Techly NewsGet the app

Get the latest tech news

Patch Tuesday: Microsoft fixes 5 actively exploited zero-days


Microsoft pushed out security fixes for 70+ vulnerabilities, among them five actively exploited zero-days and two publicly disclosed bugs.

In addition, authentication on the client side is required and the potential target would need to click on a specially crafted link from the attacker,” noted Satnam Narang, senior staff research engineer at Tenable. “In the past, these types of bugs were used by ransomware gangs, so it’s likely these are as well,” says Dustin Childs, head of threat awareness at Trend Micro’s Zero Day Initiative, and advised admins to test the patches and deploy them quickly. CVE-2025-32709 in Windows Ancillary Function Driver for WinSock and CVE-2025-30400 in Microsoft DWM Core Library have also been exploited by attackers to escalate their privileges on vulnerable machines and should be remediated quickly.

Get the Android app

Or read this on r/technology

Read more on:

Photo of Microsoft

Microsoft

Photo of Days

Days

Photo of tuesday

tuesday

Related news:

News photo

Apple patched one first, but Microsoft’s blasted five exploited flaws this Pa-Tu

News photo

Microsoft boots 3% of staff in latest cull, middle managers first in line

News photo

Ivanti fixes EPMM zero-days chained in code execution attacks

« A Ripe Target For Identity Thieves: Prisoners on Death Row
Writing that changed how I think about programming languages »