Security Advisory

MS Family April 2025 Routine Security Update Advisory

  • Apr 09 2025
MS Family April 2025 Routine Security Update Advisory

Overview

 

Microsoft(https://www.microsoft.com) has released a security update that fixes vulnerabilities in products it has supplied. users of affected products are advised to update to the latest version.

 

Affected Products

 

 

Apps family

Microsoft Outlook for Android

 

Azure Family

Azure Local Cluster

Azure Stack HCI OS 22H2

Azure Stack HCI OS 23H2

Windows Admin Center in Azure Portal

 

Developer Tools suite

ASP.NET Core 8.0

ASP.NET Core 9.0

Microsoft Visual Studio 2022 version 17.10

Microsoft Visual Studio 2022 version 17.12

Microsoft Visual Studio 2022 version 17.13

Microsoft Visual Studio 2022 version 17.8

VSTA 2019 SDK

VSTA 2022 SDK

Visual Studio Code

Visual Studio Tools for Applications (VSTA) 2019

Visual Studio Tools for Applications (VSTA) 2022

 

ESU Family

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2012

Windows Server 2012 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 R2 (Server Core installation)

 

Microsoft Dynamics Suite

Microsoft Dynamics 365 Business Central 2023 Wave 2 – Update 23.18

Microsoft Dynamics 365 Business Central 2024 Wave 2 – Update 25.6

Microsoft Dynamics 365 Business Central 2025 Wave 1 – Update 26.0

Microsoft Dynamics 365 Business Central Wave 1 2024 – Update 24.12

 

Microsoft Office Suite

Microsoft 365 Apps for Enterprise for 32-bit Systems

Microsoft 365 Apps for Enterprise for 64-bit Systems

Microsoft Access 2016 (32-bit edition)

Microsoft Access 2016 (64-bit edition)

Microsoft AutoUpdate for Mac

Microsoft Excel 2016 (32-bit edition)

Microsoft Excel 2016 (64-bit edition)

Microsoft Office 2016 (32-bit edition)

Microsoft Office 2016 (64-bit edition)

Microsoft Office 2019 for 32-bit editions

Microsoft Office 2019 for 64-bit editions

Microsoft Office LTSC 2021 for 32-bit editions

Microsoft Office LTSC 2021 for 64-bit editions

Microsoft Office LTSC 2024 for 32-bit editions

Microsoft Office LTSC 2024 for 64-bit editions

Microsoft Office LTSC for Mac 2021

Microsoft Office LTSC for Mac 2024

Microsoft Office for Android

Microsoft Office for Universal

Microsoft OneNote 2016 (32-bit edition)

Microsoft OneNote 2016 (64-bit edition)

Microsoft OneNote for Mac

Microsoft SharePoint Enterprise Server 2016

Microsoft SharePoint Server 2019

Microsoft SharePoint Server Subscription Edition

Microsoft Word 2016 (32-bit edition)

Microsoft Word 2016 (64-bit edition)

Office Online Server

SharePoint Server Subscription Edition Language Pack

 

SQL Server Family

SQL Server Management Studio 20.2

 

System Center Suite

System Center Data Protection Manager 2019

System Center Data Protection Manager 2022

System Center Data Protection Manager 2025

System Center Operations Manager 2019

System Center Operations Manager 2022

System Center Operations Manager 2025

System Center Orchestrator 2019

System Center Orchestrator 2022

System Center Orchestrator 2025

System Center Service Manager 2019

System Center Service Manager 2022

System Center Service Manager 2025

System Center Virtual Machine Manager 2019

System Center Virtual Machine Manager 2022

System Center Virtual Machine Manager 2025

 

Windows Family

Remote Desktop client for Windows Desktop

Windows 10 Version 1607 for 32-bit Systems

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 22H2 for ARM64-based Systems

Windows 10 Version 22H2 for x64-based Systems

Windows 10 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows 11 Version 23H2 for ARM64-based Systems

Windows 11 Version 23H2 for x64-based Systems

Windows 11 Version 24H2 for ARM64-based Systems

Windows 11 Version 24H2 for x64-based Systems

Windows Admin Center

Windows App Client for Windows Desktop

Windows Server 2016

Windows Server 2016 (Server Core installation)

Windows Server 2019

Windows Server 2019 (Server Core installation)

Windows Server 2022

Windows Server 2022 (Server Core installation)

Windows Server 2022, 23H2 Edition (Server Core installation)

Windows Server 2025

Windows Server 2025 (Server Core installation)

 

Resolved Vulnerabilities

 

11 vulnerabilities rated Critical and 110 rated Important were found.

