{"id":3243,"date":"2025-05-14T08:12:18","date_gmt":"2025-05-14T07:12:18","guid":{"rendered":"https:\/\/aegislens.com\/home\/?p=3243"},"modified":"2025-05-14T08:12:18","modified_gmt":"2025-05-14T07:12:18","slug":"crucial-update-microsoft-addresses-5-urgent-zero-day-exploitations-on-patch-tuesday","status":"publish","type":"post","link":"https:\/\/aegislens.com\/home\/crucial-update-microsoft-addresses-5-urgent-zero-day-exploitations-on-patch-tuesday\/","title":{"rendered":"Crucial Update: Microsoft Addresses 5 Urgent Zero-Day Exploitations on Patch Tuesday"},"content":{"rendered":"<p><h2> Microsoft Addresses Five Actively Exploited Zero-Days<\/h2>\n<p> In the latest round of Patch Tuesday, Microsoft has addressed a staggering seventy plus vulnerabilities.<\/p>\n<p>Among these include five zero-days that are currently being actively exploited, as well as two further vulnerabilities that have been disclosed to the public but not yet taken advantage of by cyber criminals.\n<\/p>\n<h3> Details on the Zero-Day Exploits<\/h3>\n<p> Of particular note among the addressed vulnerabilities is CVE-2025-30397, a zero-day associated with Microsoft\u2019s Windows Scripting Engine.<\/p>\n<p>This memory corruption vulnerability has been exploited by attackers to remotely execute malicious code.<\/p>\n<p>The exploit is performed via a specially crafted URL, which, once clicked by the unsuspecting user, opens the door to the attacker, providing them with high level access to the user&#8217;s system.\n<\/p>\n<h3> What Other Vulnerabilities Were Patched?<\/h3>\n<p> Alongside the zero-days, two publicly disclosed vulnerabilities were also patched.<\/p>\n<p>Both of these security issues have the potential to be used for privilege escalation.<\/p>\n<p>While they have been publicly disclosed to the security community, they have not yet been identified as being used within any active exploit campaigns.\n<\/p>\n<h3> How Can You Protect Your Systems?<\/h3>\n<p> To protect your systems effectively, it is recommended that you apply the Microsoft patches as soon as possible.<\/p>\n<p>These patches can be found and downloaded via the Windows Update facility on your Windows desktop.<\/p>\n<p>By promptly updating your systems, you can significantly reduce the risk of falling victim to these vulnerabilities.\n<\/p>\n<h2> References:<\/h2>\n<ol>\n<li><a href=\"https:\/\/www.microsoft.com\/security\/blog\/2025\/05\/14\/microsoft-responds-to-widespread-cyber-attacks-with-security-updates\/\">Microsoft Security Response Centre: Security Update Guide.<\/li>\n<li><a href=\"https:\/\/blogs.technet.microsoft.com\/msrc\/2025\/03\/07\/patch-tuesday-march-2025\/\">Microsoft Security Response Center: Patch Tuesday \u2013 March 2025.<\/li>\n<li><a href=\"https:\/\/www.csoonline.com\/article\/3390824\/patch-tuesday-lowdown-march-2025-edition.html\">CSO Online: Patch Tuesday Lowdown, March 2025 Edition.<\/li>\n<\/ol>\n<h2> Follow-Up Reading:<\/h2>\n<ol>\n<li><a href=\"https:\/\/krebsonsecurity.com\/2025\/05\/microsoft-patch-tuesday-may-2025\/\">Krebs on Security: Microsoft Patch Tuesday, May 2025<\/a><\/li>\n<li><a href=\"https:\/\/www.helpnetsecurity.com\/2025\/05\/07\/microsoft-may-2025-patches\/\">Help Net Security: Microsoft May 2025 Patches<\/a><\/li>\n<li><a href=\"https:\/\/www.zdnet.com\/article\/microsofts-may-2025-patch-tuesday-is-a-big-one\/\">ZDNet: Microsoft&#8217;s May 2025 Patch Tuesday is a big one<\/a><\/li>\n<\/ol>\n<p>Remember, the best defense against cyber attacks is to keep your systems updated and to be aware of the latest cyber threats.<\/p>\n<p>Stay safe, and happy patching!<\/p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Microsoft Addresses Five Actively Exploited Zero-Days In the latest round of Patch Tuesday, Microsoft has<\/p>\n","protected":false},"author":1,"featured_media":3244,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"pmpro_default_level":"","_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[2,5],"tags":[],"class_list":["post-3243","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","category-news","pmpro-has-access"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/posts\/3243","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/comments?post=3243"}],"version-history":[{"count":1,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/posts\/3243\/revisions"}],"predecessor-version":[{"id":3412,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/posts\/3243\/revisions\/3412"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/media\/3244"}],"wp:attachment":[{"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/media?parent=3243"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/categories?post=3243"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/tags?post=3243"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}