Software company Microsoft has issued fixes for at least 56 vulnerabilities in its Windows operating systems and supported software, including two which are actively being exploited.
One of these zero-day flaws is an elevation of privilege vulnerability in Windows Storage that could permit deletion of files in a targeted system.
The other zero-day is a buffer overflow vulnerability, which also allows elevation of privilege and is being actively exploited.
Microsoft’s patches this month also include fixes for several other vulnerabilities that permit privilege escalation, and another that permits an attacker to authenticate as a targeted user without logging in.
Apple has issued security updates to fix a zero-day vulnerability (CVE-2025-24200) which is being exploited, affecting iOS 18.3.
Adobe has issued fixes for 45 vulnerabilities across multiple apps, including InDesign, Commerce, Substance 3D Stager, InCopy, Illustrator, Substance 3D Designer and Photoshop Elements.
Chrome and Edge browser updates are also expected this week, following Google’s update to trigger Chromium-based browsers.