Service Notices
Microsoft Releases April 2025 Security Updates
Apr 09, 2025 GMT+08:00
I. Overview
Huawei Cloud noticed that Microsoft has released its April 2025 Security Updates. A total of 121 security vulnerabilities have been disclosed, among which 11 are marked as important vulnerabilities. Attackers can leverage these vulnerabilities to execute remote code, escalate privileges, and leak information. The affected applications include Microsoft Windows, Microsoft Office, Microsoft Visual Studio and Microsoft Azure.
For details, visit the Microsoft official website:
https://msrc.microsoft.com/update-guide/releaseNote/2025-Apr
The following vulnerabilities require close scrutiny as their details have been disclosed or they have already been exploited by attackers:
Windows Common Log File System Driver Elevation of Privilege Vulnerability (CVE-2025-29824): 0-day vulnerability. An attacker who successfully exploited this vulnerability could obtain system privileges. This vulnerability has been exploited in the wild, and the risk is high.
11 vulnerabilities (such as CVE-2025-29794, CVE-2025-27482, and CVE-2025-27480) are marked as Exploitation More Likely. For details, see the official announcement. Please perform security self-check and security hardening in a timely manner to reduce attack risks.
II. Severity
Severity: important
(Severity: low, moderate, important, and critical)
III. Affected Products
Microsoft Windows, Microsoft Office, Visual Studio, Microsoft Azure, and other products.
IV. Vulnerability Details
|
CVE Number |
Vulnerability |
Severity |
Vulnerability |
|
CVE-2025-27480 CVE-2025-27482 |
Windows Remote Desktop Services Remote Code Execution Vulnerability |
Important |
An attacker could successfully exploit this vulnerability by connecting to a system with the Remote Desktop Gateway role, triggering the race condition to create a use-after-free scenario, and then leveraging this to execute arbitrary code. |
|
CVE-2025-26670 CVE-2025-26663 |
Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability |
Important |
An unauthenticated attacker could send a specially crafted request to an vulnerable LDAP server to win a race condition, resulting in a use-after-free scenario, which could be leveraged to achieve remote code execution. |
|
CVE-2025-27491 |
Windows Hyper-V Remote Code Execution Vulnerability |
Important |
An authenticated attacker could entice a victim to open a specially crafted website to trigger the vulnerability. Successful exploitation of this vulnerability can result in remote code execution on the target system. |
|
CVE-2025-29791 |
Microsoft Excel Remote Code Execution Vulnerability |
Important |
An attacker can entice a victim to open a maliciously crafted file, thereby triggering the vulnerability. Successful exploitation of this vulnerability allows the attacker to execute arbitrary code locally on the affected system. |
|
CVE-2025-27752 |
Microsoft Excel Remote Code Execution Vulnerability |
Important |
An attacker can induce a victim to open a specially crafted file to trigger the vulnerability. Successful exploitation of this vulnerability allows the attacker to launch attacks locally on the victim's computer. |
|
CVE-2025-27749 CVE-2025-27748 CVE-2025-27745 |
Microsoft Office Remote Code Execution Vulnerability |
Important |
An attacker can induce a victim to download and open a specially crafted file from a website to trigger the vulnerability. Successful exploitation of this vulnerability allows the attacker to execute arbitrary code locally on the affected system. |
|
CVE-2025-26686 |
Windows TCP/IP Remote Code Execution Vulnerability |
Important |
A remote attacker can exploit this vulnerability by sending a specially crafted DHCPv6 reply to the target system. Successful exploitation allows the attacker to inject a forged IPv6 address and execute arbitrary code on the vulnerable system. |
(Note: Vulnerabilities listed above are important ones. For more information, refer to the official website of Microsoft.)
V. Security Recommendations
1. Use Windows Update or download patches from the following address to fix the vulnerabilities:
https://msrc.microsoft.com/update-guide
2. Back up data remotely to protect your data.
Note: Before fixing vulnerabilities, back up your files and conduct a thorough test.