TTech

Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws

  • bytady
  • April 8, 2025
  • 7 minute read
Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws
0
Shares
0
0
0
0
Tag

CVE ID

CVE Title

Severity


Active Directory Domain Services

CVE-2025-29810

Active Directory Domain Services Elevation of Privilege Vulnerability

Important


ASP.NET Core

CVE-2025-26682

ASP.NET Core and Visual Studio Denial of Service Vulnerability

Important


Azure Local

CVE-2025-27489

Azure Local Elevation of Privilege Vulnerability

Important


Azure Local Cluster

CVE-2025-26628

Azure Local Cluster Information Disclosure Vulnerability

Important


Azure Local Cluster

CVE-2025-25002

Azure Local Cluster Information Disclosure Vulnerability

Important


Azure Portal Windows Admin Center

CVE-2025-29819

Windows Admin Center in Azure Portal Information Disclosure Vulnerability

Important


Dynamics Business Central

CVE-2025-29821

Microsoft Dynamics Business Central Information Disclosure Vulnerability

Important


Microsoft AutoUpdate (MAU)

CVE-2025-29800

Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability

Important


Microsoft AutoUpdate (MAU)

CVE-2025-29801

Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability

Important


Microsoft Edge (Chromium-based)

CVE-2025-3073

Chromium: CVE-2025-3073 Inappropriate implementation in Autofill

Unknown


Microsoft Edge (Chromium-based)

CVE-2025-3068

Chromium: CVE-2025-3068 Inappropriate implementation in Intents

Unknown


Microsoft Edge (Chromium-based)

CVE-2025-3074

Chromium: CVE-2025-3074 Inappropriate implementation in Downloads

Unknown


Microsoft Edge (Chromium-based)

CVE-2025-3067

Chromium: CVE-2025-3067 Inappropriate implementation in Custom Tabs

Unknown


Microsoft Edge (Chromium-based)

CVE-2025-3071

Chromium: CVE-2025-3071 Inappropriate implementation in Navigations

Unknown


Microsoft Edge (Chromium-based)

CVE-2025-3072

Chromium: CVE-2025-3072 Inappropriate implementation in Custom Tabs

Unknown


Microsoft Edge (Chromium-based)

CVE-2025-3070

Chromium: CVE-2025-3070 Insufficient validation of untrusted input in Extensions

Unknown


Microsoft Edge (Chromium-based)

CVE-2025-3069

Chromium: CVE-2025-3069 Inappropriate implementation in Extensions

Unknown


Microsoft Edge (Chromium-based)

CVE-2025-25000

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Important


Microsoft Edge (Chromium-based)

CVE-2025-29815

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Important


Microsoft Edge (Chromium-based)

CVE-2025-25001

Microsoft Edge for iOS Spoofing Vulnerability

Low


Microsoft Edge (Chromium-based)

