Safar security vulnerability is used in the Microsoft Management Control Unit
The Microsoft Management Console unit has received a correction of the Cve-2025-26633, which has an important degree of important and CVSS 7.0. This weakness can allow the attacker to run an arbitrary code on the victim's machine after deceiving the victim, either to open a harmful file from an email or message or transmits to a website owned by the opponents.
Table 1. Zero Day in Microsoft Management ConsolVESEVERITYCVSS SCORECVEDESCREIMPORTANTANTANTANTANTANTANTANTANTANTANTANTANTANTANTANTANTANTANTANTANTANTANTANTAN7.0CVE-2025-2663333Microsoft Console Security Musean
Exploiting the activity of zero weakness on zero on windows
All Windows servers and working stations have received a correction of Cve-2025-24983, which corrected Kernel Win32. This CVE has a severity of the task and CVSS 7.0 degree. This height allows the franchise weakness of the ratified striker to obtain the privileges of the local system. This weakness is present in a basic component of all Windows installation.
Table 2. Zero Day in Windows Win32 Kernellseveritycvs Scorecvingsctionimortant 7.0CVE-2025-24983Windows Win32 Quernel Subsystem Elevent
Four weaknesses in days of exploitation in Windows file applications
The Windows Fast FAT driver (file customization schedule) has received a correction for CVE-2025-24985, which has a high degree of important degree and CVSS 7.8. This vulnerability allows the attacker to run an arbitrary symbol on a system locally after deceiving a victim to install a harmful engine. Institutions advise not to allow users to escalate the arbitrary drives in order to partially alleviate the risk of this weakness.
Table 3. Safar Day in Windows Fast FAT Driverseveritycvss Scorecvedescriptionimport7.8CVE-2025-24985Windows Fast File System Driver Code Code Remote Codebilityy
Windows News Technology (NTFS) app has received a correction for CVE-2025-24993, which has an important danger and 7.8 CVSS. This vulnerability allows the attacker to run an arbitrary symbol on a system locally after deceiving a victim to install a harmful engine. Institutions advise not to allow users to escalate the arbitrary drives in order to partially alleviate the risk of this weakness.
Windows NTFS has received a correction for CVE-2025-24991, which has an important danger and CVSS 5.5. The vulnerability of not immunity allows this information to be detected for local attackers to obtain possible information from the victim's computer pile memory by deceiving the victim to install a harmful engine. As with the Cve-2025-24993 that has been discussed above, institutions are recommended for users not allowing users to escalate the arbitrary drives in order to partially alleviate the risk of this weakness.
Windows NTFS has received a correction of Cve-2025-24984, which has an important danger and CVSS 4.6 degree. This information revelation vulnerability allows the currently the current striker to obtain possible information from the victim's pile heap by connecting the harmful USB device. Institutions are strongly recommended to follow the best USB storage practices in order to reduce their exposure to this and similar weaknesses.
Table 4. Zero days in Windows NTFS Driverseveritycvss ScorecvedesctionimPortant
A security vulnerability has been publicly revealed in Microsoft Access
Microsoft Office Access receives corrections for CVE-2025-26630, which has a strong degree of important and CVSS 7.8. This security vulnerability is exploited by opening the specially made of Access Microsoft documents. Microsoft took similar weaknesses in January 2025.
Table 5. Zero Day in Microsoft Office AccessseveRITYCVS SCORECVEDESCREIMPORTATANTANTANTANTANTANTANTANTANTANTANTANTANTANTANTANTANTANTANTANTANTANTAN7.8CVE -2025-26630Microsoft Access Far code implementation of the distant code
The critical weaknesses in the remote desktop services in Windows
Cve-2025-26645, Cve-2025-24045 and Cve-2025-24035 are important weaknesses that affect the Microsoft Windows distant desktop services system. CVE-2025-26645 has CVSS 8.8 degree, and the attacker who has a distant desktop server can lead to the implementation of a RCE code on the RDP customer when the victim connects to the attack server with the weak desktop. Cve-2025-24035 and Cve-2025-24045 requires both with CVSS 8.1, the attacker winning a race condition, but Cve-2025-24035 requires the attacker to attack a system with a distant desktop gate.
Table 6. critical weakness in Windows Remote Desktop Serviceseveritycvss Scorecvidescriptioncritical8.8cve-2025-24645WDOWS from the desktop surface. Implementing the icon far from the calm symbol. Desktop services from a distance in implementing the remote symbol
The critical weakness of the Windows System for Linux (WSLU2)
CVE-2025-24084 is a decisive RCE vulnerability with a CVSS score of 8.4 that affect WSL2. Microsoft notes that in order to use this security vulnerability, the attacker must either send an immediate malicious message, email, or lure the victim to click on a link to the striker -controlled website. Since this weakness has multiple vectors, the risk of successful exploitation is increased.
Table.
Critical weakness in the service of the Microsoft Windows field name
CVE-2025-24064 is a decisive security vulnerability with a CVSS score of 8.1 that affects Windows (DNS). The attacker must win a race condition with the target DNS DNS update message for the DNS server in order to exploit this security vulnerability. The relative importance of the DNS servers for the infrastructure of the institution requires that this weakness be corrected quickly, as the information kept on the DNS server can be used by a discount to acquire important information about the organization's internal infrastructure planning.
Table 8. critical weakness in Microsoft Windows Name Name Serviceseveritycvss Scorecvedescriptioncritical8.1CVE-2025-24064Windows domain name remote symbol service implement the remote symbol
Critical weakness in Microsoft Office
CVE-2025-24057 is a decisive RCE vulnerability with a 7.8 CVSS degree that affects Microsoft Office. This weakness requires the victim to deceive to open a specially made file. Institutions are proposed to remind their employees of best practices regarding hunting attacks and not to open unusual files.
Table.
Tuesday dashboard on the Falcon platform
For a visual overview of the systems affected by the weaknesses of this month, you can use the newly available correction information panel. It can be found on the Crowdstrike Falcon® on the exposure management page> Security Gapility Management> Information Panel. Preparation paintings show the last three months of weaknesses on Tuesday.
Not all of the relevant weaknesses have spots: consider mitigation strategies
As we learned with other prominent weaknesses, such as Log4J, no easily exploited security vulnerability can be corrected. As with the PROXYNOTSHELL weakness, it is extremely important to develop a response plan for how to defend your environments when there is no correction protocol.
The regular review of your correction strategy should remain part of your program, but you should also consider more completely in your institutions of cybersecurity and improving the general security position.
The Crowdstrike Falcon platform and analyzes trillions of the end of the end of the end of the end of the end of the millions of sensors that are published in 176 countries. Watch this explanatory show to see the Falcon platform while working.
Learn more
Learn more about how to help you manage the Crowdstrike Falcon® quickly and easily discover weaknesses and other types of exposure here.
About CVSS degrees
CVSS is a free and open standard in industry used by Crowdstrike and many other cyber security institutions to evaluate and connect the intensity of the weaknesses and its characteristics. The CVSS base ranges from 0.0 to 10.0, and the national weakness database (NVD) adds a severity of CVSS. Learn more about recording weakness in this article.
Additional resources
For more information about the products in Microsoft's safety updates, see the seller's guidance here. Learn how to discover the crodstrike, Crowdstrike® Falcon Surface ™, discover unknown, exposed and Internet assets, allowing safety teams to stop the opponents in their paths. Making the priority is painful and effective. Watch how Crowdstrike Falcon® Spotlight of IT employees improved visibility with custom filters and team information panels.
