Microsoft has published the March 2025 security update release covering 57 Microsoft CVEs, which include the Windows exFAT File System, Azure Agent Installer, Windows MapUrlToZone, Windows Remote Desktop Services, .NET, Windows Win32 Kernel Subsystem, Microsoft Streaming Service, Windows Hyper-V, Azure CLI, Windows Routing and Remote Access Service (RRAS), Windows NTLM, Windows USB Video Driver, Windows Telephony Server, Microsoft Office, Windows Common Log File System Driver, Windows Mark of the Web (MOTW), Windows Kernel-Mode Drivers, ASP.NET Core & Visual Studio, Windows File Explorer, Microsoft Local Security Authority Server (lsasrv), Microsoft Office Excel, Windows Cross Device Service, Microsoft Office Word, Microsoft Office Access, Visual Studio Code, Microsoft Management Console, Microsoft Edge (Chromium-based), and Remote Desktop Client. Furthermore, 10 non-Microsoft CVEs have been republished.

March 2025 Security Updates

This release consists of the following 57 Microsoft CVEs:

Tag	CVE	Base Score	Exploitability	FAQs?	Workarounds?	Mitigations?
Windows exFAT File System	CVE-2025-21180	7.8	Exploitation More Likely	Yes	No	No
Azure Agent Installer	CVE-2025-21199	6.7	Exploitation Less Likely	Yes	No	No
Windows MapUrlToZone	CVE-2025-21247	4.3	Exploitation More Likely	Yes	No	No
Windows Remote Desktop Services	CVE-2025-24035	8.1	Exploitation More Likely	Yes	No	No
.NET	CVE-2025-24043	7.5	Exploitation Less Likely	Yes	No	No
Windows Win32 Kernel Subsystem	CVE-2025-24044	7.8	Exploitation More Likely	Yes	No	No
Windows Remote Desktop Services	CVE-2025-24045	8.1	Exploitation More Likely	Yes	No	No
Microsoft Streaming Service	CVE-2025-24046	7.8	Exploitation Less Likely	Yes	No	No
Role: Windows Hyper-V	CVE-2025-24048	7.8	Exploitation Less Likely	Yes	No	No
Azure CLI	CVE-2025-24049	8.4	Exploitation Less Likely	Yes	No	No
Role: Windows Hyper-V	CVE-2025-24050	7.8	Exploitation Less Likely	Yes	No	No
Windows Routing and Remote Access Service (RRAS)	CVE-2025-24051	8.8	Exploitation Less Likely	Yes	No	No
Windows NTLM	CVE-2025-24054	6.5	Exploitation Less Likely	Yes	No	No
Windows USB Video Driver	CVE-2025-24055	4.3	Exploitation Less Likely	Yes	No	No
Windows Telephony Server	CVE-2025-24056	8.8	Exploitation Less Likely	Yes	No	No
Microsoft Office	CVE-2025-24057	7.8	Exploitation Less Likely	Yes	No	No
Windows Common Log File System Driver	CVE-2025-24059	7.8	Exploitation Less Likely	Yes	No	No
Windows Mark of the Web (MOTW)	CVE-2025-24061	7.8	Exploitation More Likely	Yes	No	No
Role: DNS Server	CVE-2025-24064	8.1	Exploitation Less Likely	Yes	No	No
Windows Kernel-Mode Drivers	CVE-2025-24066	7.8	Exploitation More Likely	Yes	No	No
Microsoft Streaming Service	CVE-2025-24067	7.8	Exploitation More Likely	Yes	No	No
ASP.NET Core & Visual Studio	CVE-2025-24070	7.0	Exploitation Less Likely	Yes	No	No
Windows File Explorer	CVE-2025-24071	7.5	Exploitation Less Likely	No	No	No
Microsoft Local Security Authority Server (lsasrv)	CVE-2025-24072	7.8	Exploitation Less Likely	Yes	No	No
Microsoft Office Excel	CVE-2025-24075	7.8	Exploitation Less Likely	Yes	No	No
Windows Cross Device Service	CVE-2025-24076	7.3	Exploitation Less Likely	Yes	No	No
Microsoft Office Word	CVE-2025-24077	7.8	Exploitation Less Likely	Yes	No	No
Microsoft Office Word	CVE-2025-24078	7.0	Exploitation Less Likely	Yes	No	No
Microsoft Office Word	CVE-2025-24079	7.8	Exploitation Less Likely	Yes	No	No
Microsoft Office	CVE-2025-24080	7.8	Exploitation Less Likely	Yes	No	No
Microsoft Office Excel	CVE-2025-24081	7.8	Exploitation Less Likely	Yes	No	No
Microsoft Office Excel	CVE-2025-24082	7.8	Exploitation Less Likely	Yes	No	No
Microsoft Office	CVE-2025-24083	7.8	Exploitation Less Likely	Yes	No	No
Windows Subsystem for Linux	CVE-2025-24084	8.4	Exploitation Less Likely	Yes	No	No
Windows Win32 Kernel Subsystem	CVE-2025-24983	7.0	Exploitation Detected	Yes	No	No
Windows NTFS	CVE-2025-24984	4.6	Exploitation Detected	Yes	No	No
Windows Fast FAT Driver	CVE-2025-24985	7.8	Exploitation Detected	Yes	No	No
Azure PromptFlow	CVE-2025-24986	6.5	Exploitation Less Likely	Yes	No	No
Windows USB Video Driver	CVE-2025-24987	6.6	Exploitation Less Likely	Yes	No	No
Windows USB Video Driver	CVE-2025-24988	6.6	Exploitation Less Likely	Yes	No	No
Windows NTFS	CVE-2025-24991	5.5	Exploitation Detected	Yes	No	No
Windows NTFS	CVE-2025-24992	5.5	Exploitation More Likely	Yes	No	No
Windows NTFS	CVE-2025-24993	7.8	Exploitation Detected	Yes	No	No
Windows Cross Device Service	CVE-2025-24994	7.3	Exploitation Less Likely	Yes	No	No
Kernel Streaming WOW Thunk Service Driver	CVE-2025-24995	7.8	Exploitation More Likely	Yes	No	No
Windows NTLM	CVE-2025-24996	6.5	Exploitation Less Likely	Yes	No	No
Windows Kernel Memory	CVE-2025-24997	4.4	Exploitation Less Likely	Yes	No	No
Visual Studio	CVE-2025-24998	7.3	Exploitation Less Likely	Yes	No	No
Visual Studio	CVE-2025-25003	7.3	Exploitation Less Likely	Yes	No	No
Microsoft Windows	CVE-2025-25008	7.1	Exploitation Less Likely	Yes	No	No
Azure Arc	CVE-2025-26627	7.0	Exploitation Less Likely	Yes	No	No
Microsoft Office	CVE-2025-26629	7.8	Exploitation Less Likely	Yes	No	No
Microsoft Office Access	CVE-2025-26630	7.8	Exploitation Less Likely	Yes	No	No
Visual Studio Code	CVE-2025-26631	7.3	Exploitation Less Likely	Yes	No	No
Microsoft Management Console	CVE-2025-26633	7.0	Exploitation Detected	Yes	No	No
Microsoft Edge (Chromium-based)	CVE-2025-26643	5.4	Exploitation Less Likely	Yes	No	No
Remote Desktop Client	CVE-2025-26645	8.8	Exploitation Less Likely	Yes	No	No