CVE-2025-3066

Chromium: CVE-2025-3066 Use after free in Navigations

Unknown


Microsoft Edge for iOS

CVE-2025-29796

Microsoft Edge for iOS Spoofing Vulnerability

Low


Microsoft Office

CVE-2025-27745

Microsoft Office Remote Code Execution Vulnerability

Critical


Microsoft Office

CVE-2025-27744

Microsoft Office Elevation of Privilege Vulnerability

Important


Microsoft Office

CVE-2025-26642

Microsoft Office Remote Code Execution Vulnerability

Important


Microsoft Office

CVE-2025-29792

Microsoft Office Elevation of Privilege Vulnerability

Important


Microsoft Office

CVE-2025-29791

Microsoft Excel Remote Code Execution Vulnerability

Critical


Microsoft Office

CVE-2025-27748

Microsoft Office Remote Code Execution Vulnerability

Critical


Microsoft Office

CVE-2025-27746

Microsoft Office Remote Code Execution Vulnerability

Important


Microsoft Office

CVE-2025-27749

Microsoft Office Remote Code Execution Vulnerability

Critical


Microsoft Office Excel

CVE-2025-27751

Microsoft Excel Remote Code Execution Vulnerability

Important


Microsoft Office Excel

CVE-2025-27750

Microsoft Excel Remote Code Execution Vulnerability

Important


Microsoft Office Excel

CVE-2025-29823

Microsoft Excel Remote Code Execution Vulnerability

Important


Microsoft Office Excel

CVE-2025-27752

Microsoft Excel Remote Code Execution Vulnerability

Critical


Microsoft Office OneNote

CVE-2025-29822

Microsoft OneNote Security Feature Bypass Vulnerability

Important


Microsoft Office SharePoint

CVE-2025-29794

Microsoft SharePoint Remote Code Execution Vulnerability

Important


Microsoft Office SharePoint

CVE-2025-29793

Microsoft SharePoint Remote Code Execution Vulnerability

Important


Microsoft Office Word

CVE-2025-27747

Microsoft Word Remote Code Execution Vulnerability

Important


Microsoft Office Word

CVE-2025-29816

Microsoft Word Security Feature Bypass Vulnerability

Important


Microsoft Office Word

CVE-2025-29820

Microsoft Word Remote Code Execution Vulnerability

Important


Microsoft Streaming Service

CVE-2025-27471

Microsoft Streaming Service Denial of Service Vulnerability

Important


Microsoft Virtual Hard Drive

CVE-2025-26688

Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability

Important


OpenSSH for Windows

CVE-2025-27731

Microsoft OpenSSH for Windows Elevation of Privilege Vulnerability

Important


Outlook for Android

CVE-2025-29805

Outlook for Android Information Disclosure Vulnerability

Important


Remote Desktop Client

CVE-2025-27487

Remote Desktop Client Remote Code Execution Vulnerability

Important


Remote Desktop Gateway Service

CVE-2025-27482

Windows Remote Desktop Services Remote Code Execution Vulnerability

Critical


Remote Desktop Gateway Service

CVE-2025-27480

Windows Remote Desktop Services Remote Code Execution Vulnerability

Critical


RPC Endpoint Mapper Service

CVE-2025-26679

RPC Endpoint Mapper Service Elevation of Privilege Vulnerability

Important


System Center

CVE-2025-27743

Microsoft System Center Elevation of Privilege Vulnerability

Important


Visual Studio

CVE-2025-29802

Visual Studio Elevation of Privilege Vulnerability

Important


Visual Studio

CVE-2025-29804

Visual Studio Elevation of Privilege Vulnerability

Important


Visual Studio Code

CVE-2025-20570

Visual Studio Code Elevation of Privilege Vulnerability

Important


Visual Studio Tools for Applications and SQL Server Management Studio

CVE-2025-29803

Visual Studio Tools for Applications and SQL Server Management Studio Elevation of Privilege Vulnerability

Important


Windows Active Directory Certificate Services

CVE-2025-27740

Active Directory Certificate Services Elevation of Privilege Vulnerability

Important


Windows BitLocker

CVE-2025-26637

BitLocker Security Feature Bypass Vulnerability

Important


Windows Bluetooth Service

CVE-2025-27490

Windows Bluetooth Service Elevation of Privilege Vulnerability

Important


Windows Common Log File System Driver

CVE-2025-29824

Windows Common Log File System Driver Elevation of Privilege Vulnerability

Important


Windows Cryptographic Services

CVE-2025-29808

Windows Cryptographic Services Information Disclosure Vulnerability

Important


Windows Cryptographic Services

CVE-2025-26641

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

Important


Windows Defender Application Control (WDAC)

