Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws
Today is Microsoft’s April 2025 Patch Tuesday, which includes security updates for 134 flaws, including one actively exploited zero-day vulnerability.
This Patch Tuesday also fixes eleven “Critical” vulnerabilities, all remote code execution vulnerabilities.
The above numbers do not include Mariner flaws and 13 Microsoft Edge vulnerabilities fixed earlier this month.
This month’s Patch Tuesday fixes one actively exploited zero-day. Microsoft classifies a zero-day flaw as publicly disclosed or actively exploited while no official fix is available.
CVE-2025-29824 – Windows Common Log File System Driver Elevation of Privilege Vulnerability
Microsoft says this vulnerability allows local attackers to gain SYSTEM privileges on the device/
The security updates are only available now for Windows Server and Windows 11, with Microsoft releasing the Windows 10 updates later.
“The security update for Windows 10 for x64-based Systems and Windows 10 for 32-bit Systems are not immediately available,” explained Microsoft.
“The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information.”
Microsoft attributes the discovery of this flaw to the Microsoft Threat Intelligence Center.
Below is the complete list of resolved vulnerabilities in the April 2025 Patch Tuesday updates.
To access the full description of each vulnerability and the systems it affects, you can view the full report here.
| Tag | CVE ID | CVE Title | Severity |
|---|---|---|---|
| Active Directory Domain Services | CVE-2025-29810 | Active Directory Domain Services Elevation of Privilege Vulnerability | Important |
| ASP.NET Core | CVE-2025-26682 | ASP.NET Core and Visual Studio Denial of Service Vulnerability | Important |
| Azure Local | CVE-2025-27489 | Azure Local Elevation of Privilege Vulnerability | Important |
| Azure Local Cluster | CVE-2025-26628 | Azure Local Cluster Information Disclosure Vulnerability | Important |
| Azure Local Cluster | CVE-2025-25002 | Azure Local Cluster Information Disclosure Vulnerability | Important |
| Azure Portal Windows Admin Center | CVE-2025-29819 | Windows Admin Center in Azure Portal Information Disclosure Vulnerability | Important |
| Dynamics Business Central | CVE-2025-29821 | Microsoft Dynamics Business Central Information Disclosure Vulnerability | Important |
| Microsoft AutoUpdate (MAU) | CVE-2025-29800 | Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability | Important |
| Microsoft AutoUpdate (MAU) | CVE-2025-29801 | Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability | Important |
| Microsoft Edge (Chromium-based) | CVE-2025-3073 | Chromium: CVE-2025-3073 Inappropriate implementation in Autofill | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2025-3068 | Chromium: CVE-2025-3068 Inappropriate implementation in Intents | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2025-3074 | Chromium: CVE-2025-3074 Inappropriate implementation in Downloads | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2025-3067 | Chromium: CVE-2025-3067 Inappropriate implementation in Custom Tabs | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2025-3071 | Chromium: CVE-2025-3071 Inappropriate implementation in Navigations | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2025-3072 | Chromium: CVE-2025-3072 Inappropriate implementation in Custom Tabs | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2025-3070 | Chromium: CVE-2025-3070 Insufficient validation of untrusted input in Extensions | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2025-3069 | Chromium: CVE-2025-3069 Inappropriate implementation in Extensions | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2025-25000 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Important |
| Microsoft Edge (Chromium-based) | CVE-2025-29815 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Important |
| Microsoft Edge (Chromium-based) | CVE-2025-25001 | Microsoft Edge for iOS Spoofing Vulnerability | Low |
| Microsoft Edge (Chromium-based) | CVE-2025-3066 | Chromium: CVE-2025-3066 Use after free in Navigations | Unknown |
| Microsoft Edge for iOS | CVE-2025-29796 | Microsoft Edge for iOS Spoofing Vulnerability | Low |
| Microsoft Office | CVE-2025-27745 | Microsoft Office Remote Code Execution Vulnerability | Critical |
| Microsoft Office | CVE-2025-27744 | Microsoft Office Elevation of Privilege Vulnerability | Important |
