Microsoft May 2025 Patch Tuesday Fixes 5 Exploited Zero-Days, 72 Flaws
Summary:
As part of the May Microsoft Patch Tuesday, Microsoft addressed 72 flaws, including 5 zero-days which are actively being exploited in attacks in the wild. Of the 57 flaws, there were 17 Elevation of Privilege Vulnerabilities, 2 Security Feature Bypass Vulnerabilities, 28 Remote Code Execution Vulnerabilities, 15 Information Disclosure Vulnerabilities, 7 Denial of Service Vulnerabilities, and 2 Spoofing Vulnerabilities. 6 flaws were rated critical in severity and can lead to remote code execution or the disclosure of information over a network.
In addition to Microsoft, several other vendors have released updates in May 2025:
Security Officer Comments:
The 5 actively exploited zero-days are listed below:
Suggested Corrections:
Organizations should review the list of vulnerabilities resolved and apply the relevant patches as needed. To access the full list of vulnerabilities addressed, please use the link below:
https://www.bleepingcomputer.com/mi...reports/Microsoft-Patch-Tuesday-May-2025.html
Link(s):
https://www.bleepingcomputer.com/ne...tuesday-fixes-5-exploited-zero-days-72-flaws/
As part of the May Microsoft Patch Tuesday, Microsoft addressed 72 flaws, including 5 zero-days which are actively being exploited in attacks in the wild. Of the 57 flaws, there were 17 Elevation of Privilege Vulnerabilities, 2 Security Feature Bypass Vulnerabilities, 28 Remote Code Execution Vulnerabilities, 15 Information Disclosure Vulnerabilities, 7 Denial of Service Vulnerabilities, and 2 Spoofing Vulnerabilities. 6 flaws were rated critical in severity and can lead to remote code execution or the disclosure of information over a network.
In addition to Microsoft, several other vendors have released updates in May 2025:
- Apple released security updates for iOS, iPadOS, and macOS.
- Cisco fixed a maximum severity vulnerability in IOS XE Software for Wireless LAN Controllers.
- Fortinet released security updates for numerous products, including an actively exploited zero day used in attacks on FortiVoice.
- Google's May 2025 security updates for Android fixed an actively exploited zero-click FreeType 2 code execution vulnerability.
- Intel released CPU microcodes for a flaw named "Branch Privilege Injection" that leaks data from privileged memory.
- SAP releases security updates for multiple products, including a critical RCE flaw.
- SonicWall fixes a zero-day vulnerability that was exploited in attacks.
Security Officer Comments:
The 5 actively exploited zero-days are listed below:
- CVE-2025-30400 - Microsoft DWM Core Library Elevation of Privilege Vulnerability
- CVE-2025-32701 and CVE-2025-32706 - Windows Common Log File System Driver Elevation of Privilege Vulnerability
- CVE-2025-32709 - Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
- CVE-2025-30397 - Scripting Engine Memory Corruption Vulnerability
Suggested Corrections:
Organizations should review the list of vulnerabilities resolved and apply the relevant patches as needed. To access the full list of vulnerabilities addressed, please use the link below:
https://www.bleepingcomputer.com/mi...reports/Microsoft-Patch-Tuesday-May-2025.html
Link(s):
https://www.bleepingcomputer.com/ne...tuesday-fixes-5-exploited-zero-days-72-flaws/