CVE-2025-26678

Windows Defender Application Control Security Feature Bypass Vulnerability

Important


Windows Digital Media

CVE-2025-27730

Windows Digital Media Elevation of Privilege Vulnerability

Important


Windows Digital Media

CVE-2025-27467

Windows Digital Media Elevation of Privilege Vulnerability

Important


Windows Digital Media

CVE-2025-26640

Windows Digital Media Elevation of Privilege Vulnerability

Important


Windows Digital Media

CVE-2025-27476

Windows Digital Media Elevation of Privilege Vulnerability

Important


Windows DWM Core Library

CVE-2025-24074

Microsoft DWM Core Library Elevation of Privilege Vulnerability

Important


Windows DWM Core Library

CVE-2025-24073

Microsoft DWM Core Library Elevation of Privilege Vulnerability

Important


Windows DWM Core Library

CVE-2025-24058

Windows DWM Core Library Elevation of Privilege Vulnerability

Important


Windows DWM Core Library

CVE-2025-24062

Microsoft DWM Core Library Elevation of Privilege Vulnerability

Important


Windows DWM Core Library

CVE-2025-24060

Microsoft DWM Core Library Elevation of Privilege Vulnerability

Important


Windows Hello

CVE-2025-26635

Windows Hello Security Feature Bypass Vulnerability

Important


Windows Hello

CVE-2025-26644

Windows Hello Spoofing Vulnerability

Important


Windows HTTP.sys

CVE-2025-27473

HTTP.sys Denial of Service Vulnerability

Important


Windows Hyper-V

CVE-2025-27491

Windows Hyper-V Remote Code Execution Vulnerability

Critical


Windows Installer

CVE-2025-27727

Windows Installer Elevation of Privilege Vulnerability

Important


Windows Kerberos

CVE-2025-26647

Windows Kerberos Elevation of Privilege Vulnerability

Important


Windows Kerberos

CVE-2025-27479

Kerberos Key Distribution Proxy Service Denial of Service Vulnerability

Important


Windows Kerberos

CVE-2025-29809

Windows Kerberos Security Feature Bypass Vulnerability

Important


Windows Kernel

CVE-2025-26648

Windows Kernel Elevation of Privilege Vulnerability

Important


Windows Kernel

CVE-2025-27739

Windows Kernel Elevation of Privilege Vulnerability

Important


Windows Kernel Memory

CVE-2025-29812

DirectX Graphics Kernel Elevation of Privilege Vulnerability

Important


Windows Kernel-Mode Drivers

CVE-2025-27728

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

Important


Windows LDAP – Lightweight Directory Access Protocol

CVE-2025-26673

Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability

Important


Windows LDAP – Lightweight Directory Access Protocol

CVE-2025-26663

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

Critical


Windows LDAP – Lightweight Directory Access Protocol

CVE-2025-27469

Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability

Important


Windows LDAP – Lightweight Directory Access Protocol

CVE-2025-26670

Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability

Critical


Windows Local Security Authority (LSA)

CVE-2025-21191

Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability

Important


Windows Local Security Authority (LSA)

CVE-2025-27478

Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability

Important


Windows Local Session Manager (LSM)

CVE-2025-26651

Windows Local Session Manager (LSM) Denial of Service Vulnerability

Important


Windows Mark of the Web (MOTW)

CVE-2025-27472

Windows Mark of the Web Security Feature Bypass Vulnerability

Important


Windows Media

CVE-2025-26666

Windows Media Remote Code Execution Vulnerability

Important


Windows Media

CVE-2025-26674

Windows Media Remote Code Execution Vulnerability

Important


Windows Mobile Broadband

CVE-2025-29811

Windows Mobile Broadband Driver Elevation of Privilege Vulnerability

Important


Windows NTFS

CVE-2025-27742

NTFS Information Disclosure Vulnerability

Important


Windows NTFS

CVE-2025-21197

Windows NTFS Information Disclosure Vulnerability

Important


Windows NTFS

CVE-2025-27741

NTFS Elevation of Privilege Vulnerability

Important


Windows NTFS

CVE-2025-27483

NTFS Elevation of Privilege Vulnerability

Important


Windows NTFS

CVE-2025-27733

NTFS Elevation of Privilege Vulnerability

Important


Windows Power Dependency Coordinator

CVE-2025-27736

Windows Power Dependency Coordinator Information Disclosure Vulnerability

Important


Windows Remote Desktop Services

CVE-2025-26671

Windows Remote Desktop Services Remote Code Execution Vulnerability

Important


Windows Resilient File System (ReFS)

CVE-2025-27738

Windows Resilient File System (ReFS) Information Disclosure Vulnerability

Important


Windows Routing and Remote Access Service (RRAS)

CVE-2025-27474

Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

Important


Windows Routing and Remote Access Service (RRAS)

CVE-2025-21203

Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

Important


Windows Routing and Remote Access Service (RRAS)

