Software giant Microsoft has issued updates to remedy at least 121 security vulnerabilities in its Windows operating systems and software.
This includes one zero-day flaw that is being actively exploited in the wild.
Zero-day vulnerabilities are security vulnerabilities not known to the software maker, and therefore, not addressed by the maker.
The bug lets malware elevate its privileges to administrative levels on Windows machines.
“For the past two years, elevation of privilege flaws have led the pack and, so far in 2025, account for over half of all zero-days exploited,” said cybersecurity analyst Satnam Narang.
Also patched this week were remote code execution flaws in Windows Remote Desktop services and multiple vulnerabilities in web browsers, including Google Chrome, Mozilla Firefox and Microsoft Edge.
Further security updates have been issued by Adobe and Apple this week.