 

Apps Family

Critical information disclosure vulnerability in Outlook for Android (CVE-2025-29805)

 

Azure family

Critical information disclosure vulnerability in Azure Local Cluster (CVE-2025-25002, CVE-2025-26628)

Critical elevation of privilege vulnerability in Azure Local (CVE-2025-27489)

Critical information disclosure vulnerability in Azure Portal Windows Admin Center (CVE-2025-29819)

 

Developer Tools suite

Critical denial of service vulnerability in ASP.NET Core (CVE-2025-26682)

Critical elevation of privilege vulnerability in Visual Studio Code (CVE-2025-20570)

Critical elevation of privilege vulnerability in Visual Studio Tools for Applications and SQL Server Management Studio (CVE-2025-29803)

Critical elevation of privilege vulnerability in Visual Studio (CVE-2025-29802, CVE-2025-29804)

 

Microsoft Dynamics Suite

Critical information disclosure vulnerability in Dynamics Business Central (CVE-2025-29821)

 

Microsoft Office Suite

Critical elevation of privilege vulnerabilities in Microsoft AutoUpdate (MAU) (CVE-2025-29800, CVE-2025-29801)

Urgent-grade remote code execution vulnerability in Microsoft Office Excel (CVE-2025-27752)

Critical-grade remote code execution vulnerabilities in Microsoft Office Excel (CVE-2025-27751, CVE-2025-27750, CVE-2025-29823)

Critical security feature bypass vulnerability in Microsoft Office OneNote (CVE-2025-29822)

Critical remote code execution vulnerability in Microsoft Office SharePoint (CVE-2025-29793, CVE-2025-29794)

Critical security feature bypass vulnerability in Microsoft Office Word (CVE-2025-29816)

Critical remote code execution vulnerability in Microsoft Office Word (CVE-2025-27747, CVE-2025-29820)

Emergency-grade remote code execution vulnerabilities in Microsoft Office (CVE-2025-27745, CVE-2025-27748, CVE-2025-27749, CVE-2025-29791)

Critical-grade privilege escalation vulnerabilities in Microsoft Office (CVE-2025-27744, CVE-2025-29792)

Critical remote code execution vulnerabilities in Microsoft Office (CVE-2025-27746, CVE-2025-26642)

 

System Center Suite

Critical elevation of privilege vulnerability in System Center (CVE-2025-27743)

 

Windows Family

Critical elevation of privilege vulnerability in Active Directory Domain Services (CVE-2025-29810)

Critical Denial of Service Vulnerability in Microsoft Streaming Service (CVE-2025-27471)

Critical elevation of privilege vulnerability in Microsoft Virtual Hard Drive (CVE-2025-26688)

Critical elevation of privilege vulnerability in OpenSSH for Windows (CVE-2025-27731)

Critical elevation of privilege vulnerability in RPC Endpoint Mapper Service (CVE-2025-26679)

Critical remote code execution vulnerability in Remote Desktop Client (CVE-2025-27487)

Critical remote code execution vulnerability in Remote Desktop Gateway Service (CVE-2025-27480, CVE-2025-27482)

Critical elevation of privilege vulnerability in Windows Active Directory Certificate Services (CVE-2025-27740)

Critical Security Feature Bypass Vulnerability in Windows BitLocker (CVE-2025-26637)

Critical elevation of privilege vulnerability in Windows Bluetooth Service (CVE-2025-27490)

Critical elevation of privilege vulnerability in Windows Common Log File System Driver (CVE-2025-29824)

Critical denial of service vulnerability in Windows Cryptographic Services (CVE-2025-26641)

Critical information disclosure vulnerability in Windows Cryptographic Services (CVE-2025-29808)

Critical elevation of privilege vulnerabilities in Windows DWM Core Library (CVE-2025-24074, CVE-2025-24073, CVE-2025-24058, CVE-2025-24060, CVE-2025-24062)

Critical security feature bypass vulnerability in Windows Defender Application Control (WDAC) (CVE-2025-26678)

Critical elevation of privilege vulnerabilities in Windows Digital Media (CVE-2025-27476, CVE-2025-26640, CVE-2025-27467, CVE-2025-27730)

Critical denial of service vulnerability in Windows HTTP.sys (CVE-2025-27473)

Critical security feature bypass vulnerability in Windows Hello (CVE-2025-26635)

Critical spoofing vulnerability in Windows Hello (CVE-2025-26644)

Critical remote code execution vulnerability in Windows Hyper-V (CVE-2025-27491)

Critical elevation of privilege vulnerability in Windows Installer (CVE-2025-27727)

Critical elevation of privilege vulnerability in Windows Kerberos (CVE-2025-26647)

Critical security feature bypass vulnerability in Windows Kerberos (CVE-2025-29809)

