Patch Tuesday: March 2025
Critical Fixes Amid Rising Threats
March 2025 Patch Tuesday: Microsoft Tackles 7 Zero-Days and 57 Flaws
Microsoft’s March 2025 Patch Tuesday, released on March 11, delivered a hefty batch of security updates, addressing 57 vulnerabilities, including seven zero-day flaws—six of which were actively exploited. With critical remote code execution (RCE) bugs and a return to patching “normalcy,” here’s what you need to know about this month’s fixes.
Seven Zero-Days, Six Actively Exploited
This month’s standout was the patching of seven zero-day vulnerabilities. Six were under active attack, including CVE-2025-24983, a Windows Win32 Kernel Subsystem elevation of privilege bug tied to NTFS issues with mounting VHD drives. These exploits highlight attackers’ focus on kernel-level weaknesses.
Source: BleepingComputer - March 2025 Patch Tuesday
Six Critical RCE Vulnerabilities Patched
Microsoft fixed six “Critical” RCE flaws, each capable of letting attackers run arbitrary code remotely. These spanned Windows components, with severity scores pushing the urgency for deployment. Unlike February’s lighter load, March’s critical fixes signal a ramp-up in high-stakes threats.
Source: BleepingComputer - March 2025 Patch Tuesday
Windows 11 Updates: KB5053598 and KB5053602
Windows 11 versions 24H2 and 23H2 received mandatory updates via KB5053598 (Build 26100.3476) and KB5053602 (Build 22631.5039), respectively. Beyond security, these introduced a new Xbox ad in Settings and a PC Game Pass referral card—features drawing mixed reactions on X.
Source: Neowin - Windows 11 March 2025 Updates
Windows 10 Gets KB5053606 and More
Windows 10 versions 21H2 and 22H2 saw KB5053606 roll out, with additional updates for older builds (e.g., KB5053594). These patches focused on security, though Microsoft continues nudging users toward Windows 11 as support winds down—60% of users still clung to Windows 10 by February’s end.
Source: Neowin - Windows 10 March 2025 Updates
Outlook and SSH Fixes from February Preview
The March release finalized fixes previewed in February’s KB5052093, resolving Outlook drag-and-drop issues on Windows 11 24H2 and SSH connection bugs persisting since October 2024. These quality-of-life improvements round out the security focus.
Source: Help Net Security - March 2025 Forecast
Takeaway
March 2025 Patch Tuesday reflects a busy month for Microsoft, tackling exploited zero-days and critical RCEs while stabilizing Windows 11 24H2. With 57 flaws patched (excluding Edge’s earlier 10), IT admins face a packed deployment schedule—don’t sleep on these updates.
Liked this post ? You can buy me a coffee