Microsoft’s April 2025 Patch Tuesday Updates Fix Critical Zero-Day Vulnerability

Microsoft's April 2025 Patch Tuesday update brings critical patches for Windows 11 and 10 PCs.

Published: Apr 08, 2025

Windows 11 2022 Update

SHARE ARTICLE

Key Takeaways:

  • Microsoft’s April 2025 Patch Tuesday updates address 124 security vulnerabilities.
  • Microsoft fixed a privilege escalation flaw in the Windows Common Log File System Driver.
  • Microsoft also rolled out features like AI-powered Windows Search and Voice Access enhancements for Copilot+ PCs.

Microsoft released the April 2025 Patch Tuesday updates for Windows 10 and Windows 11 yesterday. This month, Microsoft fixed more than 120 security vulnerabilities, with one of them already being exploited by attackers.

On the quality and experience updates front, Microsoft released a new patch (KB5055523) for Windows 11 version 24H2. The latest update addresses issues affecting machine password rotation in the Identity Update Manager certificate/Pre-Bootstrapping Key Initialization path, particularly when using Kerberos and Credential Guard.

124 vulnerabilities fixed in the April 2025 Patch Tuesday updates

Among the 124 security vulnerabilities addressed with the April 2025 Patch Tuesday updates, 11 are rated Critical, two are rated Low, and the rest are rated Important in severity. Here are the most important patches you should know about this month:

  • CVE-2025-29824: This is an elevation of privilege (EoP) hole in the Windows Common Log File System Driver, which is a kernel-level component responsible for managing logging for different Windows services and apps. This 7.8-rated security flaw allows hackers to gain system-level privileges on compromised machines. It affects all supported versions of Windows Server and Windows 10 and 11.
  • CVE-2025-27580 and CVE-2025-27582: These security flaws are related to timing issues that could be exploited by attackers when connecting to a system with the Remote Desktop Gateway role enabled. The vulnerabilities allow hackers to execute arbitrary code on the affected system.
  • CVE-2025-26663: This is a remote code execution (RCE) vulnerability in the Windows Lightweight Directory Access Protocol (LDAP). This vulnerability arises from a “use-after-free” condition, which can be exploited by an attacker to execute arbitrary code over a network.
  • CVE-2025-27480, CVE-2025-27482, and CVE-2025-26663: These are critical remote code execution vulnerabilities in the Windows Lightweight Directory Access Protocol (LDAP).

Here’s the full list of patches Microsoft released this month:

