Search

Patch Tuesday – March 2025

Triumvirate Cyber
Mar 11
2 min read

Updated: Mar 12

Sláinte, sysadmins! Microsoft has rolled out security updates for 58 vulnerabilities, including 6 rated as Critical in its March 2025 Patch Tuesday release. Read on to review the details of this month’s patches!

Happy Patch Tuesday! On March 11, 2025, Microsoft released security updates for 58 vulnerabilities across 38 products. This includes 6 vulnerabilities rated as Critical and 52 rated as Important. They've also re-published 10 non-Microsoft CVEs for Edge browser vulnerabilities. A breakdown of the patched vulnerabilities is provided below.

Patch Tuesday March 2025: Security Updates

Critical	# of Vulnerabilities
Microsoft Office	1
Remote Desktop Client	1
Windows Domain Name Service	1
Windows Remote Desktop Services	3
Windows Subsystem for Linux	1
Important	# of Vulnerabilities
.NET	1
ASP.NET Core & Visual Studio	1
Azure Agent Installer	1
Azure Arc	1
Azure CLI	1
Azure PromptFlow	1
Kernel Streaming WOW Thunk Service Driver	1
Microsoft Local Security Authority Server (lsasrv)	1
Microsoft Management Console	1
Microsoft Office	3
Microsoft Office Access	1
Microsoft Office Excel	3
Microsoft Office Word	3
Microsoft Streaming Service	2
Microsoft Windows	2
Role: Windows Hyper-V	2
Visual Studio	2
Visual Studio Code	1
Windows Common Log File System Driver	1
Windows Credential Roaming Service	1
Windows Cross Device Service	2
Windows Cryptographic Services	1
Windows exFAT File System	1
Windows Fast FAT Driver	1
Windows File Explorer	1
Windows Kernel Memory	1
Windows Kernel-Mode Drivers	1
Windows MapUrlToZone	1
Windows Mark of the Web (MOTW)	1
Windows NTFS	4
Windows NTLM	2
Windows Routing and Remote Access Service (RRAS)	1
Windows Telephony Server	1
Windows USB Video Driver	3
Windows Win32 Kernel Subsystem	2

As always, you can find more information on the specifics via the MSRC Security Update Guide at https://msrc.microsoft.com/update-guide/

CMMC in Action: CISA’s Iranian Cyber Threat Alert Reinforces the Case for Implementation

CISA has warned of rising Iranian cyber threats to U.S. organizations. See how their recommendations map to CMMC practices—and how they promote real-world resilience

Patch Tuesday – July 2025

Hopefully you've recovered from the stomach pain from your holiday hot dog eating contest and accompanying sunburn, because Microsoft has published its monthly patches for July 2025! 🌭 This month's updates include fixes for a whopping 145 vulnerabilities—with 14 rated as Critical. Read on to review the details!

CMMC 101 for Small Businesses

Small businesses face unique challenges when it comes to cybersecurity compliance—especially defense contractors preparing for the forthcoming CMMC requirements. Fortunately, we're here to help you make sense of the requirements and get on the path to compliance! Don't worry if you're not the IT expert—this post is designed to help business leaders and senior management understand how CMMC requirements will impact their organizations without getting too far into the bits and

SWFT—or is it SWIFT? The DoD’s New Approach to Software Acquisitions

The new Software Fast Track (SWFT) initiative—referred to by some as SWIFT—aims to streamline DoD software acquisitions while simultaneously making it more secure.

TRIUMVIRATE CYBERSECURITY

Patch Tuesday – March 2025

Patch Tuesday March 2025: Security Updates

Sign up for our newsletter to get exclusive updates

Recent Posts

CMMC in Action: CISA’s Iranian Cyber Threat Alert Reinforces the Case for Implementation

Patch Tuesday – July 2025

CMMC 101 for Small Businesses

SWFT—or is it SWIFT? The DoD’s New Approach to Software Acquisitions

Connect with Us

Navigation

TRIUMVIRATE CYBERSECURITY CONSULTING LLC

© Triumvirate Cybersecurity 2025