Patch Tuesday March 2025 - Eight Zero Days

***If you are receiving this email, it is because you subscribed to it. If you have not subscribed and want to unsubscribe, click here. Please do not mark as spam instead. We've had some problems lately with email blacklisting. We'd appreciate if you unsubscribe if you don't want mailings from us.***

Welcome to my March Patch Tuesday newsletter. Today Microsoft released updates for 57 threats and an additional 20 in the past month for a total of 77 vulnerabilities being patched. We have 8 that are zero days; exploited and/or public as of today:

Public:
- CVE-2025-26630
Exploited

Microsoft rates the one public vulnerability as "Exploitation Less Likely". Of the seven that are rated "Exploitation Detected", only CVE-2025-24989 is rated "Critical". This vulnerability affects Power Pages and could allow an unauthorized attacker to elevate privileges over a network potentially bypassing the user registration control.

In addition to these we have seven others that are rated critical. All of these are remote code execution vulnerabilities affecting various flavors of Windows and Office. I would say we have an above average month so please make sure you push out these updates and get your systems rebooted.

I'd also like to give some attention to two of my upcoming webinars. Later this month we have a webinar focusing on PAM and uncovering and addressing the blind spots with it. You can register for it here. Then on March 27th I have a webinar that I'm really looking forward to. My software company, LOGbinder, will be releasing a major update that introduces agentless event log collection for the modern Entra-joined Windows endpoint. I can tell you that this is one you won't want to miss. Register now!

Happy patching!

So, without further ado, here’s the chart of MS patches that affect Windows platforms in the past month.

Patch data provided by:
Technology	Products Affected	Severity	Reference	Workaround/ Exploited / Publicly Disclosed	Vulnerability Info
Windows	Windows 10, 11 Server 2008 SP2, 2008 R2 SP1, 2012, 2012 R2, 2016, 2019, 2022, 2025 including Server Core Installations Remote Desktop Client Windows App Client	Critical	CVE-2024-9157 CVE-2025-21180 CVE-2025-21247 CVE-2025-24035 CVE-2025-24044 CVE-2025-24045 CVE-2025-24046 CVE-2025-24048 CVE-2025-24050 CVE-2025-24051 CVE-2025-24054 CVE-2025-24055 CVE-2025-24056 CVE-2025-24059 CVE-2025-24061 CVE-2025-24064 CVE-2025-24066 CVE-2025-24067 CVE-2025-24071 CVE-2025-24072 CVE-2025-24076 CVE-2025-24084 CVE-2025-24983* CVE-2025-24984* CVE-2025-24985* CVE-2025-24987 CVE-2025-24988 CVE-2025-24991* CVE-2025-24992 CVE-2025-24993* CVE-2025-24994 CVE-2025-24995 CVE-2025-24996 CVE-2025-24997 CVE-2025-25008 CVE-2025-26633* CVE-2025-26645	Workaround: No Exploited: Yes* Public: Yes**	Denial of Service Elevation of Privilege Information Disclosure Remote Code Execution Security Feature Bypass Spoofing
Edge	Chromium-based	Low	CVE-2025-0995 CVE-2025-0996 CVE-2025-0997 CVE-2025-0998 CVE-2025-0999 CVE-2025-1006 CVE-2025-1426 CVE-2025-1914 CVE-2025-1915 CVE-2025-1916 CVE-2025-1917 CVE-2025-1918 CVE-2025-1919 CVE-2025-1921 CVE-2025-1922 CVE-2025-1923 CVE-2025-21401 CVE-2025-26643	Workaround: No Exploited: No Public: No	Spoofing
Office	365 Apps for Enterprise Access/Excel/Word 2016 Office 2016, 2019 LTSC 2021, 2024 including for Mac Online Server	Critical	CVE-2025-24057 CVE-2025-24075 CVE-2025-24077 CVE-2025-24078 CVE-2025-24079 CVE-2025-24080 CVE-2025-24081 CVE-2025-24082 CVE-2025-24083 CVE-2025-26629 CVE-2025-26630**	Workaround: No Exploited: No Public: Yes**	Remote Code Execution
Azure	ARC CLI Agent for Backup Agent for Site Recovery promptflow-tools & promptflow-core	Important	CVE-2025-21199 CVE-2025-24049 CVE-2025-24986 CVE-2025-26627	Workaround: No Exploited: No Public: No	Elevation of Privilege Remote Code Execution
Developer Tools	Visual Studio (VS) Code VS 2017 15.0 - 15.9 VS 2019 16.0-16.11 VS 2022 17.8, 17.10, 17.12, 17.13 ASP.NET Core 8, 9 WinDbg	Important	CVE-2025-24043 CVE-2025-24070 CVE-2025-24998 CVE-2025-25003 CVE-2025-26631	Workaround: No Exploited: No Public: No	Elevation of Privilege Remote Code Execution
Apps	Microsoft Bing	Critical	CVE-2025-21355	Workaround: No Exploited: No Public: No	Remote Code Execution
Dynamics	Microsoft Power Pages	Critical	CVE-2025-24989*	Workaround: No Exploited: Yes* Public: No	Elevation of Privilege

Thanks as always for reading and best wishes on security,

Randy Franklin Smith

Click here to unsubscribe

Ultimate Windows Security is a division of Monterey Technology Group, Inc. ©2006-2025 Monterey Technology Group, All rights reserved. You may forward this email in its entirety but all other rights reserved.

9450 SW Gemini Drive #53822, Beaverton, OR 97008

Note: We do our best to provide quality information and expert commentary but use all information at your own risk.