March Patch Tuesday
GoIvanti
346 views
42 slides
Mar 12, 2025
Slide 1 of 42
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
About This Presentation
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There ...
Slide Content
Hosted by Chris Goettland Todd Schell
Patch Tuesday Webinar
Wednesday, March 12, 2025
Patch Tuesday Webinar
Wednesday, March 12, 2025
Copyright © 2025Ivanti. All rights reserved. 2
Agenda
▪March 2025 Patch Tuesday Overview
▪In the News
▪Bulletins and Releases
▪Between Patch Tuesdays
▪Q & A
Agenda
▪March 2025 Patch Tuesday Overview
▪In the News
▪Bulletins and Releases
▪Between Patch Tuesdays
▪Q & A
Copyright © 2025Ivanti. All rights reserved. 3
At first glance March Patch Tuesday looks like a lamb,
but this lamb might have the teeth of a lion. The
standard lineup of updates resolved 57 CVEs across
the Windows OS, Office, .Net and Visual Studio, with a
couple of Azure component updates in the mix. A
Google Chrome update lead into Patch Tuesday (March
10 update), and Adobe released seven updates
including Adobe Acrobat and Acrobat Reader.
Now let’s talk teeth. There are 6 known exploited CVEs
in the Windows OS and 1 exploit in Chrome on Mac this
month.
For more details check out thismonth's Patch Tuesday
blog.
March Patch Tuesday 2025
At first glance March Patch Tuesday looks like a lamb,
but this lamb might have the teeth of a lion. The
standard lineup of updates resolved 57 CVEs across
the Windows OS, Office, .Net and Visual Studio, with a
couple of Azure component updates in the mix. A
Google Chrome update lead into Patch Tuesday (March
10 update), and Adobe released seven updates
including Adobe Acrobat and Acrobat Reader.
Now let’s talk teeth. There are 6 known exploited CVEs
in the Windows OS and 1 exploit in Chrome on Mac this
month.
For more details check out thismonth's Patch Tuesday
blog.
March Patch Tuesday 2025
Copyright © 2025 Ivanti. All rights reserved. 4
In the News
In the News
Copyright © 2025 Ivanti. All rights reserved. 5
In the News
▪Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks
▪And two other exploited vulns: CVE-2025-24085andCVE-2025-24200
▪Microsoft: 6 Zero-Days in March 2025 Patch Tuesday
▪Managing Microsoft Product EOLs
▪April Patch Tuesday
▪Move from Skype to Teams
▪Deprecation of WSUS driver synchronization
▪October Patch Tuesday
▪Exchange Server 2016 and 2019 Migration
▪Windows 10 and ESU
In the News
▪Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks
▪And two other exploited vulns: CVE-2025-24085andCVE-2025-24200
▪Microsoft: 6 Zero-Days in March 2025 Patch Tuesday
▪Managing Microsoft Product EOLs
▪April Patch Tuesday
▪Move from Skype to Teams
▪Deprecation of WSUS driver synchronization
▪October Patch Tuesday
▪Exchange Server 2016 and 2019 Migration
▪Windows 10 and ESU
Copyright © 2025 Ivanti. All rights reserved. 6
CVE-2025-24985
Severity: Important
CVSS: 7.8
Fast FAT RCE
exploit using USB
and mounting a
VHD
CVE-2025-24984
Severity: Important
CVSS: 4.6
NTFS Info
Disclosure required
user to plug in
malicious USB
stick
Read heap memory
to grab sensitive
data
CVE-2025-24991
Severity: Important
CVSS: 5.5
NTFS Info
Disclosure to grab
sensitive data out
of heap memory
Needed to mount
VHD to trigger
CVE-2025-24993
Severity: Important
CVSS: 7.8
Needed to mount
VHD to execute
Final step to
execute remote
code on the system
Why a Risk-based perspective is Critical
Disclaimer: This is a hypothetical situation. How chaining multiple CVEs makes them more
dangerous than the CVE metrics reflect.
CVE-2025-24985
Severity: Important
CVSS: 7.8
Fast FAT RCE
exploit using USB
and mounting a
VHD
CVE-2025-24984
Severity: Important
CVSS: 4.6
NTFS Info
Disclosure required
user to plug in
malicious USB
stick
Read heap memory
to grab sensitive
data
CVE-2025-24991
Severity: Important
CVSS: 5.5
NTFS Info
Disclosure to grab
sensitive data out
of heap memory
Needed to mount
VHD to trigger
CVE-2025-24993
Severity: Important
CVSS: 7.8
Needed to mount
VHD to execute
Final step to
execute remote
code on the system
Why a Risk-based perspective is Critical
Disclaimer: This is a hypothetical situation. How chaining multiple CVEs makes them more
dangerous than the CVE metrics reflect.
