HomeMicrosoft Patch Tuesday › March 2025

Please link to this page, it changes often. Thank you! The Senserva Team.

Microsoft Patch Tuesday, March 2025

·

Microsoft's March 2025 security release, published March 11, 2025: 33 updates fixing 86 CVEs, ranked by confirmed exploitation, ransomware use, and severity. Provided by Senserva.

Still active now. 3 CVEs from this release are on the Senserva hot list today (as of 2026-07-13), still ranked among the most dangerous vulnerabilities right now by confirmed exploitation, ransomware use, EPSS, and severity. See the current hot list.
33
Updates (KBs)
86
CVEs fixed
9
Actively exploited
1
Ransomware-linked
0
Critical updates

Actively exploited CVEs (CISA KEV)

CVE-2025-24985Windows Fast FAT File System Driver Remote Code Execution VulnerabilityCVSS 7.8Exploited
CVE-2025-24993Windows NTFS Remote Code Execution VulnerabilityCVSS 7.8Exploited Hot now
CVE-2025-21418Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityCVSS 7.8Exploited
CVE-2025-21391Windows Storage Elevation of Privilege VulnerabilityCVSS 7.1Exploited
CVE-2025-26633Microsoft Management Console Security Feature Bypass VulnerabilityCVSS 7.0ExploitedRansomware Hot now
CVE-2025-24983Windows Win32 Kernel Subsystem Elevation of Privilege VulnerabilityCVSS 7.0Exploited
CVE-2025-24054NTLM Hash Disclosure Spoofing VulnerabilityCVSS 6.5Exploited
CVE-2025-24991Windows NTFS Information Disclosure VulnerabilityCVSS 5.5Exploited Hot now
CVE-2025-24984Windows NTFS Information Disclosure VulnerabilityCVSS 4.6Exploited

Other high-risk CVEs (CVSS 8.8+)

CVE-2025-24051Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityCVSS 8.8
CVE-2025-24056Windows Telephony Service Remote Code Execution VulnerabilityCVSS 8.8
CVE-2025-26645Remote Desktop Client Remote Code Execution VulnerabilityCVSS 8.8
CVE-2025-21368Microsoft Digest Authentication Remote Code Execution VulnerabilityCVSS 8.8
CVE-2025-21369Microsoft Digest Authentication Remote Code Execution VulnerabilityCVSS 8.8
CVE-2025-21208Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityCVSS 8.8
CVE-2025-21406Windows Telephony Service Remote Code Execution VulnerabilityCVSS 8.8
CVE-2025-21407Windows Telephony Service Remote Code Execution VulnerabilityCVSS 8.8
CVE-2025-21410Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityCVSS 8.8
CVE-2025-21190Windows Telephony Service Remote Code Execution VulnerabilityCVSS 8.8
CVE-2025-21200Windows Telephony Service Remote Code Execution VulnerabilityCVSS 8.8
CVE-2025-21201Windows Telephony Server Remote Code Execution VulnerabilityCVSS 8.8

Products fixed this month

Windows 10 Version 1809 for 32-bit Systems (25)Windows 10 Version 1809 for x64-based Systems (24)Windows Server 2019 (24)Microsoft Office 2019 for 32-bit editions (6)Microsoft Office 2019 for 64-bit editions (6)Microsoft 365 Apps for Enterprise for 32-bit Systems (3)Office Online Server (3)ASP.NET Core 8.0 (2)ASP.NET Core 9.0 (2)Microsoft Visual Studio 2022 version 17.12 (2)
Take this release to your AI

Composed from the March 2025 release data above. Copy it into Claude, ChatGPT, or Copilot. Free, no sign-in.

Reference: Microsoft CVE and vulnerability management, ranked by real-world risk, and the Microsoft patching guide.
Data notice: this page is provided as is, for informational purposes only, without warranty of any kind. Senserva, LLC does not guarantee the accuracy, completeness, or timeliness of third-party data (MSRC, NVD, CISA KEV, EPSS) and accepts no liability for actions taken based on it; verify against the authoritative Microsoft advisory before acting. Built daily with Senserva Trustworthy AI. All use of this data is subject to the Senserva EULA.