ProductImpactMax SeverityArticleDownloadDetails
Windows 10 Version 21H2 for ARM64-based SystemsInformation DisclosureImportant5055518Security UpdateCVE-2025-27736
Windows 10 Version 21H2 for 32-bit SystemsInformation DisclosureImportant5055518Security UpdateCVE-2025-27736
Windows 11 Version 24H2 for x64-based SystemsSecurity Feature BypassImportant5055523Security UpdateCVE-2025-27735
Windows 11 Version 24H2 for ARM64-based SystemsSecurity Feature BypassImportant5055523Security UpdateCVE-2025-27735
Windows Server 2022, 23H2 Edition (Server Core installation)Security Feature BypassImportant5055527Security UpdateCVE-2025-27735
Windows 11 Version 23H2 for x64-based SystemsSecurity Feature BypassImportant5055528Security UpdateCVE-2025-27735
Windows 11 Version 23H2 for ARM64-based SystemsSecurity Feature BypassImportant5055528Security UpdateCVE-2025-27735
Windows Server 2025 (Server Core installation)Security Feature BypassImportant5055523Security UpdateCVE-2025-27735
Windows 10 Version 22H2 for 32-bit SystemsSecurity Feature BypassImportant5055518Security UpdateCVE-2025-27735
Windows 10 Version 22H2 for ARM64-based SystemsSecurity Feature BypassImportant5055518Security UpdateCVE-2025-27735
Windows 10 for x64-based SystemsElevation of PrivilegeImportantCVE-2025-27732
Windows 10 for 32-bit SystemsElevation of PrivilegeImportantCVE-2025-27732
Windows Server 2025Elevation of PrivilegeImportant5055523Security UpdateCVE-2025-27732
Windows 10 Version 22H2 for x64-based SystemsElevation of PrivilegeImportant5055518Security UpdateCVE-2025-27732
Windows 11 Version 22H2 for x64-based SystemsElevation of PrivilegeImportant5055528Security UpdateCVE-2025-27732
Windows 11 Version 22H2 for ARM64-based SystemsElevation of PrivilegeImportant5055528Security UpdateCVE-2025-27732
Windows Server 2012 R2 (Server Core installation)Remote Code ExecutionImportant5055557Monthly RollupCVE-2025-27481
Windows Server 2012 R2Remote Code ExecutionImportant5055557Monthly RollupCVE-2025-27481
Windows Server 2012 (Server Core installation)Remote Code ExecutionImportant5055581Monthly RollupCVE-2025-27481
Windows Server 2012Remote Code ExecutionImportant5055581Monthly RollupCVE-2025-27481
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Remote Code ExecutionImportant5055561Monthly RollupCVE-2025-27481
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Remote Code ExecutionImportant5055570Security OnlyCVE-2025-27481
Windows Server 2008 R2 for x64-based Systems Service Pack 1Remote Code ExecutionImportant5055561Monthly RollupCVE-2025-27481
Windows Server 2008 R2 for x64-based Systems Service Pack 1Remote Code ExecutionImportant5055570Security OnlyCVE-2025-27481
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Remote Code ExecutionImportant5055609Monthly RollupCVE-2025-27481
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Remote Code ExecutionImportant5055596Security OnlyCVE-2025-27481
Windows Server 2008 for x64-based Systems Service Pack 2Remote Code ExecutionImportant5055609Monthly RollupCVE-2025-27481
Windows Server 2008 for x64-based Systems Service Pack 2Remote Code ExecutionImportant5055596Security OnlyCVE-2025-27481
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Remote Code ExecutionImportant5055609Monthly RollupCVE-2025-27481
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Remote Code ExecutionImportant5055596Security OnlyCVE-2025-27481
Windows Server 2008 for 32-bit Systems Service Pack 2Remote Code ExecutionImportant5055609Monthly RollupCVE-2025-27481
Windows Server 2008 for 32-bit Systems Service Pack 2Remote Code ExecutionImportant5055596Security OnlyCVE-2025-27481
Windows Server 2016 (Server Core installation)Remote Code ExecutionImportant5055521Security UpdateCVE-2025-27481
Windows Server 2016Remote Code ExecutionImportant5055521Security UpdateCVE-2025-27481
Windows 10 Version 1607 for x64-based SystemsRemote Code ExecutionImportant5055521Security UpdateCVE-2025-27481