Copyright © 2025 Ivanti. All rights reserved. 7
▪CVE-2025-24983 Win32 Kernel Subsystem Elevation of Privilege Vulnerability
▪CVSS 3.1 Scores: 7.0 / 6.5
▪Severity: Important
▪Impact: Elevation of Privilege
▪Affected Systems: Windows 10, Windows 10 version 1607, and Windows Server 2106 operating systems
▪Per Microsoft: Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate
privileges locally. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.
▪CVE-2025-24984 NTFS Information Disclosure Vulnerability
▪CVSS 3.1 Scores: 4.6 / 4.3
▪Severity: Important
▪Impact: Information Disclosure
▪Affected Systems: All currently supported versions of Windows and Windows Server operating systems
▪Per Microsoft: Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to
disclose information with a physical attack. Physical access to the target computer is required to plug in a
malicious USB drive.
Known Exploited Vulnerabilities
▪CVE-2025-24983 Win32 Kernel Subsystem Elevation of Privilege Vulnerability
▪CVSS 3.1 Scores: 7.0 / 6.5
▪Severity: Important
▪Impact: Elevation of Privilege
▪Affected Systems: Windows 10, Windows 10 version 1607, and Windows Server 2106 operating systems
▪Per Microsoft: Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate
privileges locally. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.
▪CVE-2025-24984 NTFS Information Disclosure Vulnerability
▪CVSS 3.1 Scores: 4.6 / 4.3
▪Severity: Important
▪Impact: Information Disclosure
▪Affected Systems: All currently supported versions of Windows and Windows Server operating systems
▪Per Microsoft: Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to
disclose information with a physical attack. Physical access to the target computer is required to plug in a
malicious USB drive.
Known Exploited Vulnerabilities
Copyright © 2025 Ivanti. All rights reserved. 8
▪CVE-2025-24985 Fast FAT File System Driver Remote Code Execution Vulnerability
▪CVSS 3.1 Scores: 7.1 / 6.6
▪Severity: Important
▪Impact: Remote Code Execution
▪Affected Systems: All currently supported versions of Windows and Windows Server operating systems
▪Per Microsoft: Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to
execute code locally. Attacker or victim needs to execute code from the local machine to exploit the vulnerability.
▪CVE-2025-24991 NTFS Information Disclosure Vulnerability
▪CVSS 3.1 Scores: 5.5 / 5.1
▪Severity: Important
▪Impact: Information Disclosure
▪Affected Systems: All currently supported versions of Windows and Windows Server operating systems
▪Per Microsoft: Out-of-bounds read in Windows NTFS allows an authorized attacker to disclose information
locally. An attacker who successfully exploited this vulnerability could potentially read small portions of heap
memory.
Known Exploited Vulnerabilities (cont)
▪CVE-2025-24985 Fast FAT File System Driver Remote Code Execution Vulnerability
▪CVSS 3.1 Scores: 7.1 / 6.6
▪Severity: Important
▪Impact: Remote Code Execution
▪Affected Systems: All currently supported versions of Windows and Windows Server operating systems
▪Per Microsoft: Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to
execute code locally. Attacker or victim needs to execute code from the local machine to exploit the vulnerability.
▪CVE-2025-24991 NTFS Information Disclosure Vulnerability
▪CVSS 3.1 Scores: 5.5 / 5.1
▪Severity: Important
▪Impact: Information Disclosure
▪Affected Systems: All currently supported versions of Windows and Windows Server operating systems
▪Per Microsoft: Out-of-bounds read in Windows NTFS allows an authorized attacker to disclose information
locally. An attacker who successfully exploited this vulnerability could potentially read small portions of heap
memory.
Known Exploited Vulnerabilities (cont)
Copyright © 2025 Ivanti. All rights reserved. 9
▪CVE-2025-24993 NTFS Remote Code Execution Vulnerability
▪CVSS 3.1 Scores: 7.8 / 7.2
▪Severity: Important
▪Impact: Remote Code Execution
▪Affected Systems: All currently supported versions of Windows and Windows Server operating systems
▪Per Microsoft: Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code
locally. An attacker or victim needs to execute code from the local machine to exploit the vulnerability.
