For therefore few patches from Microsoft this month (57), we now have seven zero-days to handle (with a “Patch Now” advice for Home windows) and customary launch schedules for Microsoft Workplace, Microsoft browsers (Edge) and Visible Studio.
Adobe is again with a essential replace for Reader, however it’s not been paired (at the least for now) with a Microsoft patch.
To navigate what’s modified, the crew from Readiness has crafted this convenient infographic detailing the dangers of deploying these updates to every platform. (And right here’s a have a look at the final six months of Patch Tuesday releases.)
Identified points
Microsoft continues to be coping with reported gaming points (Roblox) and has two new identified points for this launch cycle, together with:
- Home windows 11: After putting in the March replace, USB-connected dual-mode printers supporting each USB Print and IPP Over USB could print random textual content, community instructions, and weird characters, usually beginning with “POST /ipp/print HTTP/1.1.” This difficulty could be mitigated utilizing Identified Situation Rollback (KIR).
- Home windows 10: After putting in Home windows updates from Jan. 14, 2025 or later, the Home windows Occasion Viewer would possibly log an error associated to SgrmBroker.exe as Occasion 7023, although this doesn’t set off any seen notifications. This error happens as a result of the System Guard Runtime Monitor Dealer Service, initially a part of Microsoft Defender and not in use, conflicts with the replace throughout initialization. In accordance with Microsoft, this reported difficulty doesn’t affect system efficiency, performance, or safety, because the service is already disabled in different supported Home windows variations.
Following earlier experiences of Citrix-related replace points, gadgets with Citrix Session Recording Agent (SRA) model 2411 might (nonetheless) be unable to finish the set up of the January 2025 Home windows safety replace, inflicting the system to revert to earlier updates after a restart. Affected gadgets would possibly initially obtain and apply the replace, however an error message stating “One thing didn’t go as deliberate” seems throughout set up. This difficulty is predicted to have an effect on solely a restricted variety of organizations, as model 2411 of SRA is newly launched, and residential customers are usually not affected. Don’t rely on this difficulty being fastened quickly, of us.
Main revisions and mitigations
Microsoft has not launched or documented any mitigations or workarounds for the present set of updates. As of now, the next Chromium patches have been revised and re-released:
- CVE-2025-1920: Sort Confusion in V8 (Chromium)
- CVE-2025-2135: Sort Confusion in V8 (Chromium)
- CVE-2025-2136: Use After Free in Inspector (Chromium)
- CVE-2025-2137: Out of Bounds Learn in V8 (Chromium)
- CVE-2025-24201: Out of Bounds Write in GPU on Mac (Chromium)
Home windows lifecycle and enforcement updates
Microsoft is retiring a number of merchandise this month:
- Microsoft SQL Server 2019, which ended mainstream assist on Feb. 28.
- Microsoft Skype, which shall be terminated (with prejudice) in Could.
- Home windows Distant Desktop , which shall be changed subsequent month with the Home windows App. (Word: there are nonetheless some lacking options and a number of identified points reported on this launch.)
Over the subsequent few weeks, a number of Microsoft merchandise are scheduled to succeed in their end-of-life (EOL), and can not obtain safety updates, non-security updates, or technical assist together with:
- April 2, 2025: Dynamics 365 Enterprise Central on-premises (2023 launch wave 2, model 23.x).
- April 8, 2025: Dynamics GP 2015/Dynamics GP 2015 R2.
- April 9, 2025: Microsoft Configuration Supervisor, Model 2309.
Every month, the Readiness crew analyzes the most recent Patch Tuesday updates and gives detailed, actionable testing steering primarily based on a big software portfolio and a complete evaluation of the patches and their potential affect on Home windows and software deployments.
For this launch cycle, there aren’t any reported practical modifications. Nonetheless, function stage testing will nonetheless be required, particularly for system drivers and core libraries. As a consequence of these low-level system (kernel) modifications, a full reboot/restart take a look at shall be required for all Home windows UI parts together with Explorer, desktop shell and Web Explorer.
