- Why neglecting AI ethics is such risky business - and how to do AI right
- You should probably clear your TV cache right now (and why it makes such a big difference)
- This secret Pixel camera feature makes your photos look more vibrant - how to turn it on
- Finally, a battery-powered outdoor camera that gets bright enough for darker spaces
- I tested a smart tracker that's thinner than Apple AirTags - and they're even more versatile
Tripwire Patch Priority Index for March 2025
Tripwire’s March 2025 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Google.
Up first on the list are patches for Microsoft Edge (Chromium-based) and Google Chromium that resolve spoofing, out of bounds read, use after free, and other vulnerabilities.
Next on the list are patches for Microsoft Office, Excel, Word, and Access. These patches resolve 12 remote code execution vulnerabilities.
Next are patches that affect components of the core Windows operating system. These patches resolve over 30 vulnerabilities, including elevation of privilege, information disclosure, and remote code execution vulnerabilities. These vulnerabilities affect Kernel, File Explorer, LSA, USB, RRRAS, Fast FAT File System Driver, NTFS, and various others.
Up next are patches for .NET, Visual Studio, Visual Studio Code, and ASP.NET that resolve 3 elevation of privilege and 1 remote code execution vulnerabilities.
Lastly, administrators should focus on server-side patches for Remote Desktop Services, Hyper-V, DNS Server, and Telephony Server. These patches resolve remote code execution and elevation of privilege vulnerabilities.
| BULLETIN | CVE |
|---|---|
| Chromium and Microsoft Edge (Chromium-based) | CVE-2025-1914, CVE-2025-1915, CVE-2025-1916, CVE-2025-1917, CVE-2025-1918, CVE-2025-1919, CVE-2025-1921, CVE-2025-1922, CVE-2025-1923, CVE-2025-26643 |
| Microsoft Office Word | CVE-2025-24077, CVE-2025-24078, CVE-2025-24079 |
| Microsoft Office Access | CVE-2025-26630 |
| Microsoft Office Excel | CVE-2025-24082, CVE-2025-24081, CVE-2025-24075 |
| Microsoft Office | CVE-2025-24083, CVE-2025-24080, CVE-2025-24057, CVE-2025-26629 |
| Windows | CVE-2025-24071, CVE-2024-9157, CVE-2025-25008, CVE-2025-24072, CVE-2025-26645, CVE-2025-24059, CVE-2025-24046, CVE-2025-24067, CVE-2025-26633, CVE-2025-24061, CVE-2025-24995, CVE-2025-21247, CVE-2025-24044, CVE-2025-24983, CVE-2025-24996, CVE-2025-24054, CVE-2025-24084, CVE-2025-24988, CVE-2025-24987, CVE-2025-24055, CVE-2025-24051, CVE-2025-24997, CVE-2025-24985, CVE-2025-24066, CVE-2025-24994, CVE-2025-24076, CVE-2025-21180, CVE-2025-24992, CVE-2025-24991, CVE-2025-24984, CVE-2025-24993 |
| .NET | CVE-2025-24043 |
| Visual Studio Code | CVE-2025-26631 |
| ASP.NET Core & Visual Studio | CVE-2025-24070, CVE-2025-24998, CVE-2025-25003 |
| Windows Hyper-V | CVE-2025-24048, CVE-2025-24050 |
| Windows Remote Desktop Services | CVE-2025-24045, CVE-2025-24035 |
| Windows Telephony Server | CVE-2025-24056 |
| DNS Server | CVE-2025-24064 |