Windows 10 Version 1607 for 32-bit SystemsRemote Code ExecutionImportant5055521Security UpdateCVE-2025-27481
Windows Server 2022 (Server Core installation)Remote Code ExecutionCritical5055526Security UpdateCVE-2025-27480
Windows Server 2022Remote Code ExecutionCritical5055526Security UpdateCVE-2025-27480
Windows Server 2019 (Server Core installation)Remote Code ExecutionCritical5055519Security UpdateCVE-2025-27480
Windows Server 2019Remote Code ExecutionCritical5055519Security UpdateCVE-2025-27480
Windows 10 Version 21H2 for x64-based SystemsElevation of PrivilegeImportant5055518Security UpdateCVE-2025-27484
Microsoft Visual Studio 2022 version 17.10Elevation of PrivilegeImportantRelease NotesSecurity UpdateCVE-2025-29802
Microsoft Visual Studio 2022 version 17.8Elevation of PrivilegeImportantRelease NotesSecurity UpdateCVE-2025-29802
Microsoft AutoUpdate for MacElevation of PrivilegeImportantMAUSecurity UpdateCVE-2025-29800
SQL Server Management Studio 20.2Elevation of PrivilegeImportantRelease NotesSecurity UpdateCVE-2025-29803
VSTA 2019 SDKElevation of PrivilegeImportantRelease NotesSecurity UpdateCVE-2025-29803
VSTA 2022 SDKElevation of PrivilegeImportantRelease NotesSecurity UpdateCVE-2025-29803
Visual Studio Tools for Applications (VSTA) 2022Elevation of PrivilegeImportantRelease NotesSecurity UpdateCVE-2025-29803
Visual Studio Tools for Applications (VSTA) 2019Elevation of PrivilegeImportantRelease NotesSecurity UpdateCVE-2025-29803
Windows 10 Version 1809 for x64-based SystemsElevation of PrivilegeImportant5055519Security UpdateCVE-2025-27484
Windows 10 Version 1809 for 32-bit SystemsElevation of PrivilegeImportant5055519Security UpdateCVE-2025-27484
Microsoft Visual Studio 2022 version 17.13Denial of ServiceImportantRelease NotesSecurity UpdateCVE-2025-26682
Microsoft Visual Studio 2022 version 17.12Denial of ServiceImportantRelease NotesSecurity UpdateCVE-2025-26682
ASP.NET Core 8.0Denial of ServiceImportantRelease NotesSecurity UpdateCVE-2025-26682
Visual Studio CodeElevation of PrivilegeImportantRelease NotesSecurity UpdateCVE-2025-20570
ASP.NET Core 9.0Denial of ServiceImportantRelease NotesSecurity UpdateCVE-2025-26682
Windows Admin CenterInformation DisclosureImportantRelease NotesSecurity UpdateCVE-2025-29819
Windows Admin Center in Azure PortalInformation DisclosureImportantRelease NotesSecurity UpdateCVE-2025-29819
Microsoft Word 2016 (64-bit edition)Security Feature BypassImportant5002702Security UpdateCVE-2025-29816
Microsoft Word 2016 (32-bit edition)Security Feature BypassImportant5002702Security UpdateCVE-2025-29816
Microsoft Office 2016 (64-bit edition)Security Feature BypassImportant5002700Security UpdateCVE-2025-29816
Microsoft Office 2016 (64-bit edition)Security Feature BypassImportant5002573Security UpdateCVE-2025-29816
Microsoft Office 2016 (32-bit edition)Security Feature BypassImportant5002700Security UpdateCVE-2025-29816
Microsoft Office 2016 (32-bit edition)Security Feature BypassImportant5002573Security UpdateCVE-2025-29816
Microsoft Office LTSC for Mac 2024Security Feature BypassImportantCVE-2025-29816
Microsoft Office LTSC 2024 for 64-bit editionsSecurity Feature BypassImportantClick to RunSecurity UpdateCVE-2025-29816
Microsoft Office LTSC 2024 for 32-bit editionsSecurity Feature BypassImportantClick to RunSecurity UpdateCVE-2025-29816
Microsoft Office LTSC 2021 for 32-bit editionsSecurity Feature BypassImportantClick to RunSecurity UpdateCVE-2025-29816
Microsoft Office LTSC 2021 for 64-bit editionsSecurity Feature BypassImportantClick to RunSecurity UpdateCVE-2025-29816
Windows Server 2008 for 32-bit Systems Service Pack 2Security Feature BypassImportant5055515IE CumulativeCVE-2025-27737
Microsoft Office LTSC for Mac 2021Security Feature BypassImportantCVE-2025-29816
Microsoft 365 Apps for Enterprise for 64-bit SystemsSecurity Feature BypassImportantClick to RunSecurity UpdateCVE-2025-29816