CVE-2025-26668

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Important


Windows Routing and Remote Access Service (RRAS)

CVE-2025-26667

Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

Important


Windows Routing and Remote Access Service (RRAS)

CVE-2025-26664

Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

Important


Windows Routing and Remote Access Service (RRAS)

CVE-2025-26672

Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

Important


Windows Routing and Remote Access Service (RRAS)

CVE-2025-26669

Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

Important


Windows Routing and Remote Access Service (RRAS)

CVE-2025-26676

Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

Important


Windows Secure Channel

CVE-2025-27492

Windows Secure Channel Elevation of Privilege Vulnerability

Important


Windows Secure Channel

CVE-2025-26649

Windows Secure Channel Elevation of Privilege Vulnerability

Important


Windows Security Zone Mapping

CVE-2025-27737

Windows Security Zone Mapping Security Feature Bypass Vulnerability

Important


Windows Shell

CVE-2025-27729

Windows Shell Remote Code Execution Vulnerability

Important


Windows Standards-Based Storage Management Service

CVE-2025-27485

Windows Standards-Based Storage Management Service Denial of Service Vulnerability

Important


Windows Standards-Based Storage Management Service

CVE-2025-27486

Windows Standards-Based Storage Management Service Denial of Service Vulnerability

Important


Windows Standards-Based Storage Management Service

CVE-2025-21174

Windows Standards-Based Storage Management Service Denial of Service Vulnerability

Important


Windows Standards-Based Storage Management Service

CVE-2025-26680

Windows Standards-Based Storage Management Service Denial of Service Vulnerability

Important


Windows Standards-Based Storage Management Service

CVE-2025-27470

Windows Standards-Based Storage Management Service Denial of Service Vulnerability

Important


Windows Standards-Based Storage Management Service

CVE-2025-26652

Windows Standards-Based Storage Management Service Denial of Service Vulnerability

Important


Windows Subsystem for Linux

CVE-2025-26675

Windows Subsystem for Linux Elevation of Privilege Vulnerability

Important


Windows TCP/IP

CVE-2025-26686

Windows TCP/IP Remote Code Execution Vulnerability

Critical


Windows Telephony Service

CVE-2025-27481

Windows Telephony Service Remote Code Execution Vulnerability

Important


Windows Telephony Service

CVE-2025-21222

Windows Telephony Service Remote Code Execution Vulnerability

Important


Windows Telephony Service

CVE-2025-21205

Windows Telephony Service Remote Code Execution Vulnerability

Important


Windows Telephony Service

CVE-2025-21221

Windows Telephony Service Remote Code Execution Vulnerability

Important


Windows Telephony Service

CVE-2025-27477

Windows Telephony Service Remote Code Execution Vulnerability

Important


Windows Universal Plug and Play (UPnP) Device Host

CVE-2025-27484

Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability

Important


Windows Update Stack

CVE-2025-21204

Windows Process Activation Elevation of Privilege Vulnerability

Important


Windows Update Stack

CVE-2025-27475

Windows Update Stack Elevation of Privilege Vulnerability

Important


Windows upnphost.dll

CVE-2025-26665

Windows upnphost.dll Elevation of Privilege Vulnerability

Important


Windows USB Print Driver

CVE-2025-26639

Windows USB Print Driver Elevation of Privilege Vulnerability

Important


Windows Virtualization-Based Security (VBS) Enclave

CVE-2025-27735

Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability

Important


Windows Win32K – GRFX

CVE-2025-27732

Windows Graphics Component Elevation of Privilege Vulnerability

Important


Windows Win32K – GRFX

CVE-2025-26687

Win32k Elevation of Privilege Vulnerability

Important


Windows Win32K – GRFX

CVE-2025-26681

Win32k Elevation of Privilege Vulnerability

Important


0 Shares:
Share 0
Tweet 0
Pin it 0

Leave a Reply

Your email address will not be published. Required fields are marked *

— Previous article

Cardano Shows Death Cross, But ADA Price Surges 11%

Next article —

Amazon is selling 'impressive' $330 smart glasses with Alexa for just $180, and they have built-in speakers

You May Also Like