| Microsoft Office | CVE-2025-26642 | Microsoft Office Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2025-29792 | Microsoft Office Elevation of Privilege Vulnerability | Important |
| Microsoft Office | CVE-2025-29791 | Microsoft Excel Remote Code Execution Vulnerability | Critical |
| Microsoft Office | CVE-2025-27748 | Microsoft Office Remote Code Execution Vulnerability | Critical |
| Microsoft Office | CVE-2025-27746 | Microsoft Office Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2025-27749 | Microsoft Office Remote Code Execution Vulnerability | Critical |
| Microsoft Office Excel | CVE-2025-27751 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office Excel | CVE-2025-27750 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office Excel | CVE-2025-29823 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office Excel | CVE-2025-27752 | Microsoft Excel Remote Code Execution Vulnerability | Critical |
| Microsoft Office OneNote | CVE-2025-29822 | Microsoft OneNote Security Feature Bypass Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2025-29794 | Microsoft SharePoint Remote Code Execution Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2025-29793 | Microsoft SharePoint Remote Code Execution Vulnerability | Important |
| Microsoft Office Word | CVE-2025-27747 | Microsoft Word Remote Code Execution Vulnerability | Important |
| Microsoft Office Word | CVE-2025-29816 | Microsoft Word Security Feature Bypass Vulnerability | Important |
| Microsoft Office Word | CVE-2025-29820 | Microsoft Word Remote Code Execution Vulnerability | Important |
| Microsoft Streaming Service | CVE-2025-27471 | Microsoft Streaming Service Denial of Service Vulnerability | Important |
| Microsoft Virtual Hard Drive | CVE-2025-26688 | Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability | Important |
| OpenSSH for Windows | CVE-2025-27731 | Microsoft OpenSSH for Windows Elevation of Privilege Vulnerability | Important |
| Outlook for Android | CVE-2025-29805 | Outlook for Android Information Disclosure Vulnerability | Important |
| Remote Desktop Client | CVE-2025-27487 | Remote Desktop Client Remote Code Execution Vulnerability | Important |
| Remote Desktop Gateway Service | CVE-2025-27482 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Critical |
| Remote Desktop Gateway Service | CVE-2025-27480 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Critical |
| RPC Endpoint Mapper Service | CVE-2025-26679 | RPC Endpoint Mapper Service Elevation of Privilege Vulnerability | Important |
| System Center | CVE-2025-27743 | Microsoft System Center Elevation of Privilege Vulnerability | Important |
| Visual Studio | CVE-2025-29802 | Visual Studio Elevation of Privilege Vulnerability | Important |
| Visual Studio | CVE-2025-29804 | Visual Studio Elevation of Privilege Vulnerability | Important |
| Visual Studio Code | CVE-2025-20570 | Visual Studio Code Elevation of Privilege Vulnerability | Important |
| Visual Studio Tools for Applications and SQL Server Management Studio | CVE-2025-29803 | Visual Studio Tools for Applications and SQL Server Management Studio Elevation of Privilege Vulnerability | Important |
| Windows Active Directory Certificate Services | CVE-2025-27740 | Active Directory Certificate Services Elevation of Privilege Vulnerability | Important |
| Windows BitLocker | CVE-2025-26637 | BitLocker Security Feature Bypass Vulnerability | Important |
| Windows Bluetooth Service | CVE-2025-27490 | Windows Bluetooth Service Elevation of Privilege Vulnerability | Important |
| Windows Common Log File System Driver | CVE-2025-29824 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Important |
| Windows Cryptographic Services | CVE-2025-29808 | Windows Cryptographic Services Information Disclosure Vulnerability | Important |
| Windows Cryptographic Services | CVE-2025-26641 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | Important |
| Windows Defender Application Control (WDAC) | CVE-2025-26678 | Windows Defender Application Control Security Feature Bypass Vulnerability | Important |
| Windows Digital Media | CVE-2025-27730 | Windows Digital Media Elevation of Privilege Vulnerability | Important |
| Windows Digital Media | CVE-2025-27467 | Windows Digital Media Elevation of Privilege Vulnerability | Important |
| Windows Digital Media | CVE-2025-26640 | Windows Digital Media Elevation of Privilege Vulnerability | Important |