Microsoft 365 Apps for Enterprise for 32-bit SystemsSecurity Feature BypassImportantClick to RunSecurity UpdateCVE-2025-29816
Microsoft Office 2019 for 64-bit editionsSecurity Feature BypassImportantClick to RunSecurity UpdateCVE-2025-29816
Microsoft Office 2019 for 32-bit editionsSecurity Feature BypassImportantClick to RunSecurity UpdateCVE-2025-29816
Remote Desktop client for Windows DesktopRemote Code ExecutionImportantRelease NotesSecurity UpdateCVE-2025-27487
Windows App Client for Windows DesktopRemote Code ExecutionImportantRelease NotesSecurity UpdateCVE-2025-27487
Microsoft Access 2016 (64-bit edition)Remote Code ExecutionImportant5002701Security UpdateCVE-2025-26642
Microsoft Outlook for AndroidInformation DisclosureImportantRelease NotesSecurity UpdateCVE-2025-29805
Windows Server 2012 R2 (Server Core installation)Security Feature BypassImportant5055515IE CumulativeCVE-2025-27737
Windows Server 2012 R2Security Feature BypassImportant5055515IE CumulativeCVE-2025-27737
Windows Server 2012 (Server Core installation)Security Feature BypassImportant5055515IE CumulativeCVE-2025-27737
Windows Server 2012Security Feature BypassImportant5055515IE CumulativeCVE-2025-27737
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Security Feature BypassImportant5055515IE CumulativeCVE-2025-27737
Windows Server 2008 R2 for x64-based Systems Service Pack 1Security Feature BypassImportant5055515IE CumulativeCVE-2025-27737
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Security Feature BypassImportant5055515IE CumulativeCVE-2025-27737
Windows Server 2008 for x64-based Systems Service Pack 2Security Feature BypassImportant5055515IE CumulativeCVE-2025-27737
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Security Feature BypassImportant5055515IE CumulativeCVE-2025-27737
Azure Stack HCI OS 23H2Elevation of PrivilegeImportantRelease NotesSecurity UpdateCVE-2025-27489
Azure Stack HCI OS 22H2Elevation of PrivilegeImportant5055526Security UpdateCVE-2025-27489
Microsoft Access 2016 (32-bit edition)Remote Code ExecutionImportant5002701Security UpdateCVE-2025-26642
Microsoft Office 2016 (64-bit edition)Remote Code ExecutionImportant5002588Security UpdateCVE-2025-26642
Microsoft Office 2016 (64-bit edition)Remote Code ExecutionImportant5002703Security UpdateCVE-2025-26642
Microsoft Office 2016 (32-bit edition)Remote Code ExecutionImportant5002588Security UpdateCVE-2025-26642
Microsoft Office 2016 (32-bit edition)Remote Code ExecutionImportant5002703Security UpdateCVE-2025-26642
Microsoft Excel 2016 (64-bit edition)Remote Code ExecutionImportant5002704Security UpdateCVE-2025-26642
Microsoft Excel 2016 (32-bit edition)Remote Code ExecutionImportant5002704Security UpdateCVE-2025-26642
Microsoft SharePoint Server 2019Remote Code ExecutionImportant5002691Security UpdateCVE-2025-26642
Office Online ServerRemote Code ExecutionImportant5002699Security UpdateCVE-2025-26642
Azure Local ClusterInformation DisclosureImportantRelease NotesSecurity UpdateCVE-2025-26628
Microsoft OneNote 2016 (64-bit edition)Security Feature BypassImportant5002622Security UpdateCVE-2025-29822
Microsoft OneNote 2016 (32-bit edition)Security Feature BypassImportant5002622Security UpdateCVE-2025-29822
Microsoft OneNote for MacSecurity Feature BypassImportantRelease NotesSecurity UpdateCVE-2025-29822
Microsoft Office 2016 (64-bit edition)Remote Code ExecutionImportant5002702Security UpdateCVE-2025-29820
Microsoft Office 2016 (32-bit edition)Remote Code ExecutionImportant5002702Security UpdateCVE-2025-29820
Microsoft SharePoint Enterprise Server 2016Remote Code ExecutionImportant5002692Security UpdateCVE-2025-29820
Microsoft SharePoint Enterprise Server 2016Remote Code ExecutionImportant5002682Security UpdateCVE-2025-29820
Microsoft Dynamics 365 Business Central 2025 Wave 1 – Update 26.0Information DisclosureImportantRelease NotesSecurity UpdateCVE-2025-29821
Microsoft Dynamics 365 Business Central 2024 Wave 2 – Update 25.6Information DisclosureImportant5056718Security UpdateCVE-2025-29821
