- 퓨어스토리지-SK하이닉스, 고성능·에너지 효율 데이터센터 솔루션 개발
- The best password managers for Android of 2025: Expert tested
- I replaced my Shokz with these open-ear headphones that sound just as good (and cost less)
- I've used this tiny, affordable power bank for over a year now - here's why
- This SSD docking station is one of my best investments for my PC - and it's on sale
Tripwire Patch Priority Index for March 2025
Tripwire’s March 2025 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Google.
Up first on the list are patches for Microsoft Edge (Chromium-based) and Google Chromium that resolve spoofing, out of bounds read, use after free, and other vulnerabilities.
Next on the list are patches for Microsoft Office, Excel, Word, and Access. These patches resolve 12 remote code execution vulnerabilities.
Next are patches that affect components of the core Windows operating system. These patches resolve over 30 vulnerabilities, including elevation of privilege, information disclosure, and remote code execution vulnerabilities. These vulnerabilities affect Kernel, File Explorer, LSA, USB, RRRAS, Fast FAT File System Driver, NTFS, and various others.
Up next are patches for .NET, Visual Studio, Visual Studio Code, and ASP.NET that resolve 3 elevation of privilege and 1 remote code execution vulnerabilities.
Lastly, administrators should focus on server-side patches for Remote Desktop Services, Hyper-V, DNS Server, and Telephony Server. These patches resolve remote code execution and elevation of privilege vulnerabilities.
| BULLETIN | CVE |
|---|---|
| Chromium and Microsoft Edge (Chromium-based) | CVE-2025-1914, CVE-2025-1915, CVE-2025-1916, CVE-2025-1917, CVE-2025-1918, CVE-2025-1919, CVE-2025-1921, CVE-2025-1922, CVE-2025-1923, CVE-2025-26643 |
| Microsoft Office Word | CVE-2025-24077, CVE-2025-24078, CVE-2025-24079 |
| Microsoft Office Access | CVE-2025-26630 |
| Microsoft Office Excel | CVE-2025-24082, CVE-2025-24081, CVE-2025-24075 |
| Microsoft Office | CVE-2025-24083, CVE-2025-24080, CVE-2025-24057, CVE-2025-26629 |
| Windows | CVE-2025-24071, CVE-2024-9157, CVE-2025-25008, CVE-2025-24072, CVE-2025-26645, CVE-2025-24059, CVE-2025-24046, CVE-2025-24067, CVE-2025-26633, CVE-2025-24061, CVE-2025-24995, CVE-2025-21247, CVE-2025-24044, CVE-2025-24983, CVE-2025-24996, CVE-2025-24054, CVE-2025-24084, CVE-2025-24988, CVE-2025-24987, CVE-2025-24055, CVE-2025-24051, CVE-2025-24997, CVE-2025-24985, CVE-2025-24066, CVE-2025-24994, CVE-2025-24076, CVE-2025-21180, CVE-2025-24992, CVE-2025-24991, CVE-2025-24984, CVE-2025-24993 |
| .NET | CVE-2025-24043 |
| Visual Studio Code | CVE-2025-26631 |
| ASP.NET Core & Visual Studio | CVE-2025-24070, CVE-2025-24998, CVE-2025-25003 |
| Windows Hyper-V | CVE-2025-24048, CVE-2025-24050 |
| Windows Remote Desktop Services | CVE-2025-24045, CVE-2025-24035 |
| Windows Telephony Server | CVE-2025-24056 |
| DNS Server | CVE-2025-24064 |