▪CVE-2025-26633 Microsoft Management Console Security Feature Bypass Vulnerability
▪CVSS 3.1 Scores: 7.0 / 6.5
▪Severity: Important
▪Impact: Security Feature Bypass
▪Affected Systems: All currently supported versions of Windows and Windows Server operating systems
▪Per Microsoft: Improper neutralization in Microsoft Management Console allows an unauthorized attacker to
bypass a security feature locally. Exploitation of the vulnerability requires that a user open a specially crafted file.
Known Exploited Vulnerabilities (cont)
▪CVE-2025-24993 NTFS Remote Code Execution Vulnerability
▪CVSS 3.1 Scores: 7.8 / 7.2
▪Severity: Important
▪Impact: Remote Code Execution
▪Affected Systems: All currently supported versions of Windows and Windows Server operating systems
▪Per Microsoft: Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code
locally. An attacker or victim needs to execute code from the local machine to exploit the vulnerability.
▪CVE-2025-26633 Microsoft Management Console Security Feature Bypass Vulnerability
▪CVSS 3.1 Scores: 7.0 / 6.5
▪Severity: Important
▪Impact: Security Feature Bypass
▪Affected Systems: All currently supported versions of Windows and Windows Server operating systems
▪Per Microsoft: Improper neutralization in Microsoft Management Console allows an unauthorized attacker to
bypass a security feature locally. Exploitation of the vulnerability requires that a user open a specially crafted file.
Known Exploited Vulnerabilities (cont)
Copyright © 2025 Ivanti. All rights reserved. 10
▪CVE-2025-26630 Microsoft Access Remote Code Execution Vulnerability
▪CVSS 3.1 Scores: 7.8 / 6.8
▪Severity: Important
▪Impact: Remote Code Execution
▪Affected Systems: Microsoft Access 2016, Microsoft 365 Apps, Office 2019, Office LTSC 2021 and Office
LTSC 2024
▪Per Microsoft: Use after free in Microsoft Office Access allows an unauthorized attacker to execute code
locally. A user needs to be tricked into running malicious files. The Preview Pane is not an attack vector.
Publicly Disclosed Vulnerability
▪CVE-2025-26630 Microsoft Access Remote Code Execution Vulnerability
▪CVSS 3.1 Scores: 7.8 / 6.8
▪Severity: Important
▪Impact: Remote Code Execution
▪Affected Systems: Microsoft Access 2016, Microsoft 365 Apps, Office 2019, Office LTSC 2021 and Office
LTSC 2024
▪Per Microsoft: Use after free in Microsoft Office Access allows an unauthorized attacker to execute code
locally. A user needs to be tricked into running malicious files. The Preview Pane is not an attack vector.
Publicly Disclosed Vulnerability
Copyright © 2025 Ivanti. All rights reserved. 11
Ivanti Secure Access Client (ISAC) Ivanti Neurons for MDM (N-MDM)
Security Advisory: Ivanti
Secure Access Client
(ISAC)
Vulnerability:
•CVE-2025-22454 CVSS: 7.8
Affected Versions:
•22.7R3 and prior
Security Advisory: Ivanti
Neurons for MDM (N-MDM)
Ivanti March Security Updates
Vulnerability:
•An improper check for dropped
privileges allows a remote
authenticated attacker with admin
privileges to retain their session
•Does not meet the criteria for
reserving a CVE number
•CVSS: 6.7
Affected Versions:
•R110 and prior
Special thanks to the security researchers, ethical hackers, and the broader security community for partnering
with us to improve the security of our products.
Ivanti Secure Access Client (ISAC) Ivanti Neurons for MDM (N-MDM)
Security Advisory: Ivanti
Secure Access Client
(ISAC)
Vulnerability:
•CVE-2025-22454 CVSS: 7.8
Affected Versions:
•22.7R3 and prior
Security Advisory: Ivanti
Neurons for MDM (N-MDM)
Ivanti March Security Updates
Vulnerability:
•An improper check for dropped
privileges allows a remote
authenticated attacker with admin
privileges to retain their session
•Does not meet the criteria for
reserving a CVE number
•CVSS: 6.7
Affected Versions:
•R110 and prior
Special thanks to the security researchers, ethical hackers, and the broader security community for partnering
with us to improve the security of our products.
Copyright © 2025 Ivanti. All rights reserved. 12
CVE-2024-50302
CVSS 3: 5.5
Impact: Exists in all series versions of the Kernel
from 3.12 upwards, up to 6.11.8, which includes a fix
▪Active exploitation: Flaw found to be leveraged
in a tool offered by digital intelligence contractor
Cellebrite for unlocking phones – a tool that
ended up being used by Serbian authorities to
unlock confiscated devices. This is added to
CISA’s Known Exploited List.
