Microsoft has released updates to address vulnerabilities in Microsoft software. Microsoft has fixed multiple security vulnerabilities with Microsoft's May 2025 Patch Tuesday.

Of the fixed vulnerabilities: 17 are elevation of privilege vulnerabilities, 2 are security feature bypass vulnerabilities, 28 are remote code execution vulnerabilities, 15 are information disclosure vulnerabilities, 7 are denial of service vulnerabilities, 2 are spoofing vulnerabilities.

This month's Patch Tuesday includes fixes for five zero-day vulnerabilities:

• CVE-2025-30400 - Microsoft DWM Core Library Elevation of Privilege Vulnerability;
• CVE-2025-32701 - Windows Common Log File System Driver Elevation of Privilege Vulnerability;
• CVE-2025-32706 - Windows Common Log File System Driver Elevation of Privilege Vulnerability;
• CVE-2025-32709 - Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability;
• CVE-2025-30397 - Scripting Engine Memory Corruption Vulnerability.

More information on vulnerabilities and updates is available in the Microsoft’s May 2025 Security Updates page – microsoft.com.

Source: bleepingcomputer.com