Summary: Microsoft has issued security fixes for 126 vulnerabilities, with 11 classified as Critical. Notably, an actively exploited elevation of privilege vulnerability affecting the Windows Common Log File System driver poses significant risks. Many vulnerabilities remain unpatched for Windows 10 systems, raising concerns about system security.
Affected: Microsoft software products
Keypoints :
- 126 vulnerabilities fixed; 11 rated Critical, 112 Important, 2 Low.
- Active exploitation of a privilege escalation flaw (CVE-2025-29824) linked to ransomware attacks.
- Patches for some vulnerabilities are not yet available for Windows 10, creating security gaps.
- Other notable fixes include remote code execution flaws in Windows Remote Desktop Services and Microsoft Office.
- U.S. CISA has added the active vulnerability to its Known Exploited Vulnerabilities catalog.
Source: https://thehackernews.com/2025/04/microsoft-patches-126-flaws-including.html