▪Found in the HID subsystem – now being linked
directly to Android lock security bypass.
▪A report buffer could be used to leak memory
through deliberately crafted report messages.
Could be abused to exploit systems through
malicious drivers or devices.
Mitigation
Always run the most up-to-date version of the kernel
for each particular distribution upon release. This is
just another example of the risk of not doing so.
New and Notable Linux Vulnerabilities: 1
Highlighted by TuxCare
CVE-2024-50302
CVSS 3: 5.5
Impact: Exists in all series versions of the Kernel
from 3.12 upwards, up to 6.11.8, which includes a fix
▪Active exploitation: Flaw found to be leveraged
in a tool offered by digital intelligence contractor
Cellebrite for unlocking phones – a tool that
ended up being used by Serbian authorities to
unlock confiscated devices. This is added to
CISA’s Known Exploited List.
▪Found in the HID subsystem – now being linked
directly to Android lock security bypass.
▪A report buffer could be used to leak memory
through deliberately crafted report messages.
Could be abused to exploit systems through
malicious drivers or devices.
Mitigation
Always run the most up-to-date version of the kernel
for each particular distribution upon release. This is
just another example of the risk of not doing so.
New and Notable Linux Vulnerabilities: 1
Highlighted by TuxCare
Copyright © 2025 Ivanti. All rights reserved. 13
CVE-2025-26465
CVSS 3.1: 6.8
CVE-2025-26466
CVSS 3.1: 5.9
Impact: All Linux distributions
▪Two flaws were disclosed on OpenSSH, affecting
server and client components, through which an
attacker could set up a man-in-the-middle
connection interception undetected by either end.
▪Could otherwise be abused leading to remote
resource starvation on the server, by sending bogus
packets leading to uncontrolled memory
consumption and resulting denial of service.
Mitigation
General: Update to latest available OpenSSH
package at or above v9.5p2
Mitigation for CVE-2025-26465 can be achieved by
setting VerifyHostkeyDNS to “no” on sshd_config.
Mitigation for CVE-2025-26466: some resistance
can be achieved by leveraging LoginGraceTime,
MaxStartups and setting them as low as possible,
while simultaneously setting PerSourcePenalties to
a high value consistent with your environment.
New and Notable Linux Vulnerabilities: 2
Highlighted by TuxCare
CVE-2025-26465
CVSS 3.1: 6.8
CVE-2025-26466
CVSS 3.1: 5.9
Impact: All Linux distributions
▪Two flaws were disclosed on OpenSSH, affecting
server and client components, through which an
attacker could set up a man-in-the-middle
connection interception undetected by either end.
▪Could otherwise be abused leading to remote
resource starvation on the server, by sending bogus
packets leading to uncontrolled memory
consumption and resulting denial of service.
Mitigation
General: Update to latest available OpenSSH
package at or above v9.5p2
Mitigation for CVE-2025-26465 can be achieved by
setting VerifyHostkeyDNS to “no” on sshd_config.
Mitigation for CVE-2025-26466: some resistance
can be achieved by leveraging LoginGraceTime,
MaxStartups and setting them as low as possible,
while simultaneously setting PerSourcePenalties to
a high value consistent with your environment.
