Alert GCSA-25034 - Microsoft Monthly Security Update - marzo 2025


******************************************************************

Alert ID: GCSA-25034
data: 12 marzo 2025
titolo: Microsoft Monthly Security Update - marzo 2025

******************************************************************

:: Descrizione del problema

Microsoft ha pubblicato il security update per il mese di marzo 2025.
Con questa release vengono risolte 57 vulnerabilita',
delle quali 6 sono di tipo zero-day ed in corso di sfruttamento:

CVE-2025-24983 (CVSS 7.0) Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2025-24983

CVE-2025-24984 (CVSS 4.6) Windows NTFS Information Disclosure Vulnerability
http://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2025-24984

CVE-2025-24985 (CVSS 7.8) Windows Fast FAT File System Driver Remote Code Execution Vulnerability
http://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2025-24985

CVE-2025-24991 (CVSS 5.5) Windows NTFS Information Disclosure Vulnerability
http://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2025-24991

CVE-2025-24993 (CVSS 7.8) Windows NTFS Remote Code Execution Vulnerability
http://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2025-24993

CVE-2025-26633 (CVSS 7.0) Microsoft Management Console Security Feature Bypass Vulnerability
http://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2025-26633

Maggiori dettagli sono disponibili alla sezione "Riferimenti".


:: Software / Tecnologie interessate

Windows
Microsoft Office
Azure
Extended Security Updates (ESU)
Developer Tools
Browser


:: Impatto

Denial of Service (DoS)
Esecuzione remota di codice arbitrario (RCE)
Acquisizione di privilegi piu' elevati (EoP)
Bypass delle funzionalita' di sicurezza (SFB)
Rivelazione di informazioni (ID)
Spoofing (Provide Misleading Information)


:: Soluzioni

In Windows per default gli aggiornamenti avvengono in maniera automatica.

Per verificare manualmente la disponibilita' di aggiornamenti scegliere
Start > Impostazioni > Aggiornamento e Sicurezza > Windows Update

Verificare di aver installato la versione piu' recente del

Servicing Stack Updates
https://msrc.microsoft.com/update-guide/vulnerability/ADV990001
https://docs.microsoft.com/it-it/windows/deployment/update/servicing-stack-updates

MSRC Security Update Guide
https://msrc.microsoft.com/update-guide/deployments

Windows Update domande frequenti
https://support.microsoft.com/en-us/help/12373/windows-update-faq

Gli aggiornamenti sono disponibili anche tramite il catalogo di Microsoft Update
https://www.catalog.update.microsoft.com/Search.aspx?q=2025%20Security%20Updates%20


:: Riferimenti

Microsoft Security Updates - Release Notes
https://msrc.microsoft.com/update-guide/releaseNote/2025-Mar
https://msrc.microsoft.com/update-guide

Microsoft Security Update Guidance
https://portal.msrc.microsoft.com/en-us/security-guidance

BleepingComputer
https://www.bleepingcomputer.com/news/microsoft/microsoft-march-2025-patch-tuesday-fixes-7-zero-days-57-flaws/
https://www.bleepingcomputer.com/news/microsoft/microsoft-patches-windows-kernel-zero-day-exploited-since-2023/

Krebs on Security
https://krebsonsecurity.com/2025/03/microsoft-6-zero-days-in-march-2025-patch-tuesday/

SANS Internet Storm Center
https://isc.sans.edu/diary/rss/31756

SecurityWeek
https://www.securityweek.com/patch-tuesday-microsoft-patches-57-flaws-flags-six-active-zero-days/
https://www.securityweek.com/newly-patched-windows-zero-day-exploited-for-two-years/

The Hacker News
https://thehackernews.com/2025/03/urgent-microsoft-patches-57-security.html

Cyber Security News
https://cybersecuritynews.com/microsoft-march-2025-patch-tuesday/
https://cybersecuritynews.com/cisa-warns-of-microsoft-windows-management-console-mmc-vulnerability/
https://cybersecuritynews.com/windows-remote-desktop-services-code-vulnerability/
https://cybersecuritynews.com/cisa-warns-of-windows-ntfs-vulnerability-exploited/

Mitre CVE
I riferimenti CVE sono disponibili nell'advisory originale.


GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert

-----BEGIN PGP SIGNATURE-----

iGsEAREIACsWIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCZ9Hr2A0cY2VydEBnYXJy
Lml0AAoJEMGcTJNlEmBCIKMAn1hQAjuSkGqZScoaCXJn6iFe3HbSAJ4vHq5LLVXo
rFWASUGUH6yxC0Knkg==
=roup
-----END PGP SIGNATURE-----