Summary: Microsoft released its March 2025 Patch Tuesday updates, addressing 57 vulnerabilities, including six actively exploited zero-days and six “Critical” remote code execution vulnerabilities. Key issues include elevation of privilege and information disclosure vulnerabilities primarily associated with Windows and Office applications. Users are advised to apply these updates promptly to mitigate potential attacks leveraging these vulnerabilities.

Affected: Microsoft Windows and Microsoft Office

Keypoints :

• 57 vulnerabilities were fixed, including 23 elevation of privilege and 23 remote code execution vulnerabilities.
• Six actively exploited zero-days were included, highlighting serious risks to unpatched systems.
• Attackers might exploit certain vulnerabilities by tricking users into mounting malicious VHD file images or through crafted emails.