New and Notable Linux Vulnerabilities: 2
Highlighted by TuxCare
Copyright © 2025 Ivanti. All rights reserved. 14
Microsoft Patch Tuesday Updates of Interest
Advisory 990001
Latest Servicing Stack Updates (SSU)
▪https://msrc.microsoft.com/update-
guide/en-US/vulnerability/ADV990001
▪Windows 10
▪Windows 10 version 1607 / Server 2016
Azure and Development Tool Updates
▪ASP.NET Core 8.0 & 9.0
▪Azure Arc and CLI
▪Azure Agent Backup and Site Recovery
▪Visual Studio 2017 (15.0 –15.9)
▪Visual Studio 2019 (16.0 –16.11)
▪Visual Studio 2022 (17.8 –17.13)
▪Visual Studio Code
Source: Microsoft
Microsoft Patch Tuesday Updates of Interest
Advisory 990001
Latest Servicing Stack Updates (SSU)
▪https://msrc.microsoft.com/update-
guide/en-US/vulnerability/ADV990001
▪Windows 10
▪Windows 10 version 1607 / Server 2016
Azure and Development Tool Updates
▪ASP.NET Core 8.0 & 9.0
▪Azure Arc and CLI
▪Azure Agent Backup and Site Recovery
▪Visual Studio 2017 (15.0 –15.9)
▪Visual Studio 2019 (16.0 –16.11)
▪Visual Studio 2022 (17.8 –17.13)
▪Visual Studio Code
Source: Microsoft
Copyright © 2025 Ivanti. All rights reserved. 15
Windows 10
and 11 Lifecycle
Awareness
Windows 10 Enterprise and Education
Version Release Date End of Support Date
22H2 10/18/2022 10/14/2025
Windows 10 Home and Pro
Version Release Date End of Support Date
22H2 10/18/2022 10/14/2025
Windows 11 Home and Pro
Version Release Date End of Support Date
24H2 10/1/2024 10/13/2026
23H2 10/31/2023 11/11/2025
Windows 11 Enterprise and Education
Version Release Date End of Support Date
24H2 10/1/2024 10/12/2027
23H2 10/31/2023 11/10/2026
22H2 9/20/2022 10/14/2025
Source: Microsoft
https://docs.microsoft.com/en-us/lifecycle/faq/windows
Windows 10
and 11 Lifecycle
Awareness
Windows 10 Enterprise and Education
Version Release Date End of Support Date
22H2 10/18/2022 10/14/2025
Windows 10 Home and Pro
Version Release Date End of Support Date
22H2 10/18/2022 10/14/2025
Windows 11 Home and Pro
Version Release Date End of Support Date
24H2 10/1/2024 10/13/2026
23H2 10/31/2023 11/11/2025
Windows 11 Enterprise and Education
Version Release Date End of Support Date
24H2 10/1/2024 10/12/2027
23H2 10/31/2023 11/10/2026
22H2 9/20/2022 10/14/2025
Source: Microsoft
https://docs.microsoft.com/en-us/lifecycle/faq/windows
Copyright © 2025 Ivanti. All rights reserved. 16
Microsoft Support Ivanti Support
Windows 10 22H2 reaches EOS Oct 2025
Three years of ESU support
•Year 1 October 15, 2025 – October 13, 2026
•Year 2 October 14, 2026 – October 12, 2027
•Year 3 October 13, 2027 – October 10, 2028
Licensing and Pricing
•Full-year purchase only
•Price doubles each year
•Cloud-based licensing via Windows 365 and
Intune
•5 by 5 licensing via manual key download
Windows 10 Extended Security Updates (ESU)
ESU support based on Microsoft releases
Available for three major patch products
•Neurons for Patch Management
•Endpoint Manager
•Security Controls
Familiar model
•Concurrent with Microsoft support years
•Offered as special content
•Requires signed EULA addendum
•Tiered pricing based on required endpoints
•Fixed price throughout life of program
Microsoft Support Ivanti Support
Windows 10 22H2 reaches EOS Oct 2025
Three years of ESU support
•Year 1 October 15, 2025 – October 13, 2026
•Year 2 October 14, 2026 – October 12, 2027
•Year 3 October 13, 2027 – October 10, 2028
Licensing and Pricing
•Full-year purchase only
•Price doubles each year
•Cloud-based licensing via Windows 365 and
Intune
•5 by 5 licensing via manual key download
Windows 10 Extended Security Updates (ESU)
ESU support based on Microsoft releases
Available for three major patch products
•Neurons for Patch Management
•Endpoint Manager
•Security Controls
Familiar model
•Concurrent with Microsoft support years
•Offered as special content
•Requires signed EULA addendum
•Tiered pricing based on required endpoints
•Fixed price throughout life of program
Copyright © 2025 Ivanti. All rights reserved. 17
Server Long-term Servicing Channel Support
Server LTSC Support
Version Editions Release Date Mainstream Support Ends Extended Support Ends
Windows Server 2025 Datacenter and Standard 11/01/2024 10/09/2029 10/10/2034
Windows Server 2022 Datacenter and Standard 08/18/2021 10/13/2026 10/14/2031
Windows Server 2019
(Version 1809)
Datacenter and Standard 11/13/2018 01/09/2024 01/09/2029
Windows Server 2016
(Version 1607)
Datacenter, Essentials, and Standard 10/15/2016 01/11/2022 01/11/2027
