ΑρχικήInternetSecurityMicrosoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws

Security Technology

Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws

By Dimitris Marizas

8 Απριλίου, 2025

195

- Advertisment -

Tag

CVE ID

CVE Title

Severity

Active Directory Domain Services

Active Directory Domain Services Elevation of Privilege Vulnerability

Important

ASP.NET Core

ASP.NET Core and Visual Studio Denial of Service Vulnerability

Important

Azure Local

Azure Local Elevation of Privilege Vulnerability

Important

Azure Local Cluster

Azure Local Cluster Information Disclosure Vulnerability

Important

Azure Local Cluster

Azure Local Cluster Information Disclosure Vulnerability

Important

Azure Portal Windows Admin Center

Windows Admin Center in Azure Portal Information Disclosure Vulnerability

Important

Dynamics Business Central

Microsoft Dynamics Business Central Information Disclosure Vulnerability

Important

Microsoft AutoUpdate (MAU)

Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability

Important

Microsoft AutoUpdate (MAU)

Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability

Important

Microsoft Edge (Chromium-based)

Chromium: CVE-2025-3073 Inappropriate implementation in Autofill

Unknown

Microsoft Edge (Chromium-based)

Chromium: CVE-2025-3068 Inappropriate implementation in Intents

Unknown

Microsoft Edge (Chromium-based)

Chromium: CVE-2025-3074 Inappropriate implementation in Downloads

Unknown

Microsoft Edge (Chromium-based)

Chromium: CVE-2025-3067 Inappropriate implementation in Custom Tabs

Unknown

Microsoft Edge (Chromium-based)

Chromium: CVE-2025-3071 Inappropriate implementation in Navigations

Unknown

Microsoft Edge (Chromium-based)

Chromium: CVE-2025-3072 Inappropriate implementation in Custom Tabs

Unknown

Microsoft Edge (Chromium-based)

Chromium: CVE-2025-3070 Insufficient validation of untrusted input in Extensions

Unknown

Microsoft Edge (Chromium-based)

Chromium: CVE-2025-3069 Inappropriate implementation in Extensions

Unknown

Microsoft Edge (Chromium-based)

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Important

Microsoft Edge (Chromium-based)

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

Important

Microsoft Edge (Chromium-based)

Microsoft Edge for iOS Spoofing Vulnerability

Low

Microsoft Edge (Chromium-based)

Chromium: CVE-2025-3066 Use after free in Navigations

Unknown

Microsoft Edge for iOS

Microsoft Edge for iOS Spoofing Vulnerability

Low

Microsoft Office

Microsoft Office Remote Code Execution Vulnerability

Critical

Microsoft Office

Microsoft Office Elevation of Privilege Vulnerability

Important

Microsoft Office

Microsoft Office Remote Code Execution Vulnerability

Important

Microsoft Office

Microsoft Office Elevation of Privilege Vulnerability

Important

Microsoft Office

Microsoft Excel Remote Code Execution Vulnerability

Critical

Microsoft Office

Microsoft Office Remote Code Execution Vulnerability

Critical

Microsoft Office

Microsoft Office Remote Code Execution Vulnerability

Important

Microsoft Office

Microsoft Office Remote Code Execution Vulnerability

Critical

Microsoft Office Excel

Microsoft Excel Remote Code Execution Vulnerability

Important

Microsoft Office Excel

Microsoft Excel Remote Code Execution Vulnerability

Important

Microsoft Office Excel

Microsoft Excel Remote Code Execution Vulnerability

Important

Microsoft Office Excel

Microsoft Excel Remote Code Execution Vulnerability

Critical

Microsoft Office OneNote

Microsoft OneNote Security Feature Bypass Vulnerability

Important

Microsoft Office SharePoint

Microsoft SharePoint Remote Code Execution Vulnerability

Important

Microsoft Office SharePoint

Microsoft SharePoint Remote Code Execution Vulnerability

Important

Microsoft Office Word

Microsoft Word Remote Code Execution Vulnerability

Important

Microsoft Office Word

Microsoft Word Security Feature Bypass Vulnerability

Important

Microsoft Office Word

Microsoft Word Remote Code Execution Vulnerability

Important

Microsoft Streaming Service

Microsoft Streaming Service Denial of Service Vulnerability

Important

Microsoft Virtual Hard Drive

Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability

Important

OpenSSH for Windows

Microsoft OpenSSH for Windows Elevation of Privilege Vulnerability

Important

Outlook for Android

Outlook for Android Information Disclosure Vulnerability

Important

Remote Desktop Client

Remote Desktop Client Remote Code Execution Vulnerability

Important

Remote Desktop Gateway Service

Windows Remote Desktop Services Remote Code Execution Vulnerability

Critical

Remote Desktop Gateway Service

Windows Remote Desktop Services Remote Code Execution Vulnerability

Critical

RPC Endpoint Mapper Service

RPC Endpoint Mapper Service Elevation of Privilege Vulnerability

Important

System Center

Microsoft System Center Elevation of Privilege Vulnerability

Important

Visual Studio

Visual Studio Elevation of Privilege Vulnerability

Important

Visual Studio

Visual Studio Elevation of Privilege Vulnerability

Important

Visual Studio Code

Visual Studio Code Elevation of Privilege Vulnerability

Important

Visual Studio Tools for Applications and SQL Server Management Studio

Visual Studio Tools for Applications and SQL Server Management Studio Elevation of Privilege Vulnerability

