Vulnerability |
| CVE-2025-26627 | Azure Arc Installer Elevation of Privilege Vulnerability |
Visual Studio (4 CVEs)
| Important severity | |
| CVE-2025-24070 | ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability |
| CVE-2025-24998 | Visual Studio Installer Elevation of Privilege Vulnerability |
| CVE-2025-25003 | Visual Studio Elevation of Privilege Vulnerability |
| CVE-2025-26631 | Visual Studio Code Elevation of Privilege Vulnerability |
Excel (3 CVEs)
| Important severity | |
| CVE-2025-24075 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-24081 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-24082 | Microsoft Excel Remote Code Execution Vulnerability |
Word (2 CVEs)
| Important severity | |
| CVE-2025-24078 | Microsoft Word Remote Code Execution Vulnerability |
| CVE-2025-24079 | Microsoft Word Remote Code Execution Vulnerability |
ASP.NET (1 CVE)
| Important severity | |
| CVE-2025-24070 | ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability |
.NET (1 CVE)
| Important severity | |
| CVE-2025-24043 | WinDbg Remote Code Execution Vulnerability |
Access (1 CVE)
| Important severity | |
| CVE-2025-26630 | Microsoft Access Remote Code Execution Vulnerability |
Appendix D: Advisories and Other Products
This is an inventory of advisories and data on different related CVEs within the March Microsoft launch. The points addressed in these CVEs have already been mitigated by Chrome, however have been listed within the launch within the pursuits of transparency. Note that CVE-2025-21353 applies specifically to Android.
Microsoft data:
| CVE / identifier | Product | Title |
| ADV990001 | Latest Servicing Stack Updates | |
| CVE-2025-1914 | Edge | Chromium: CVE-2025-1914 Out of bounds learn in V8 |
| CVE-2025-1915 | Edge | Chromium: CVE-2025-1915 Improper Limitation of a Pathname to a Restricted Directory in DevTools |
| CVE-2025-1916 | Edge | Chromium: CVE-2025-1916 Use after free in Profiles |
| CVE-2025-1917 | Edge | Chromium: CVE-2025-1917 Inappropriate Implementation in Browser UI |
| CVE-2025-1918 | Edge | Chromium: CVE-2025-1918 Out of bounds learn in PDFium |
| CVE-2025-1919 | Edge | Chromium: CVE-2025-1919 Out of bounds learn in Media |
| CVE-2025-1921 | Edge | Chromium: CVE-2025-1921 Inappropriate Implementation in Media Stream |
| CVE-2025-1922 | Edge | Chromium: CVE-2025-1922 Inappropriate Implementation in Selection |
| CVE-2025-1923 | Edge | Chromium: CVE-2025-1923 Inappropriate Implementation in Permission Prompts |
| CVE-2025-26643 | Edge | Microsoft Edge (Chromium-based) Spoofing Vulnerability |
| CVE-2025-25001 | Edge | Microsoft Edge for iOS Spoofing Vulnerability |
| CVE-2025-21353 | Edge | Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability |
There are 9 Adobe advisories on this month’s launch.
| CVE-2025-27158 | APSB25-14 | Access of Uninitialized Pointer (CWE-824) |
| CVE-2025-27159 | APSB25-14 | Use After Free (CWE-416) |
| CVE-2025-27160 | APSB25-14 | Use After Free (CWE-416) |
| CVE-2025-27161 | APSB25-14 | Out-of-bounds Read (CWE-125) |
| CVE-2025-27162 | APSB25-14 | Access of Uninitialized Pointer (CWE-824) |
| CVE-2025-27174 | APSB25-14 | Use After Free (CWE-416) |
| CVE-2025-24431 | APSB25-14 | Out-of-bounds Read (CWE-125) |
| CVE-2025-27163 | APSB25-14 | Out-of-bounds Read (CWE-125) |
| CVE-2025-27164 | APSB25-14 | Out-of-bounds Read (CWE-125) |
Appendix E: Affected Windows Server variations
This is a desk of CVEs within the March launch affecting 9 Windows Server variations, 2008 by means of 2025. The desk differentiates amongst main variations of the platform however doesn’t go into deeper element (eg., Server Core). Critical-severity points are marked in pink; an “x” signifies that the CVE doesn’t apply to that model. Administrators are inspired to make use of this appendix as a place to begin to establish their particular publicity, as every reader’s state of affairs, particularly because it issues merchandise out of mainstream help, will fluctuate. For particular Knowledge Base numbers, please seek the advice of Microsoft.
| 2008 | 2008-R2 | 2012 | 2012-R2 | 2016 | 2019 | 2022 | 2022 23H2 | 2025 | |
| CVE-2024-9157 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-21180 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-21247 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-24035 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-24044 | × | × | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-24045 | × | × | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-24046 | × | × | × | × | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-24048 | × | × | × | × | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-24050 | × | × | × | × | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-24051 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-24054 | × | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-24055 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-24056 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-24059 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-24061 | × | × | × | × | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-24064 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-24066 | × | × | × | × | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-24067 | × | × | × | × | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-24071 | × | × | × | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-24072 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-24076 | × | × | × | × | × | × | × | ■ | ■ |
| CVE-2025-24084 | × | × | × | × | × | × | ■ | ■ | ■ |
| CVE-2025-24983 | ■ | ■ | ■ | ■ | ■ | × | × | × | × |
| CVE-2025-24984 | × | × | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-24985 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-24987 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-24988 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-24991 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-24992 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-24993 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-24994 | × | × | × | × | × | × | × | × | × |
| CVE-2025-24995 | × | × | × | × | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-24996 | × | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-24997 | × | × | × | × | × | × | ■ | ■ | ■ |
| CVE-2025-25008 | × | × | × | × | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-26633 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-26645 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |