Alert GCSA-25034 - Microsoft Monthly Security Update - marzo 2025
******************************************************************
Alert ID: GCSA-25034
data: 12 marzo 2025
titolo: Microsoft Monthly Security Update - marzo 2025
******************************************************************
:: Descrizione del problema
Microsoft ha pubblicato il security update per il mese di marzo 2025.
Con questa release vengono risolte 57 vulnerabilita',
delle quali 6 sono di tipo zero-day ed in corso di sfruttamento:
CVE-2025-24983 (CVSS 7.0) Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2025-24983
CVE-2025-24984 (CVSS 4.6) Windows NTFS Information Disclosure Vulnerability
http://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2025-24984
CVE-2025-24985 (CVSS 7.8) Windows Fast FAT File System Driver Remote Code Execution Vulnerability
http://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2025-24985
CVE-2025-24991 (CVSS 5.5) Windows NTFS Information Disclosure Vulnerability
http://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2025-24991
CVE-2025-24993 (CVSS 7.8) Windows NTFS Remote Code Execution Vulnerability
http://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2025-24993
CVE-2025-26633 (CVSS 7.0) Microsoft Management Console Security Feature Bypass Vulnerability
http://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2025-26633
Maggiori dettagli sono disponibili alla sezione "Riferimenti".
:: Software / Tecnologie interessate
Windows
Microsoft Office
Azure
Extended Security Updates (ESU)
Developer Tools
Browser
:: Impatto
Denial of Service (DoS)
Esecuzione remota di codice arbitrario (RCE)
Acquisizione di privilegi piu' elevati (EoP)
Bypass delle funzionalita' di sicurezza (SFB)
Rivelazione di informazioni (ID)
Spoofing (Provide Misleading Information)
:: Soluzioni
In Windows per default gli aggiornamenti avvengono in maniera automatica.
Per verificare manualmente la disponibilita' di aggiornamenti scegliere
Start > Impostazioni > Aggiornamento e Sicurezza > Windows Update
Verificare di aver installato la versione piu' recente del
Servicing Stack Updates
https://msrc.microsoft.com/update-guide/vulnerability/ADV990001
https://docs.microsoft.com/it-it/windows/deployment/update/servicing-stack-updates
MSRC Security Update Guide
https://msrc.microsoft.com/update-guide/deployments
Windows Update domande frequenti
https://support.microsoft.com/en-us/help/12373/windows-update-faq
Gli aggiornamenti sono disponibili anche tramite il catalogo di Microsoft Update
https://www.catalog.update.microsoft.com/Search.aspx?q=2025%20Security%20Updates%20
:: Riferimenti
Microsoft Security Updates - Release Notes
https://msrc.microsoft.com/update-guide/releaseNote/2025-Mar
https://msrc.microsoft.com/update-guide
Microsoft Security Update Guidance
https://portal.msrc.microsoft.com/en-us/security-guidance
BleepingComputer
https://www.bleepingcomputer.com/news/microsoft/microsoft-march-2025-patch-tuesday-fixes-7-zero-days-57-flaws/
https://www.bleepingcomputer.com/news/microsoft/microsoft-patches-windows-kernel-zero-day-exploited-since-2023/
Krebs on Security
https://krebsonsecurity.com/2025/03/microsoft-6-zero-days-in-march-2025-patch-tuesday/
SANS Internet Storm Center
https://isc.sans.edu/diary/rss/31756
SecurityWeek
https://www.securityweek.com/patch-tuesday-microsoft-patches-57-flaws-flags-six-active-zero-days/
https://www.securityweek.com/newly-patched-windows-zero-day-exploited-for-two-years/
The Hacker News
https://thehackernews.com/2025/03/urgent-microsoft-patches-57-security.html
Cyber Security News
https://cybersecuritynews.com/microsoft-march-2025-patch-tuesday/
https://cybersecuritynews.com/cisa-warns-of-microsoft-windows-management-console-mmc-vulnerability/
https://cybersecuritynews.com/windows-remote-desktop-services-code-vulnerability/
https://cybersecuritynews.com/cisa-warns-of-windows-ntfs-vulnerability-exploited/
Mitre CVE
I riferimenti CVE sono disponibili nell'advisory originale.
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iGsEAREIACsWIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCZ9Hr2A0cY2VydEBnYXJy
Lml0AAoJEMGcTJNlEmBCIKMAn1hQAjuSkGqZScoaCXJn6iFe3HbSAJ4vHq5LLVXo
rFWASUGUH6yxC0Knkg==
=roup
-----END PGP SIGNATURE-----
Alert ID: GCSA-25034
data: 12 marzo 2025
titolo: Microsoft Monthly Security Update - marzo 2025
******************************************************************
:: Descrizione del problema
Microsoft ha pubblicato il security update per il mese di marzo 2025.
