Patch Tuesday: Microsoft Patches 78 Vulnerabilities, 5 Zero-Day Flaws
techrepublic.comWe may earn from vendors via affiliate links or sponsorships. This might affect product placement on our site, but not the content of our reviews. See our Terms of Use for details.
Microsoft’s May Patch Tuesday security update addressed 78 flaws, including five actively exploited zero-day flaws. Two additional zero-day vulnerabilities were publicly disclosed before patches became available.
Five flaws have been exploited in the wild
Microsoft has detected exploitation of five flaws:
- CVE-2025-30397, an exploit in Microsoft Edge’s Internet Explorer mode.
- CVE-2025-30400, an elevation of privilege bug in the Desktop Window Manager (DWM) Core Library for Windows.
- CVE-2025-32701
- CVE-2-25-32706
- CVE-2025-32709, an elevation of privilege flaw in afd.sys.
Two of these, CVE-2025-32701 and CVE-2025-32706, stem from two bugs in the Windows Common Log File System (CLFS) driver. The driver is a component for logging services and is used in all supported versions of Windows 10 and 11 ...
Copyright of this story solely belongs to techrepublic.com . To see the full text click HERE