Important Notice: Security vulnerabilities of Microsoft (updated at 12 March 2025)

關於 Microsoft 的安全漏洞通告 (更新於 2025年3月12日)

2025-03-12 ICTO Bulletin / 公告 (Expired/已過期)

資訊安全警示 Information Security Alert

English
中文

To: All Users

As informed by the Cybersecurity Incident Alert and Response Centre (CARIC), Microsoft have recently released its March security update notice, there are 56 vulnerability updates this time.

The updates this time mainly cover the following components: Windows and Windows Components, Office and Office Components, Azure, .NET and Visual Studio, Remote Desktop Services, DNS Server, and Hyper-V Server products vulnerabilities.

Details of the vulnerabilities:

Microsoft Management Console Security Feature Bypass Vulnerability

For more details, please refer to: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-26633

Windows NTFS Information Disclosure Vulnerability

For more details, please refer to: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-24984
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-24991

Windows NTFS Remote Code Execution Vulnerability

For more details, please refer to: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-24993

Windows Fast FAT File System Driver Remote Code Execution Vulnerability

For more details, please refer to: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-24985

Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

For more details, please refer to: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-24983

Windows Remote Desktop Services Remote Code Execution Vulnerability

For more details, please refer to: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-24045
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-24035
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-26645

Windows exFAT File System Remote Code Execution Vulnerability

For more details, please refer to: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-21180

For more details about Microsoft March Updates, please refer to: https://msrc.microsoft.com/update-guide/releaseNote/2025-Mar

If the relevant affected products are used, please install the security updates released by Microsoft as soon as possible.

Reference

Should you have any enquiries, please feel free to contact ICTO Help Desk.

ICTO Help Desk
Location : Room 2085, 2/F, Central Teaching Building (E5), eMap
Telephone : 8822 8600
email : icto.helpdesk@um.edu.mo

Information and Communication Technology Office

各位用戶：

資訊及通訊科技部接獲網絡安全事故預警及應急中心的通知，Microsoft 近日發布了 3月安全更新通告，此次包含了 56個漏洞更新。

此次釋出的更新主要涵蓋了以下組件：Windows and Windows Components, Office and Office Components, Azure, .NET and Visual Studio, Remote Desktop Services, DNS Server, Hyper-V Server 等產品的漏洞。

漏洞詳情: