Microsoft Monthly Security Update (March 2025)

Microsoft has released monthly security update for their products:

Vulnerable Product	Risk Level	Impacts	Notes
Windows	High Risk	Remote Code Execution Elevation of Privilege Spoofing Denial of Service Security Restriction Bypass Information Disclosure	CVE-2025-24983 is being exploited in the wild. An attacker with local and user privileges could perform elevation of privilege on the targeted system. CVE-2025-24984 and CVE-2025-24991 are being exploited in the wild. An attacker with local and user privileges could perform information disclosure on the targeted system. CVE-2025-24985 and CVE-2025-24993 are being exploited in the wild. An attacker with local and user privileges could perform code execution on the targeted system locally.
Extended Security Updates (ESU)	High Risk	Remote Code Execution Elevation of Privilege Spoofing Security Restriction Bypass Information Disclosure	CVE-2025-26633 is being exploited in the wild. An attacker with local and user privileges could perform security restriction bypass on the targeted system. CVE-2025-26630 is being exploited in the wild. An attacker with local and user privileges could perform code execution on the targeted system locally.
Developer Tools	Medium Risk	Remote Code Execution Elevation of Privilege
Microsoft Office	Medium Risk	Remote Code Execution
Azure	Medium Risk	Remote Code Execution Elevation of Privilege
Browser	Low Risk	Spoofing

Number of ‘Extremely High Risk’ product(s): 0

Number of ‘High Risk’ product(s): 2

Number of ‘Medium Risk’ product(s): 3

Number of ‘Low Risk’ product(s): 1

Evaluation of overall ‘Risk Level’: High Risk

RISK: High Risk

TYPE: Operating Systems – Windows OS

Impact

Before installation of the software, please visit the vendor web-site for more details.