Microsoft: 6 Zero-Days in March 2025 Patch Tuesday

Six zero-day vulnerabilities are being actively exploited by malicious actors, according to Microsoft.
Two of these flaws concern NTFS, the file system used by Windows and Windows Server, with the attacker needing to convince a target to connect a malicious hard drive.
The other four zero-day bugs can be exploited by sinister actors in a variety of ways, ranging from the installation of malicious code to the theft of data.
The company has released over 50 security updates for its range of Windows operating systems in an attempt to counter these issues.
Furthermore, Microsoft noted that all the zero-day flaws were reported by external researchers, underlining the crucial role such third-party organisations play in protecting users.
However, out of the six zero-day patches, Windows 11 and Server 2019 and later were not fixed, noted Rapid7’s lead software engineer, Adam Barnett.

Fast Feed