Ethical Hacking News
Microsoft has released over 50 security updates in March's Patch Tuesday, with six zero-day vulnerabilities making headlines. The bugs affect older versions of Windows OS and demonstrate a worrying trend - six consecutive months where Microsoft has published critical vulnerabilities without evaluating them before release.
The March Patch Tuesday has released over 50 security updates, with six zero-day vulnerabilities making headlines. CVE-2025-24991 is a critical vulnerability that can cause NTFS to disclose portions of memory, while CVE-2025-24993 enables local code execution on systems where attackers trick users into mounting malicious virtual hard disks. CV...
Microsoft's Patch Tuesday has once again become a harbinger of doom for those who rely on their beloved operating systems. In what promises to be another eventful month, the tech giant has seen fit to release over 50 security updates, with a staggering six zero-day vulnerabilities making headlines.
Among these are two critical zero-day flaws in NTFS, the default file system for Windows and Windows Server. CVE-2025-24991, labeled as a vulnerability that can cause NTFS to disclose portions of memory, has already seen active exploitation. On the other hand, CVE-2025-24993 poses a far greater threat, as it enables local code execution on systems where the attacker tricks users into mounting malicious virtual hard disks.
Microsoft attributes these bugs to researchers at ESET, who have taken credit for reporting the zero-day vulnerability labeled as CVE-2025-24983. This elevation of privilege vulnerability is particularly concerning, as it affects older versions of Windows OS - specifically Windows 8.1 and Server 2012 R2. Despite security support for these products ending more than a year ago, and mainstream support years ago, ESET notes that the vulnerability also manifests in newer Windows OS versions, including Windows 10 build 1809 and Windows Server 2016.
In stark contrast, Rapid7's lead software engineer Adam Barnett asserts that Windows 11 and Server 2019 onwards are not listed as receiving patches and therefore should be presumed safe. However, this presents a curious conundrum - why did newer versions of the OS manage to dodge this particular bullet? Barnett suggests that it may be due to the fact that the Windows 32 subsystem is still alive and well, despite no apparent mention on the Windows client OS deprecated features list.
The other zero-day vulnerabilities addressed by Microsoft in March's Patch Tuesday include CVE-2025-24984, which involves exploiting an NTFS weakness that can be triggered by inserting a malicious USB drive into a Windows computer. Successful exploitation of this bug appears to result in portions of heap memory being improperly dumped into a log file, which could then be sifted through by a determined attacker hungry for privileged information.
Barnett also highlights CVE-2025-24985, another zero-day that can allow attackers to install malicious code - again, requiring users to mount malicious virtual hard drives. And finally, there's the Microsoft Management Console vulnerability labeled as CVE-2025-26633. This flaw requires the target to open a malicious file, making it easier for attackers to gain access to vulnerable PCs.
The sheer volume of vulnerabilities highlights a worrying trend - six consecutive months where Microsoft has published zero-day vulnerabilities without evaluating them at critical severity before release. This raises serious questions about the effectiveness of the company's patching processes and its ability to stay one step ahead of the hackers.
As Windows users prepare for the monthly onslaught of updates, it is essential that they take proactive measures to protect themselves. Enterprise administrators would do well to keep an eye on askwoody.com, which often provides early insight into any patches causing problems. And before updating their systems, it's crucial to back up data and be aware of potential issues.
The coming months will undoubtedly bring more threats like these - zero-day vulnerabilities that catch even the most seasoned security experts off guard. As such, users would do well to stay vigilant, monitor the latest news and alerts from reputable sources, and remain prepared for whatever cybersecurity challenges lie ahead.
Related Information:
https://www.ethicalhackingnews.com/articles/The-Sixth-Consecutive-Month-of-Zero-Day-Vulnerabilities-A-Looming-Cloud-for-Windows-Users-ehn.shtml
https://krebsonsecurity.com/2025/03/microsoft-6-zero-days-in-march-2025-patch-tuesday/
https://www.bleepingcomputer.com/news/microsoft/microsoft-march-2025-patch-tuesday-fixes-7-zero-days-57-flaws/
Published: Tue Mar 11 20:23:48 2025 by llama3.2 3B Q4_K_M
