March 2025 Patch Tuesday: Microsoft Tackles 7 Zero-Days and 57 Flaws

Microsoft’s March 2025 Patch Tuesday, released on March 11, delivered a hefty batch of security updates, addressing 57 vulnerabilities, including seven zero-day flaws—six of which were actively exploited. With critical remote code execution (RCE) bugs and a return to patching “normalcy,” here’s what you need to know about this month’s fixes.

Seven Zero-Days, Six Actively Exploited

This month’s standout was the patching of seven zero-day vulnerabilities. Six were under active attack, including CVE-2025-24983, a Windows Win32 Kernel Subsystem elevation of privilege bug tied to NTFS issues with mounting VHD drives. These exploits highlight attackers’ focus on kernel-level weaknesses.
Source: BleepingComputer - March 2025 Patch Tuesday

Six Critical RCE Vulnerabilities Patched

Microsoft fixed six “Critical” RCE flaws, each capable of letting attackers run arbitrary code remotely. These spanned Windows components, with severity scores pushing the urgency for deployment. Unlike February’s lighter load, March’s critical fixes signal a ramp-up in high-stakes threats.
Source: BleepingComputer - March 2025 Patch Tuesday

Windows 11 Updates: KB5053598 and KB5053602

Windows 11 versions 24H2 and 23H2 received mandatory updates via KB5053598 (Build 26100.3476) and KB5053602 (Build 22631.5039), respectively. Beyond security, these introduced a new Xbox ad in Settings and a PC Game Pass referral card—features drawing mixed reactions on X.
Source: Neowin - Windows 11 March 2025 Updates

Windows 10 Gets KB5053606 and More

Windows 10 versions 21H2 and 22H2 saw KB5053606 roll out, with additional updates for older builds (e.g., KB5053594). These patches focused on security, though Microsoft continues nudging users toward Windows 11 as support winds down—60% of users still clung to Windows 10 by February’s end.
Source: Neowin - Windows 10 March 2025 Updates

Outlook and SSH Fixes from February Preview

The March release finalized fixes previewed in February’s KB5052093, resolving Outlook drag-and-drop issues on Windows 11 24H2 and SSH connection bugs persisting since October 2024. These quality-of-life improvements round out the security focus.
Source: Help Net Security - March 2025 Forecast

Takeaway

March 2025 Patch Tuesday reflects a busy month for Microsoft, tackling exploited zero-days and critical RCEs while stabilizing Windows 11 24H2. With 57 flaws patched (excluding Edge’s earlier 10), IT admins face a packed deployment schedule—don’t sleep on these updates.