| Windows Digital Media | CVE-2025-27476 | Windows Digital Media Elevation of Privilege Vulnerability | Important |
| Windows DWM Core Library | CVE-2025-24074 | Microsoft DWM Core Library Elevation of Privilege Vulnerability | Important |
| Windows DWM Core Library | CVE-2025-24073 | Microsoft DWM Core Library Elevation of Privilege Vulnerability | Important |
| Windows DWM Core Library | CVE-2025-24058 | Windows DWM Core Library Elevation of Privilege Vulnerability | Important |
| Windows DWM Core Library | CVE-2025-24062 | Microsoft DWM Core Library Elevation of Privilege Vulnerability | Important |
| Windows DWM Core Library | CVE-2025-24060 | Microsoft DWM Core Library Elevation of Privilege Vulnerability | Important |
| Windows Hello | CVE-2025-26635 | Windows Hello Security Feature Bypass Vulnerability | Important |
| Windows Hello | CVE-2025-26644 | Windows Hello Spoofing Vulnerability | Important |
| Windows HTTP.sys | CVE-2025-27473 | HTTP.sys Denial of Service Vulnerability | Important |
| Windows Hyper-V | CVE-2025-27491 | Windows Hyper-V Remote Code Execution Vulnerability | Critical |
| Windows Installer | CVE-2025-27727 | Windows Installer Elevation of Privilege Vulnerability | Important |
| Windows Kerberos | CVE-2025-26647 | Windows Kerberos Elevation of Privilege Vulnerability | Important |
| Windows Kerberos | CVE-2025-27479 | Kerberos Key Distribution Proxy Service Denial of Service Vulnerability | Important |
| Windows Kerberos | CVE-2025-29809 | Windows Kerberos Security Feature Bypass Vulnerability | Important |
| Windows Kernel | CVE-2025-26648 | Windows Kernel Elevation of Privilege Vulnerability | Important |
| Windows Kernel | CVE-2025-27739 | Windows Kernel Elevation of Privilege Vulnerability | Important |
| Windows Kernel Memory | CVE-2025-29812 | DirectX Graphics Kernel Elevation of Privilege Vulnerability | Important |
| Windows Kernel-Mode Drivers | CVE-2025-27728 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | Important |
| Windows LDAP – Lightweight Directory Access Protocol | CVE-2025-26673 | Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | Important |
| Windows LDAP – Lightweight Directory Access Protocol | CVE-2025-26663 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | Critical |
| Windows LDAP – Lightweight Directory Access Protocol | CVE-2025-27469 | Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | Important |
| Windows LDAP – Lightweight Directory Access Protocol | CVE-2025-26670 | Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability | Critical |
| Windows Local Security Authority (LSA) | CVE-2025-21191 | Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability | Important |
| Windows Local Security Authority (LSA) | CVE-2025-27478 | Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability | Important |
| Windows Local Session Manager (LSM) | CVE-2025-26651 | Windows Local Session Manager (LSM) Denial of Service Vulnerability | Important |
| Windows Mark of the Web (MOTW) | CVE-2025-27472 | Windows Mark of the Web Security Feature Bypass Vulnerability | Important |
| Windows Media | CVE-2025-26666 | Windows Media Remote Code Execution Vulnerability | Important |
| Windows Media | CVE-2025-26674 | Windows Media Remote Code Execution Vulnerability | Important |
| Windows Mobile Broadband | CVE-2025-29811 | Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | Important |
| Windows NTFS | CVE-2025-27742 | NTFS Information Disclosure Vulnerability | Important |
| Windows NTFS | CVE-2025-21197 | Windows NTFS Information Disclosure Vulnerability | Important |
| Windows NTFS | CVE-2025-27741 | NTFS Elevation of Privilege Vulnerability | Important |
| Windows NTFS | CVE-2025-27483 | NTFS Elevation of Privilege Vulnerability | Important |
| Windows NTFS | CVE-2025-27733 | NTFS Elevation of Privilege Vulnerability | Important |
| Windows Power Dependency Coordinator | CVE-2025-27736 | Windows Power Dependency Coordinator Information Disclosure Vulnerability | Important |
| Windows Remote Desktop Services | CVE-2025-26671 | Windows Remote Desktop Services Remote Code Execution Vulnerability | Important |
| Windows Resilient File System (ReFS) | CVE-2025-27738 | Windows Resilient File System (ReFS) Information Disclosure Vulnerability | Important |
| Windows Routing and Remote Access Service (RRAS) | CVE-2025-27474 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability | Important |
