Microsoft Flags Six Active Zero-Days, Patches 57 Flaws: Patch Tuesday

For the second month in a row, Microsoft’s Patch Tuesday updates landed with warnings that a half-dozen Windows security defects have already been exploited in the wild.

Redmond’s security response team slapped “exploitation detected” tags on six of the 57 security vulnerabilities patched this month and pushed Windows admins to prioritize another large batch of code execution flaws.

The latest exploited zero-days were addressed in the Microsoft Management Console, Windows NTFS, the Fast FAT File System Driver, and the Win32 Kernel Subsystem.

According to Microsoft documentation, the exploited bugs allow security features bypass, remote code execution, privilege escalate via memory corruption issues.

Here’s a list of the exploited zero-days:

• CVE-2025-26633 — Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally. In an email or instant message attack scenario, the attacker could send the targeted user a specially crafted file or website ...