Microsoft has released security updates addressing 172 vulnerabilities in Windows, including six zero-days, impacting system security and operations.
Zero-Day Vulnerabilities Addressed
Among the six zero-day vulnerabilities, three are being actively exploited. CVE-2025-59230 is a local elevation of privilege flaw in Windows Remote Access Connection Manager. Rapid7's Adam Barnett warns that its exploitation requires no user interaction. Another zero-day, CVE-2025-24990, affects the AgereModem driver (ltmdm64.sys) included with Windows; Microsoft has chosen to remove the driver to avoid vulnerabilities, a decision supported by Ben McCarthy from Immersive due to the risks associated with legacy components.
Additionally, CVE-2025-47827, a secure boot bypass in IGEL OS, presents a significant threat if physical access is obtained, enabling kernel-level rootkits.
Publicly Disclosed Vulnerabilities
Besides the active zero-days, three other vulnerabilities have been publicly disclosed but not exploited yet. These include CVE-2025-0033, a critical issue in AMD EPYC SEV-SNP; CVE-2025-24052, similar to CVE-2025-24990 in the AgereModem driver; and CVE-2025-2884, an out-of-bounds read in TCG TPM2.0 that could lead to information disclosure or denial of service.
Impact on Windows Users
Windows 10 users will benefit from free updates for these vulnerabilities. However, Microsoft will transition to its Extended Security Updates (ESU) scheme post the free update period, requiring payment from consumers and businesses for continued patch delivery.
