Hello All,

Microsoft has released its May 2025 Patch Tuesday updates, addressing over 70 vulnerabilities across Windows and related products. Notably, five of these are zero-day flaws currently being actively exploited, including critical issues in the Windows Common Log File System (CLFS), Desktop Window Manager (DWM), and the Microsoft Scripting Engine.

These vulnerabilities affect all supported versions of Windows 10, 11, and their server counterparts. Exploitation of these flaws can allow attackers to escalate privileges, disable security tools, and potentially gain domain-level access.

Action Required:

Please allow the updates to install on your systems as soon as possible. Delaying these updates increases the risk of compromise, especially given the active exploitation and public proof-of-concept exploits already circulating.

For more details, you can read the full report here: Patch Tuesday, May 2025 Edition – Krebs on Security