Microsoft Releases Patch March 2025: Fix 56 CVEs, Including 7 Zero-Day

Microsoft released a security update for March 2025 globally (photo:dok. microsoft)

JAKARTA - Microsoft released a security update for March 2025 globally, patching 56 Common Vulnerabilities and Exposures (CVE). This includes seven zero-day security holes, of which six have been actively exploited in cyberspace.

Of the total vulnerabilities fixed this month, 41.1% are the Remote Code Execution (RCE) gaps, while the other 39.3% are Elevation of Privilege (EoP).

According to Satnam Narang, Tenable Senior Staff Research Engineer, the number of seven zero-days in this release matched the highest number ever reported in a month, namely in August and September 2024.

"Six zero-days that have been exploited in cyberspace this month surpassed the number recorded throughout 2025 to date, which is only five in January and February," Narang said.

Zero-Day Vulnerability Details

- CVE-2025-26633 (Security Feature Bypass Microsoft Management Console) This vulnerability allows attackers to use social engineering to convince victims to open malicious files. This is the second zero-day in MMC after CVE-2024-43572, which was repaired in October 2024.

- CVE-2025-24985 (Windows Fast FAT File System Driver) This is the first vulnerability in Windows Fast FAT File System Driver since March 2022 (CVE-2022-23293) and was first discovered as a zero-day. Reported anonymously, so exploit details are not available.

Three Vulnerabilities In NTFS

Microsoft also fixed three bugs in the NTFS file system, namely two disclosure information (CVE-2025-24984, CVE-2025-24991) and one remote code execution (CVE-2025-24993). All have been exploited as zero-day. This attack requires targets to install a modified virtual hard disk (VHD), so attackers can execute malicious codes or steal sensitive information.

- CVE-2025-24983 (Elevation of Privilege Windows Win32 Kernel Subsystem) This is the only zero-day Elevation of Privilege this month. The attacker needed early access to the system before exploiting this bug to gain access rights to the SYSTEM. However, exploitation is quite difficult because it involves race conditions.

With the increasing number of zero-day exploits, Windows users are advised to immediately update security to protect their systems from potential attacks.