| Windows Routing and Remote Access Service (RRAS) | CVE-2025-21203 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability | Important |
| Windows Routing and Remote Access Service (RRAS) | CVE-2025-26668 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Important |
| Windows Routing and Remote Access Service (RRAS) | CVE-2025-26667 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability | Important |
| Windows Routing and Remote Access Service (RRAS) | CVE-2025-26664 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability | Important |
| Windows Routing and Remote Access Service (RRAS) | CVE-2025-26672 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability | Important |
| Windows Routing and Remote Access Service (RRAS) | CVE-2025-26669 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability | Important |
| Windows Routing and Remote Access Service (RRAS) | CVE-2025-26676 | Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability | Important |
| Windows Secure Channel | CVE-2025-27492 | Windows Secure Channel Elevation of Privilege Vulnerability | Important |
| Windows Secure Channel | CVE-2025-26649 | Windows Secure Channel Elevation of Privilege Vulnerability | Important |
| Windows Security Zone Mapping | CVE-2025-27737 | Windows Security Zone Mapping Security Feature Bypass Vulnerability | Important |
| Windows Shell | CVE-2025-27729 | Windows Shell Remote Code Execution Vulnerability | Important |
| Windows Standards-Based Storage Management Service | CVE-2025-27485 | Windows Standards-Based Storage Management Service Denial of Service Vulnerability | Important |
| Windows Standards-Based Storage Management Service | CVE-2025-27486 | Windows Standards-Based Storage Management Service Denial of Service Vulnerability | Important |
| Windows Standards-Based Storage Management Service | CVE-2025-21174 | Windows Standards-Based Storage Management Service Denial of Service Vulnerability | Important |
| Windows Standards-Based Storage Management Service | CVE-2025-26680 | Windows Standards-Based Storage Management Service Denial of Service Vulnerability | Important |
| Windows Standards-Based Storage Management Service | CVE-2025-27470 | Windows Standards-Based Storage Management Service Denial of Service Vulnerability | Important |
| Windows Standards-Based Storage Management Service | CVE-2025-26652 | Windows Standards-Based Storage Management Service Denial of Service Vulnerability | Important |
| Windows Subsystem for Linux | CVE-2025-26675 | Windows Subsystem for Linux Elevation of Privilege Vulnerability | Important |
| Windows TCP/IP | CVE-2025-26686 | Windows TCP/IP Remote Code Execution Vulnerability | Critical |
| Windows Telephony Service | CVE-2025-27481 | Windows Telephony Service Remote Code Execution Vulnerability | Important |
| Windows Telephony Service | CVE-2025-21222 | Windows Telephony Service Remote Code Execution Vulnerability | Important |
| Windows Telephony Service | CVE-2025-21205 | Windows Telephony Service Remote Code Execution Vulnerability | Important |
| Windows Telephony Service | CVE-2025-21221 | Windows Telephony Service Remote Code Execution Vulnerability | Important |
| Windows Telephony Service | CVE-2025-27477 | Windows Telephony Service Remote Code Execution Vulnerability | Important |
| Windows Universal Plug and Play (UPnP) Device Host | CVE-2025-27484 | Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability | Important |
| Windows Update Stack | CVE-2025-21204 | Windows Process Activation Elevation of Privilege Vulnerability | Important |
| Windows Update Stack | CVE-2025-27475 | Windows Update Stack Elevation of Privilege Vulnerability | Important |
| Windows upnphost.dll | CVE-2025-26665 | Windows upnphost.dll Elevation of Privilege Vulnerability | Important |
| Windows USB Print Driver | CVE-2025-26639 | Windows USB Print Driver Elevation of Privilege Vulnerability | Important |
| Windows Virtualization-Based Security (VBS) Enclave | CVE-2025-27735 | Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability | Important |
| Windows Win32K – GRFX | CVE-2025-27732 | Windows Graphics Component Elevation of Privilege Vulnerability | Important |
| Windows Win32K – GRFX | CVE-2025-26687 | Win32k Elevation of Privilege Vulnerability | Important |
| Windows Win32K – GRFX | CVE-2025-26681 | Win32k Elevation of Privilege Vulnerability | Important |