Con questa release vengono risolte 57 vulnerabilita',
delle quali 6 sono di tipo zero-day ed in corso di sfruttamento:
CVE-2025-24983 (CVSS 7.0) Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2025-24983
CVE-2025-24984 (CVSS 4.6) Windows NTFS Information Disclosure Vulnerability
http://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2025-24984
CVE-2025-24985 (CVSS 7.8) Windows Fast FAT File System Driver Remote Code Execution Vulnerability
http://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2025-24985
CVE-2025-24991 (CVSS 5.5) Windows NTFS Information Disclosure Vulnerability
http://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2025-24991
CVE-2025-24993 (CVSS 7.8) Windows NTFS Remote Code Execution Vulnerability
http://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2025-24993
CVE-2025-26633 (CVSS 7.0) Microsoft Management Console Security Feature Bypass Vulnerability
http://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2025-26633
Maggiori dettagli sono disponibili alla sezione "Riferimenti".
:: Software / Tecnologie interessate
Windows
Microsoft Office
Azure
Extended Security Updates (ESU)
Developer Tools
Browser
:: Impatto
Denial of Service (DoS)
Esecuzione remota di codice arbitrario (RCE)
Acquisizione di privilegi piu' elevati (EoP)
Bypass delle funzionalita' di sicurezza (SFB)
Rivelazione di informazioni (ID)
Spoofing (Provide Misleading Information)
:: Soluzioni
In Windows per default gli aggiornamenti avvengono in maniera automatica.
Per verificare manualmente la disponibilita' di aggiornamenti scegliere
Start > Impostazioni > Aggiornamento e Sicurezza > Windows Update
Verificare di aver installato la versione piu' recente del
Servicing Stack Updates
https://msrc.microsoft.com/update-guide/vulnerability/ADV990001
https://docs.microsoft.com/it-it/windows/deployment/update/servicing-stack-updates
MSRC Security Update Guide
https://msrc.microsoft.com/update-guide/deployments
Windows Update domande frequenti
https://support.microsoft.com/en-us/help/12373/windows-update-faq
Gli aggiornamenti sono disponibili anche tramite il catalogo di Microsoft Update
https://www.catalog.update.microsoft.com/Search.aspx?q=2025%20Security%20Updates%20
:: Riferimenti
Microsoft Security Updates - Release Notes
https://msrc.microsoft.com/update-guide/releaseNote/2025-Mar
https://msrc.microsoft.com/update-guide
Microsoft Security Update Guidance
https://portal.msrc.microsoft.com/en-us/security-guidance
BleepingComputer
https://www.bleepingcomputer.com/news/microsoft/microsoft-march-2025-patch-tuesday-fixes-7-zero-days-57-flaws/
https://www.bleepingcomputer.com/news/microsoft/microsoft-patches-windows-kernel-zero-day-exploited-since-2023/
Krebs on Security
https://krebsonsecurity.com/2025/03/microsoft-6-zero-days-in-march-2025-patch-tuesday/
SANS Internet Storm Center
https://isc.sans.edu/diary/rss/31756
SecurityWeek
https://www.securityweek.com/patch-tuesday-microsoft-patches-57-flaws-flags-six-active-zero-days/
https://www.securityweek.com/newly-patched-windows-zero-day-exploited-for-two-years/
The Hacker News
https://thehackernews.com/2025/03/urgent-microsoft-patches-57-security.html
Cyber Security News
https://cybersecuritynews.com/microsoft-march-2025-patch-tuesday/
https://cybersecuritynews.com/cisa-warns-of-microsoft-windows-management-console-mmc-vulnerability/
https://cybersecuritynews.com/windows-remote-desktop-services-code-vulnerability/
https://cybersecuritynews.com/cisa-warns-of-windows-ntfs-vulnerability-exploited/
Mitre CVE
I riferimenti CVE sono disponibili nell'advisory originale.
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iGsEAREIACsWIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCZ9Hr2A0cY2VydEBnYXJy
Lml0AAoJEMGcTJNlEmBCIKMAn1hQAjuSkGqZScoaCXJn6iFe3HbSAJ4vHq5LLVXo
rFWASUGUH6yxC0Knkg==
=roup
-----END PGP SIGNATURE-----