Overview

• Microsoft's May 2025 Patch Tuesday release includes 78 fixes, with five zero-day vulnerabilities confirmed to be under active exploitation.
• The exploited flaws, affecting Windows 10, 11, and Server since 2019, enable remote code execution or privilege escalation to SYSTEM or administrator levels.
• Key vulnerabilities include CVE-2025-30397, a scripting engine flaw allowing remote code execution, and CVE-2025-32709, which grants attackers admin privileges via a WinSock driver exploit.
• Security experts emphasize prioritizing these updates despite their 'important' CVSS ratings, citing real-world risks and active exploitation.
• Other major vendors, including Adobe, Apple, and SAP, have also released concurrent patches, reflecting the broader ecosystem's response to security threats.