We’ve grouped the essential updates and required testing efforts into completely different practical areas, together with:
File System elements
- Frequent Log File System: Take a look at by making a BLF and a number of container recordsdata, appending logs utilizing `ReserveAndAppendLog,` after which deleting the containers.
- Core System drivers (ntfs.sys, exfat.sys & fastfat.sys): Take a look at mounting, dismounting, and performing file operations on ExFAT volumes.
Networking and distant companies
- If utilizing a Routing and Distant Entry Service (RRAS) server, take a look at `netsh` eventualities to substantiate instructions work as anticipated.
- FAX: Validate TAPI initialization, shutdown, and key capabilities like `lineInitialize` and `lineMakeCall.` Stress take a look at for stability and error dealing with.
Storage and gadget interplay
- Concentrate on storage subsystem checks, together with operations on digital/bodily disks and storage enclosures.
- Take a look at how Search Connector recordsdata work together with varied community paths (UNC, SMB, and file system paths).
- Validate all camera-related eventualities.
Audio, video and UI elements
- Confirm audio/video recording with inside and exterior gadgets.
- Take a look at apps like Groups and Digital camera that use digital options (for instance, Cellphone Hyperlink, Home windows Studio Results).
Affected Variations for this replace cycle embody the next Home windows desktop and server builds:
- Home windows 11 24H2, 23H2, 22H2, Home windows 10 1607, Home windows 10 RTM.
- Home windows Server 23H2, Azure Stack OS 22H2, Home windows Server 2022
Every month, we break down the replace cycle into product households (as outlined by Microsoft) with the next fundamental groupings:
- Browsers (Microsoft IE and Edge)
- Microsoft Home windows (each desktop and server)
- Microsoft Workplace
- Microsoft Change and SQL Server
- Microsoft Developer Instruments (Visible Studio and .NET)
- Adobe (if you happen to get this far)
Browsers
Microsoft launched 10 low-profile (no ranking) updates to its Chromium-based Edge browser. These modifications could be added to your customary launch calendar.
Microsoft Home windows
The next Home windows product areas have been up to date with 5 essential patches and 32 others rated vital for this month’s cycle:
- CVE-2025-24035: Home windows Distant Desktop Providers Distant Code Execution Vulnerability
- CVE-2025-24064: Home windows Area Identify Service Distant Code Execution Vulnerability
- CVE-2025-24084: Home windows Subsystem for Linux (WSL2) Kernel Distant Code Execution Vulnerability
- CVE-2025-26645: Distant Desktop Consumer Distant Code Execution Vulnerability
Sadly, three of those updates (CVE-2025-24984, CVE-2025-24984 and CVE-2025-24984) have been reported as exploited. Add these Home windows updates to your “Patch Now” schedule.
Microsoft Workplace
Microsoft launched a single essential replace (CVE-2025-24057) and 10 patches rated vital for the Workplace platform. All the vital updates have an effect on Microsoft Phrase, Excel and Entry with no experiences of disclosures or exploitation. Add these Microsoft Workplace updates to your customary launch calendar.
Microsoft Change and SQL Server
There have been no updates for both Microsoft Change or SQL Server this March replace cycle.
Developer instruments
Microsoft launched 5 patches, all rated vital, that have an effect on Microsoft Visible studio and ASP.NET. Add these updates to your customary developer launch schedule.
Adobe (and third-party updates)
This month, Adobe launched a safety replace (APSB25-14) for Acrobat and Reader for Home windows and macOS that addresses six essential and three vital vulnerabilities. Profitable exploitation might result in arbitrary code execution and reminiscence leak. Adobe just isn’t conscious of any exploits within the wild for any of the problems. For some cause this replace was not included on this Microsoft patch cycle. Perhaps that’s correctly.