Critical Denial of Service Vulnerability in Windows Kerberos (CVE-2025-27479)

Critical elevation of privilege vulnerability in Windows Kernel Memory (CVE-2025-29812)

Critical elevation of privilege vulnerability in Windows Kernel-Mode Drivers (CVE-2025-27728)

Critical elevation of privilege vulnerability in Windows Kernel (CVE-2025-26648, CVE-2025-27739)

Critical remote code execution vulnerabilities in Windows LDAP – Lightweight Directory Access Protocol (CVE-2025-26663, CVE-2025-26670)

Critical-grade denial-of-service vulnerabilities in Windows LDAP – Lightweight Directory Access Protocol (CVE-2025-26673, CVE-2025-27469)

Critical elevation of privilege vulnerabilities in Windows Local Security Authority (LSA) (CVE-2025-27478, CVE-2025-21191)

Critical-grade denial-of-service vulnerability in Windows Local Session Manager (LSM) (CVE-2025-26651)

Critical security feature bypass vulnerability in Windows Mark of the Web (MOTW) (CVE-2025-27472)

Critical remote code execution vulnerabilities in Windows Media (CVE-2025-26666, CVE-2025-26674)

Critical elevation of privilege vulnerability in Windows Mobile Broadband (CVE-2025-29811)

Critical elevation of privilege vulnerabilities in Windows NTFS (CVE-2025-27741, CVE-2025-27483, CVE-2025-27733)

Critical information disclosure vulnerabilities in Windows NTFS (CVE-2025-27742, CVE-2025-21197)

Critical information disclosure vulnerability in Windows Power Dependency Coordinator (CVE-2025-27736)

Critical remote code execution vulnerability in Windows Remote Desktop Services (CVE-2025-26671)

Critical information disclosure vulnerability in Windows Resilient File System (ReFS) (CVE-2025-27738)

Critical-grade remote code execution vulnerability in Windows Routing and Remote Access Service (RRAS) (CVE-2025-26668)

Critical information disclosure vulnerabilities in Windows Routing and Remote Access Service (RRAS) (CVE-2025-26664, CVE-2025-26669, CVE-2025-26667, CVE-2025-27474, CVE-2025-21203, CVE-2025-26672, CVE-2025-26676)

Critical elevation of privilege vulnerabilities in Windows Secure Channel (CVE-2025-26649, CVE-2025-27492)

Critical security feature bypass vulnerability in Windows Security Zone Mapping (CVE-2025-27737)

Critical remote code execution vulnerability in Windows Shell (CVE-2025-27729)

Critical denial-of-service vulnerabilities in Windows Standards-Based Storage Management Service (CVE-2025-26680, CVE-2025-27470, CVE-2025-21174, CVE-2025-26652, CVE-2025-27485, CVE-2025-27486)

Critical elevation of privilege vulnerability in Windows Subsystem for Linux (CVE-2025-26675)

Critical remote code execution vulnerability in Windows TCP/IP (CVE-2025-26686)

Critical remote code execution vulnerabilities in Windows Telephony Service (CVE-2025-27477, CVE-2025-21205, CVE-2025-21221, CVE-2025-21222, CVE-2025-27481)

Critical elevation of privilege vulnerability in the Windows USB Print Driver (CVE-2025-26639)

Critical elevation of privilege vulnerability in Windows Universal Plug and Play (UPnP) Device Host (CVE-2025-27484)

Critical elevation of privilege vulnerability in Windows Update Stack (CVE-2025-27475, CVE-2025-21204)

Critical Security Feature Bypass Vulnerability in Windows Virtualization-Based Security (VBS) Enclave (CVE-2025-27735)

Critical elevation of privilege vulnerabilities in Windows Win32K – GRFX (CVE-2025-26681, CVE-2025-26687, CVE-2025-27732)

Critical elevation of privilege vulnerability in Windows upnphost.dll (CVE-2025-26665)

 

Vulnerability Patches

 

The following product-specific Vulnerability Patches were made available with the April 8, 2025 Update Please use the Windows Update feature for automatic installation or refer to the URLs in the product information below to download and install.