We are republishing 10 non-Microsoft CVEs:

CNA	Tag	CVE	FAQs?	Workarounds?	Mitigations?
Synaptics, Inc.	Microsoft Windows	CVE-2024-9157	Yes	No	No
Chrome	Microsoft Edge (Chromium-based)	CVE-2025-1914	Yes	No	No
Chrome	Microsoft Edge (Chromium-based)	CVE-2025-1915	Yes	No	No
Chrome	Microsoft Edge (Chromium-based)	CVE-2025-1916	Yes	No	No
Chrome	Microsoft Edge (Chromium-based)	CVE-2025-1917	Yes	No	No
Chrome	Microsoft Edge (Chromium-based)	CVE-2025-1918	Yes	No	No
Chrome	Microsoft Edge (Chromium-based)	CVE-2025-1919	Yes	No	No
Chrome	Microsoft Edge (Chromium-based)	CVE-2025-1921	Yes	No	No
Chrome	Microsoft Edge (Chromium-based)	CVE-2025-1922	Yes	No	No
Chrome	Microsoft Edge (Chromium-based)	CVE-2025-1923	Yes	No	No

Security Update Guide Blog Posts

Date	Blog Post
November 12, 2024	Toward greater transparency: Publishing machine-readable CSAF files
June 27, 2024	Toward greater transparency: Unveiling Cloud Service CVEs
April 9, 2024	Toward greater transparency: Security Update Guide now shares CWEs for CVEs
January 6, 2023	Publishing CBL-Mariner CVEs on the Security Update Guide CVRF API
January 11, 2022	Coming Soon: New Security Update Guide Notification System
February 9, 2021	Continuing to Listen: Good News about the Security Update Guide API
January 13, 2021	Security Update Guide Supports CVEs Assigned by Industry Partners
December 8, 2020	Security Update Guide: Let’s keep the conversation going
November 9, 2020	Vulnerability Descriptions in the New Version of the Security Update Guide

Relevant Resources

• The new Hotpatching feature is now generally available. Please see  Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
• Windows 10 and Windows 11 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10 and Windows 11, in addition to non-security updates. The updates are available via the  Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 and Windows 11 operating systems, please see  Windows Lifecycle Facts Sheet.
• Microsoft is improving Windows Release Notes. For more information, please see  What's next for Windows release notes.
• A list of the latest servicing stack updates for each operating system can be found in  ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
• In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
• Customers running Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See  4522133 for more information.

Known Issues

You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

For more information about Windows Known Issues, please see  Windows message center (links to currently-supported versions of Windows are in the left pane).

KB Article	Applies To
5053596	Windows 10, version 1809, Windows Server 2019
5053598	Windows 11, version 24H2
5053599	Windows Server 2022, 23H2 Edition (Server Core installation)
5053602	Windows 11, version 22H2, Windows 11, version 23H2
5053606	Windows 10, version 21H2, Windows 10, version 22H2
5053888	Windows Server 2008 (Monthly Rollup)
5053995	Windows Server 2008 (Security-only update)

Security Update Guide - Microsoft Security Response Center