Search

Patch Tuesday – April 2025

Triumvirate Cyber
Apr 8
2 min read

In the first set of patches this spring, Microsoft has rolled out security updates for 121 vulnerabilities, including 11 rated as Critical in its Patch Tuesday release for April 2025. Read on to review the details of this month’s patches!

Happy Patch Tuesday! On April 8, 2025, Microsoft released security updates for 121 vulnerabilities across 63 products. Of those, 11 vulnerabilities were rated as Critical and 110 rated as Important. A breakdown of this month's patches is provided below.

Patch Tuesday April 2025: Security Updates

Critical	# of Vulnerabilities
Microsoft Office	4
Microsoft Office Excel	1
Remote Desktop Gateway Service	2
Windows Hyper-V	1
Windows LDAP - Lightweight Directory Access Protocol	2
Windows TCP/IP	1
Important	# of Vulnerabilities
Active Directory Domain Services	1
ASP.NET Core	1
Azure Local	1
Azure Local Cluster	2
Azure Portal Windows Admin Center	1
Dynamics Business Central	1
Microsoft AutoUpdate (MAU)	2
Microsoft Office	4
Microsoft Office Excel	3
Microsoft Office OneNote	1
Microsoft Office SharePoint	2
Microsoft Office Word	3
Microsoft Streaming Service	1
Microsoft Virtual Hard Drive	1
OpenSSH for Windows	1
Outlook for Android	1
Remote Desktop Client	1
RPC Endpoint Mapper Service	1
System Center	1
Visual Studio	2
Visual Studio Code	1
Visual Studio Tools for Applications and SQL Server Management Studio	1
Windows Active Directory Certificate Services	1
Windows BitLocker	1
Windows Bluetooth Service	1
Windows Common Log File System Driver	1
Windows Cryptographic Services	2
Windows Defender Application Control (WDAC)	1
Windows Digital Media	4
Windows DWM Core Library	5
Windows Hello	2
Windows HTTP.sys	1
Windows Installer	1
Windows Kerberos	3
Windows Kernel	2
Windows Kernel Memory	1
Windows Kernel-Mode Drivers	1
Windows LDAP - Lightweight Directory Access Protocol	2
Windows Local Security Authority (LSA)	2
Windows Local Session Manager (LSM)	1
Windows Mark of the Web (MOTW)	1
Windows Media	2
Windows Mobile Broadband	1
Windows NTFS	5
Windows Power Dependency Coordinator	1
Windows Remote Desktop Services	1
Windows Resilient File System (ReFS)	1
Windows Routing and Remote Access Service (RRAS)	8
Windows Secure Channel	2
Windows Security Zone Mapping	1
Windows Shell	1
Windows Standards-Based Storage Management Service	6
Windows Subsystem for Linux	1
Windows Telephony Service	5
Windows Universal Plug and Play (UPnP) Device Host	1
Windows Update Stack	2
Windows upnphost.dll	1
Windows USB Print Driver	1
Windows Virtualization-Based Security (VBS) Enclave	1
Windows Win32K - GRFX	3

As always, you can find more information on the specifics via the MSRC Security Update Guide at https://msrc.microsoft.com/update-guide/

CMMC and the Great Power Competition

Since 2018, U.S. national security strategy has increasingly focused on the Great Power Competition (GPC) — a geopolitical and economic...

Join Us for a CMMC Happy Hour!

Triumvirate Cybersecurity will be hosting a happy hour event at the UDRI Digital Transformation Center on May 28, 2025! Join us to discuss the impacts of CMMC!

Mind the Gap (Assessment): Preparing for CMMC Rollout

Though CMMC has not yet been made a contract requirement, the DoD is already considering contractors’ CMMC readiness when reviewing bids on solicitations. Learn what to expect at every stage of CMMC rollout.