Ptechhub
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
PtechHub
No Result
View All Result

Microsoft’s April 2025 bumper Patch Tuesday corrects 124 bugs | Computer Weekly

By Computer Weekly by By Computer Weekly
April 9, 2025
Home Uncategorized
Share on FacebookShare on Twitter


Microsoft’s mighty bundle of 124 April fixes for Common Vulnerabilities and Exposures (CVEs) in its codebase includes 11 that are rated “critical” and two rated “low”, with the rest rated “important” in severity.

Dustin Childs of the Zero Day Initiative noted that “only one of these bugs is listed as publicly known or under active attack at the time of release”, but that this will be of little comfort.

In a blog post, Childs said of the vulnerability being listed by Microsoft as under active attack: “This privilege escalation bug [CVE-2025-29824] … allows a threat actor to execute their code with System privileges. These types of bugs are often paired with code execution bugs to take over a system. Microsoft gives no indication of how widespread these attacks are.”

Two of the other bugs Childs picked out – CVE-2025-26663 and CVE-2025-26670 – “allow a remote, unauthenticated attacker to execute their code on affected systems just by sending a specially crafted LDAP [Lightweight Directory Access Protocol] message”. He added: “Since just about everything can host an LDAP service, there’s a plethora of targets out there. And since no user interaction is involved, these bugs are wormable.” Wormable means no human interaction is required for the cyber attack to spread.

Of the current crop of Microsoft vulnerabilities being disclosed, Adam Barnett, lead software engineer at Rapid7, said: “The Windows Common Log File System (CLFS) Driver is firmly back on our radar today with CVE-2025-29824, a zero-day local elevation of privilege vulnerability.”

This is the vulnerability that Childs put primary focus on in his post.

Barnett said: “First, the good news: the Acknowledgements section credits the Microsoft Threat Intelligence Center, so the exploit was successfully reproduced by Microsoft; the less-good news is that someone other than Microsoft was first to discover the exploit, because otherwise Microsoft wouldn’t be listing CVE-2025-29824 as exploited in the wild. The advisory does not specify what privilege level is achieved upon successful exploitation, but it’ll be System, because that’s the prize for all the other CLFS [Common Log File System] elevation of privilege zero-day vulnerabilities.

“Defenders responsible for an LDAP server – which means almost any organisation with a non-trivial Microsoft footprint – should add patching for CVE-2025-26663 to their to-do list. With no privileges required, no need for user interaction, and code execution presumably in the context of the LDAP server itself, successful exploitation would be an attractive shortcut to any attacker.”

He added this further note of caution: “If you breathe a sigh of relief when you see LDAP server critical RCE vulnerabilities like CVE-2025-26663, because you’re certain that you don’t have any Windows LDAP servers in your estate, how about LDAP clients? CVE-2025-26670 describes a critical RCE [Remote Code Execution] in the LDAP client, although the FAQ confusingly states that exploitation would require an attacker to ‘send specially crafted requests to a vulnerable LDAP server’; this seems like it might be a data entry error on the advisory FAQ, so keep an eye out for an update to that section of the advisory.”

The full list of CVEs released by Microsoft for April 2025 can be found here.

The CVEs encompass, according to Childs’ enumeration, Windows and Windows Components, Office and Office Components, Azure, .Net and Visual Studio, BitLocker, Kerberos, Windows Hello, OpenSSH, and Windows Lightweight Directory Access Protocol.



Source link

By Computer Weekly

By Computer Weekly

Next Post
Haloid Solutions Introduces Haloid Command, the Industry’s First Rental and Shared Ownership Program for Mobile Command Vehicles

Haloid Solutions Introduces Haloid Command, the Industry's First Rental and Shared Ownership Program for Mobile Command Vehicles

Recommended.

Here’s What Top CrowdStrike Partners Were Talking About At Fal.Con 2025

Here’s What Top CrowdStrike Partners Were Talking About At Fal.Con 2025

September 19, 2025
1 in 3 IT leaders pull back on AI investments: Asana

1 in 3 IT leaders pull back on AI investments: Asana

May 9, 2025

Trending.

CELLCOM ISRAEL LTD. Announcement of A Special General Meeting of The Shareholders of The Company

CELLCOM ISRAEL LTD. Announcement of A Special General Meeting of The Shareholders of The Company

May 21, 2025
Veeam Debuts Data Resiliency Maturity Model To Assess, Improve Customers’ Cyber Resiliency

Veeam Debuts Data Resiliency Maturity Model To Assess, Improve Customers’ Cyber Resiliency

April 23, 2025
MocPOGO Easter Special Deals: The Pokémon GO Spoofer You Need for Might and Mastery 2025!

MocPOGO Easter Special Deals: The Pokémon GO Spoofer You Need for Might and Mastery 2025!

April 7, 2025
VNET Wins 40MW Wholesale Order from Leading Internet Company for Its New Strategic IDC Campus

VNET Wins 40MW Wholesale Order from Leading Internet Company for Its New Strategic IDC Campus

September 11, 2025
Insurance Modernization at Risk as Workforce Strategies Fall Behind, Says Info-Tech Research Group

Insurance Modernization at Risk as Workforce Strategies Fall Behind, Says Info-Tech Research Group

May 8, 2026

PTechHub

A tech news platform delivering fresh perspectives, critical insights, and in-depth reporting — beyond the buzz. We cover innovation, policy, and digital culture with clarity, independence, and a sharp editorial edge.

Follow Us

Industries

  • AI & ML
  • Cybersecurity
  • Enterprise IT
  • Finance
  • Telco

Navigation

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Subscribe to Our Newsletter

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Copyright © 2025 | Powered By Porpholio

No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs

Copyright © 2025 | Powered By Porpholio