Important

Windows Active Directory Certificate Services

Active Directory Certificate Services Elevation of Privilege Vulnerability

Important

Windows BitLocker

BitLocker Security Feature Bypass Vulnerability

Important

Windows Bluetooth Service

Windows Bluetooth Service Elevation of Privilege Vulnerability

Important

Windows Common Log File System Driver

Windows Common Log File System Driver Elevation of Privilege Vulnerability

Important

Windows Cryptographic Services

Windows Cryptographic Services Information Disclosure Vulnerability

Important

Windows Cryptographic Services

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

Important

Windows Defender Application Control (WDAC)

Windows Defender Application Control Security Feature Bypass Vulnerability

Important

Windows Digital Media

Windows Digital Media Elevation of Privilege Vulnerability

Important

Windows Digital Media

Windows Digital Media Elevation of Privilege Vulnerability

Important

Windows Digital Media

Windows Digital Media Elevation of Privilege Vulnerability

Important

Windows Digital Media

Windows Digital Media Elevation of Privilege Vulnerability

Important

Windows DWM Core Library

Microsoft DWM Core Library Elevation of Privilege Vulnerability

Important

Windows DWM Core Library

Microsoft DWM Core Library Elevation of Privilege Vulnerability

Important

Windows DWM Core Library

Windows DWM Core Library Elevation of Privilege Vulnerability

Important

Windows DWM Core Library

Microsoft DWM Core Library Elevation of Privilege Vulnerability

Important

Windows DWM Core Library

Microsoft DWM Core Library Elevation of Privilege Vulnerability

Important

Windows Hello

Windows Hello Security Feature Bypass Vulnerability

Important

Windows Hello

Windows Hello Spoofing Vulnerability

Important

Windows HTTP.sys

HTTP.sys Denial of Service Vulnerability

Important

Windows Hyper-V

Windows Hyper-V Remote Code Execution Vulnerability

Critical

Windows Installer

Windows Installer Elevation of Privilege Vulnerability

Important

Windows Kerberos

Windows Kerberos Elevation of Privilege Vulnerability

Important

Windows Kerberos

Kerberos Key Distribution Proxy Service Denial of Service Vulnerability

Important

Windows Kerberos

Windows Kerberos Security Feature Bypass Vulnerability

Important

Windows Kernel

Windows Kernel Elevation of Privilege Vulnerability

Important

Windows Kernel

Windows Kernel Elevation of Privilege Vulnerability

Important

Windows Kernel Memory

DirectX Graphics Kernel Elevation of Privilege Vulnerability

Important

Windows Kernel-Mode Drivers

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

Important

Windows LDAP – Lightweight Directory Access Protocol

Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability

Important

Windows LDAP – Lightweight Directory Access Protocol

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

Critical

Windows LDAP – Lightweight Directory Access Protocol

Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability

Important

Windows LDAP – Lightweight Directory Access Protocol

Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability

Critical

Windows Local Security Authority (LSA)

Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability

Important

Windows Local Security Authority (LSA)

Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability

Important

Windows Local Session Manager (LSM)

Windows Local Session Manager (LSM) Denial of Service Vulnerability

Important

Windows Mark of the Web (MOTW)

Windows Mark of the Web Security Feature Bypass Vulnerability

Important

Windows Media

Windows Media Remote Code Execution Vulnerability

Important

Windows Media

Windows Media Remote Code Execution Vulnerability

Important

Windows Mobile Broadband

Windows Mobile Broadband Driver Elevation of Privilege Vulnerability

Important

Windows NTFS

NTFS Information Disclosure Vulnerability

Important

Windows NTFS

Windows NTFS Information Disclosure Vulnerability

Important

Windows NTFS

NTFS Elevation of Privilege Vulnerability

Important

Windows NTFS

NTFS Elevation of Privilege Vulnerability

Important

Windows NTFS

NTFS Elevation of Privilege Vulnerability

Important

Windows Power Dependency Coordinator

Windows Power Dependency Coordinator Information Disclosure Vulnerability

Important

Windows Remote Desktop Services

Windows Remote Desktop Services Remote Code Execution Vulnerability

Important

Windows Resilient File System (ReFS)