ASP.NET Core 8.0 version

ASP.NET Core 9.0 version

Azure Local Cluster version

https://msrc.microsoft.com/update-guide/

Azure Stack HCI OS 22H2 version

https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5055526

Azure Stack HCI OS 23H2 version

https://msrc.microsoft.com/update-guide/

Microsoft 365 Apps for Enterprise version

https://msrc.microsoft.com/update-guide/

Microsoft Access 2016 version

https://www.microsoft.com/en-us/download/details.aspx?id=108105

Microsoft AutoUpdate for Mac version

https://go.microsoft.com/fwlink/p/?linkid=830196

Microsoft Dynamics 365 Business Central 2023 Wave 2 – Update 23.18 version

https://download.microsoft.com/download/74eaf1bd-a1d3-4b8b-a688-dd1857c0a61c/Dynamics.365.BC.32409.US.DVD.zip

Microsoft Dynamics 365 Business Central 2024 Wave 2 – Update 25.6 version

https://download.microsoft.com/download/cd199d92-3b8f-4c03-935f-23f6636e5229/Dynamics.365.BC.32556.US.DVD.zip

Microsoft Dynamics 365 Business Central 2025 Wave 1 – Update 26.0 version

https://msrc.microsoft.com/update-guide/

Microsoft Dynamics 365 Business Central Wave 1 2024 – Update 24.12 version

https://download.microsoft.com/download/8be3cb71-652c-44cf-91f7-f0079d79a67e/Dynamics.365.BC.32447.US.DVD.zip

Microsoft Excel 2016 version

https://www.microsoft.com/en-us/download/details.aspx?id=108099

Microsoft Office 2016 version

https://www.microsoft.com/en-us/download/details.aspx?id=108102

https://www.microsoft.com/en-us/download/details.aspx?id=108094

https://www.microsoft.com/en-us/download/details.aspx?id=108100

https://www.microsoft.com/en-us/download/details.aspx?id=108098

https://www.microsoft.com/en-us/download/details.aspx?id=108097

https://www.microsoft.com/en-us/download/details.aspx?id=108108

https://www.microsoft.com/en-us/download/details.aspx?id=108103

Microsoft Office 2019 version

Microsoft Office LTSC 2021 editions

Microsoft Office LTSC 2024 editions

https://msrc.microsoft.com/update-guide/

Microsoft Office for Android editions

Microsoft Office for Universal editions

https://msrc.microsoft.com/update-guide/

Microsoft OneNote 2016 version

https://www.microsoft.com/en-us/download/details.aspx?id=108107

Microsoft OneNote for Mac version

Microsoft Outlook for Android version

https://msrc.microsoft.com/update-guide/

Microsoft SharePoint Enterprise Server 2016 version

https://www.microsoft.com/en-us/download/details.aspx?id=108096

https://www.microsoft.com/en-us/download/details.aspx?id=108093

Microsoft SharePoint Server 2019 version

https://www.microsoft.com/en-us/download/details.aspx?id=108104

https://www.microsoft.com/en-us/download/details.aspx?id=108095

Microsoft SharePoint Server Subscription Edition version

https://www.microsoft.com/en-us/download/details.aspx?id=108101

Microsoft Visual Studio 2022 version 17.10 version

Microsoft Visual Studio 2022 version 17.12

Microsoft Visual Studio 2022 version 17.13

Microsoft Visual Studio 2022 version 17.8

https://msrc.microsoft.com/update-guide/

Microsoft Word 2016 version

https://www.microsoft.com/en-us/download/details.aspx?id=108098

Office Online Server version

https://www.microsoft.com/en-us/download/details.aspx?id=108106

Remote Desktop client for Windows Desktop version

SQL Server Management Studio 20.2 version

https://msrc.microsoft.com/update-guide/

SharePoint Server Subscription Edition Language Pack version

https://www.microsoft.com/en-us/download/details.aspx?id=108104

VSTA 2019 SDK version

VSTA 2022 SDK version

Visual Studio Code version

Visual Studio Tools for Applications (VSTA) 2019 version

Visual Studio Tools for Applications (VSTA) 2022 version

https://msrc.microsoft.com/update-guide/

Windows 10 Version 1607 Version

https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5055521

Windows 10 Version 1809

https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5055519

Windows 10 Version 21H2

Windows 10 Version 22H2

https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5055518

Windows 11 Version 22H2

Windows 11 Version 23H2

https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5055528

Windows 11 Version 24H2

https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5055523

Windows Admin Center version

Windows Admin Center in Azure Portal version

Windows App Client for Windows Desktop version

https://msrc.microsoft.com/update-guide/

Windows Server 2008 R2 Service Pack 1 with Service Pack 1 version

https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5055561

https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5055570

Windows Server 2008 Service Pack 2 editions

https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5055609

https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5055596

Windows Server 2012 editions

https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5055581

Windows Server 2012 R2 editions

https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5055557

https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5055515

Windows Server 2016 editions

https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5055521

Windows Server 2019 editions

https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5055519

Windows Server 2022 editions

https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5055526

Windows Server 2022, 23H2 Edition

https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5055527

Windows Server 2025 editions

https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5055523

Tags:
Previous Post

Next Post