Microsoft Dynamics 365 Business Central 2023 Wave 2 – Update 23.18Information DisclosureImportant5056716Security UpdateCVE-2025-29821
Microsoft Dynamics 365 Business Central Wave 1 2024 – Update 24.12Information DisclosureImportant5056717Security UpdateCVE-2025-29821
Microsoft SharePoint Server Subscription EditionRemote Code ExecutionImportant5002705Security UpdateCVE-2025-29794
System Center Operations Manager 2025Elevation of PrivilegeImportantCVE-2025-27743
System Center Operations Manager 2022Elevation of PrivilegeImportantCVE-2025-27743
System Center Operations Manager 2019Elevation of PrivilegeImportantCVE-2025-27743
System Center Service Manager 2025Elevation of PrivilegeImportantCVE-2025-27743
System Center Service Manager 2022Elevation of PrivilegeImportantCVE-2025-27743
System Center Service Manager 2019Elevation of PrivilegeImportantCVE-2025-27743
System Center Orchestrator 2025Elevation of PrivilegeImportantCVE-2025-27743
System Center Orchestrator 2022Elevation of PrivilegeImportantCVE-2025-27743
System Center Orchestrator 2019Elevation of PrivilegeImportantCVE-2025-27743
System Center Data Protection Manager 2019Elevation of PrivilegeImportantCVE-2025-27743
System Center Data Protection Manager 2022Elevation of PrivilegeImportantCVE-2025-27743
System Center Data Protection Manager 2025Elevation of PrivilegeImportantCVE-2025-27743
System Center Virtual Machine Manager 2025Elevation of PrivilegeImportantCVE-2025-27743
System Center Virtual Machine Manager 2019Elevation of PrivilegeImportantCVE-2025-27743
System Center Virtual Machine Manager 2022Elevation of PrivilegeImportantCVE-2025-27743
Microsoft SharePoint Server 2019Remote Code ExecutionImportant5002680Security UpdateCVE-2025-27747
Microsoft Office 2016 (64-bit edition)Remote Code ExecutionImportant4484432Security UpdateCVE-2025-27746
Microsoft Office 2016 (32-bit edition)Remote Code ExecutionImportant4484432Security UpdateCVE-2025-27746
SharePoint Server Subscription Edition Language PackRemote Code ExecutionImportant5002680Security UpdateCVE-2025-27746
Microsoft Office 2016 (64-bit edition)Elevation of PrivilegeImportant5002669Security UpdateCVE-2025-27744
Microsoft Office for UniversalElevation of PrivilegeImportantRelease NotesSecurity UpdateCVE-2025-26687
Microsoft Office for AndroidElevation of PrivilegeImportantRelease NotesSecurity UpdateCVE-2025-26687

Quality and experience updates

Microsoft has introduced several new features in Windows 11 version 24H2, including an AI-powered Windows Search, improved Voice Access, and enhanced Live Captions for Copilot+ PCs. Additional updates include new Top Cards in the Settings app, a taskbar emoji icon, and a gamepad layout for the touch keyboard. EU-based users also now have the option to add, remove, and rearrange lock screen widgets.

For Windows 10, Microsoft has released a couple of bug fixes for PCs running Windows 10 version 22H2. It’s important to note that Microsoft will drop support for Windows 10 on October 14, 2025, and organizations will need to pay for Extended Security Updates.

Windows Update testing and best practices

Organizations looking to deploy this month’s patches should conduct thorough testing before deploying them widely on production systems. That said, applying the patches widely shouldn’t be delayed longer than necessary as hackers start to work out how to weaponize newly reported vulnerabilities.

A best practice is to make sure you have backed up systems before applying updates. Every month, users experience issues with Windows updates that lead to systems not booting, application and hardware compatibility issues, or even data loss in extreme cases.

There are backup tools built into Windows and Windows Server that you can use to restore systems in the event a patch causes a problem. The backup features in Windows can be used to restore an entire system or files and folders on a granular basis.

SHARE ARTICLE