Windows Resilient File System (ReFS) Information Disclosure Vulnerability

Important

Windows Routing and Remote Access Service (RRAS)

Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

Important

Windows Routing and Remote Access Service (RRAS)

Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

Important

Windows Routing and Remote Access Service (RRAS)

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

Important

Windows Routing and Remote Access Service (RRAS)

Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

Important

Windows Routing and Remote Access Service (RRAS)

Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

Important

Windows Routing and Remote Access Service (RRAS)

Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

Important

Windows Routing and Remote Access Service (RRAS)

Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

Important

Windows Routing and Remote Access Service (RRAS)

Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

Important

Windows Secure Channel

Windows Secure Channel Elevation of Privilege Vulnerability

Important

Windows Secure Channel

Windows Secure Channel Elevation of Privilege Vulnerability

Important

Windows Security Zone Mapping

Windows Security Zone Mapping Security Feature Bypass Vulnerability

Important

Windows Shell

Windows Shell Remote Code Execution Vulnerability

Important

Windows Standards-Based Storage Management Service

Windows Standards-Based Storage Management Service Denial of Service Vulnerability

Important

Windows Standards-Based Storage Management Service

Windows Standards-Based Storage Management Service Denial of Service Vulnerability

Important

Windows Standards-Based Storage Management Service

Windows Standards-Based Storage Management Service Denial of Service Vulnerability

Important

Windows Standards-Based Storage Management Service

Windows Standards-Based Storage Management Service Denial of Service Vulnerability

Important

Windows Standards-Based Storage Management Service

Windows Standards-Based Storage Management Service Denial of Service Vulnerability

Important

Windows Standards-Based Storage Management Service

Windows Standards-Based Storage Management Service Denial of Service Vulnerability

Important

Windows Subsystem for Linux

Windows Subsystem for Linux Elevation of Privilege Vulnerability

Important

Windows TCP/IP

Windows TCP/IP Remote Code Execution Vulnerability

Critical

Windows Telephony Service

Windows Telephony Service Remote Code Execution Vulnerability

Important

Windows Telephony Service

Windows Telephony Service Remote Code Execution Vulnerability

Important

Windows Telephony Service

Windows Telephony Service Remote Code Execution Vulnerability

Important

Windows Telephony Service

Windows Telephony Service Remote Code Execution Vulnerability

Important

Windows Telephony Service

Windows Telephony Service Remote Code Execution Vulnerability

Important

Windows Universal Plug and Play (UPnP) Device Host

Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability

Important

Windows Update Stack

Windows Process Activation Elevation of Privilege Vulnerability

Important

Windows Update Stack

Windows Update Stack Elevation of Privilege Vulnerability

Important

Windows upnphost.dll

Windows upnphost.dll Elevation of Privilege Vulnerability

Important

Windows USB Print Driver

Windows USB Print Driver Elevation of Privilege Vulnerability

Important

Windows Virtualization-Based Security (VBS) Enclave

Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability

Important

Windows Win32K – GRFX

Windows Graphics Component Elevation of Privilege Vulnerability

Important

Windows Win32K – GRFX

Win32k Elevation of Privilege Vulnerability

Important

Windows Win32K – GRFX

Win32k Elevation of Privilege Vulnerability

Important

VIA: bleepingcomputer.com

- Advertisement -

- Advertisment -

Προηγούμενο άρθρο

Οι μετοχές της Apple βυθίζονται κατά 3%+, καθώς οι εκθέσεις των μέσων ενημέρωσης διεκδικούν 104% τιμολόγια έναντι της Κίνας ισχύουν αύριο

Επόμενο άρθρο

Τα μέρη της Apple Vision Pro 2, όπως η προβολή και το εξωτερικό περίβλημα, αναφέρθηκαν ήδη στην παραγωγή, ενώ η εκτόξευση αναμένεται να συμβεί αργότερα φέτος. Δεν υπάρχει καμία λέξη για την τιμολόγηση

Dimitris Marizas https://techbit.gr

Παθιασμένος με τις νέες τεχνολογίες, με έφεση στην καινοτομία και τη δημιουργικότητα. Διαρκώς αναζητώ τρόπους αξιοποίησης της τεχνολογίας για την επίλυση προβλημάτων και τη βελτίωση της καθημερινής ζωής.

RELATED ARTICLES

ΑΦΗΣΤΕ ΜΙΑ ΑΠΑΝΤΗΣΗ Ακύρωση απάντησης

εισάγετε το σχόλιό σας!

παρακαλώ εισάγετε το όνομά σας εδώ

έχετε εισάγει εσφαλμένη διεύθυνση ηλεκτρονικού ταχυδρομείου!

παρακαλώ εισάγετε εδώ την ηλεκτρονική σας διεύθυνση

- Advertisment -

Most Popular

Φόρτωση περισσοτέρων

- Advertisment -