Skip to main content
  1. Home
  2. Computing
  3. News

Microsoft patches an ‘extraordinary’ number of zero-day security vulnerabilities

By
The Surface Pro 11 on a white table in front of a window.
Luke Larsen / Digital Trends

Today is a good day to make sure your Windows 10 and 11 machines are up to date, as Microsoft has released a hefty new security update for a number of zero-day vulnerabilities. The patch, part of Microsoft’s Patch Tuesday update, contains fixes for Windows Server as well and include patches for six vulnerabilities which have already been exploited plus six more critical issues.

The new update addresses security issues of a hefty seven zero-days, including flaws which can enable remote code execution, in which an attacker can run code on the victim’s system. One of these vulnerabilities requires the attacker to first trick a local user into taking some specific actions like mounting a malicious virtual hard disk image, and has already been taken advantage of my some hackers. This vulnerability, CVE-2025-24993, is marked as a severity 7.8 by Microsoft so it’s important to patch to protect against it.

Recommended Videos

As described by The Register, another vulnerability, CVE-2025-24991, also makes use of virtual hard disk images and can enable attackers to access data, and a similar vulnerability, CVE-2025-24984, can allow attackers to insert information into a log file. Three more already exploited flaws are included in the patch too, plus six further critical flaws.

Related: 
Best new movies to stream on Netflix, Hulu, Prime Video, Max (HBO), and more

Seeing this number of bugs in Windows which are already being exploited out in the wild is “extraordinary”, according to the Zero Day Initiative, which advises system admins to act fast to protect their systems from these issues. It also states that a Microsoft Management Console Security Feature Bypass Vulnerability, CVE-2025-26633, has already impacted more than 600 organizations, advising admins to “test and deploy this fix quickly to ensure your org isn’t added to the list.”

In addition to the Windows patches from Microsoft, Adobe also released patches for bugs in its Adobe Acrobat Reader, Substance 3D Sampler, Illustrator, Substance 3D Painter, InDesign, Substance 3D Modeler, and Substance 3D Designer programs, as part of Patch Tuesday. None of these bugs are currently being exploited but it’s still a good idea to make sure your software is up to date.

Georgina Torbet
Georgina Torbet
Space Writer
Georgina has been the space writer at Digital Trends space writer for six years, covering human space exploration, planetary…
Topics

Editors’ Recommendations

Microsoft plans to charge for Windows 10 updates in the future
Windows 11 and Windows 10 operating system logos are displayed on laptop screens.

Microsoft has confirmed it will offer security updates for Windows 10 after the end-of-life date for the operating system for consumer users but for a fee.

The brand recently announced plans to charge regular users for Extended Security Updates (ESU) who intend to continue using Windows 10 beyond the October 14, 2025 support date.

Read more
Windows may have a serious security problem on its hands
A finger pressing on a fingerprint reader on a laptop.

The premier sensors enabling Windows Hello fingerprint authentication are not as secure as manufacturers had hoped. Researchers have discovered security flaws in a number of fingerprint sensors used in several laptops that work with the Windows Hello authentication feature.

Security researchers at Blackwing Intelligence have uncovered that laptops made by Dell, Lenovo, and Microsoft can have their Windows Hello fingerprint authentication bypassed easily due to vulnerabilities in the sensors that can cause them to be taken over by bad actors at the system level.

Read more
Is macOS more secure than Windows? This malware report has the answer
A person using a laptop with a set of code seen on the display.

It’s a long-held belief that Macs are less at risk of malware and viruses than Windows PCs, but how true is that? Well, a new report has shed some light on the situation -- and the results might surprise you.

According to threat research firm Elastic Security Labs, roughly 39% of all malware infections happen on Windows PCs. In good news for Apple fans, only 6% of breaches occurred on macOS, making Mac systems far less vulnerable than their Windows counterparts.

Read more