https://learn.microsoft.com/en-us/windows-server/get-started/windows-server-release-info
▪Focused on server long-term stability
▪Major version releases every 2-3 years
▪5 years mainstream and 5 years extended support
▪Server core or server with desktop experience available
Source: Microsoft
Server Long-term Servicing Channel Support
Server LTSC Support
Version Editions Release Date Mainstream Support Ends Extended Support Ends
Windows Server 2025 Datacenter and Standard 11/01/2024 10/09/2029 10/10/2034
Windows Server 2022 Datacenter and Standard 08/18/2021 10/13/2026 10/14/2031
Windows Server 2019
(Version 1809)
Datacenter and Standard 11/13/2018 01/09/2024 01/09/2029
Windows Server 2016
(Version 1607)
Datacenter, Essentials, and Standard 10/15/2016 01/11/2022 01/11/2027
https://learn.microsoft.com/en-us/windows-server/get-started/windows-server-release-info
▪Focused on server long-term stability
▪Major version releases every 2-3 years
▪5 years mainstream and 5 years extended support
▪Server core or server with desktop experience available
Source: Microsoft
Copyright © 2025 Ivanti. All rights reserved. 18
Patch Content Announcements
Announcements Posted on Community Forum Pages
▪https://forums.ivanti.com/s/group/CollaborationGroup/00Ba0000009oKICEA2
▪Subscribe to receive email for the desired product(s)
Content Info: Endpoint Security
Content Info: Endpoint Manager
Content Info: macOS Updates
Content Info: Linux Updates
Content Info: Patch for Configuration Manager
Content Info: ISEC and Neurons Patch
Content Info: Neurons Patch for InTune
Patch Content Announcements
Announcements Posted on Community Forum Pages
▪https://forums.ivanti.com/s/group/CollaborationGroup/00Ba0000009oKICEA2
▪Subscribe to receive email for the desired product(s)
Content Info: Endpoint Security
Content Info: Endpoint Manager
Content Info: macOS Updates
Content Info: Linux Updates
Content Info: Patch for Configuration Manager
Content Info: ISEC and Neurons Patch
Content Info: Neurons Patch for InTune
Copyright © 2025 Ivanti. All rights reserved. 19
Bulletins and Releases
Bulletins and Releases
Copyright © 2025 Ivanti. All rights reserved.
CHROME-250311: Security Update for Chrome Desktop
▪Maximum Severity: Critical
▪Affected Products: Google Chrome
▪Description: The stable channel has been updated to 134.0.6998.88/.89 for
Windows, Mac and 134.0.6998.88 for Linux. Extended stable channel has been
updated to 134.0.6998.89 for Win/Mac. This update addresses 5 reported
vulnerabilities, 3 of which are rated High. See
https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-
desktop_10.html for more details.
▪Impact: Remote Code Execution, Denial of Service, Information Disclosure
▪Fixes 5 Vulnerabilities: CVE-2025-1920, CVE-2025-2135, CVE-2025-24201,
CVE-2025-2136, CVE-2025-2137
▪Restart Required: Requires application restart
NOTE: Google is aware of reports that an exploit for CVE-2025-24201 exists in the
wild.
1
CHROME-250311: Security Update for Chrome Desktop
▪Maximum Severity: Critical
▪Affected Products: Google Chrome
▪Description: The stable channel has been updated to 134.0.6998.88/.89 for
Windows, Mac and 134.0.6998.88 for Linux. Extended stable channel has been
updated to 134.0.6998.89 for Win/Mac. This update addresses 5 reported
vulnerabilities, 3 of which are rated High. See
https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-
desktop_10.html for more details.
▪Impact: Remote Code Execution, Denial of Service, Information Disclosure
▪Fixes 5 Vulnerabilities: CVE-2025-1920, CVE-2025-2135, CVE-2025-24201,
CVE-2025-2136, CVE-2025-2137
▪Restart Required: Requires application restart
NOTE: Google is aware of reports that an exploit for CVE-2025-24201 exists in the
wild.
1
Copyright © 2025 Ivanti. All rights reserved.
APSB25-14: Security Update for Adobe Acrobat and Reader
▪Maximum Severity: Critical
▪Affected Products: Adobe Acrobat and Reader (DC Continuous, Classic 2020, and Classic 2024)
▪Description: Adobe has released a security update for Adobe Acrobat and Reader for Windows
and macOS. This update addresses 9 vulnerabilities - 6 rated Critical and 3 rated Important.
Adobe is not aware of any exploits in the wild for any of the issues addressed in these updates.
▪Impact: Arbitrary Code Execution, Information Disclosure
▪Fixes 9 Vulnerabilities: See https://helpx.adobe.com/security/products/acrobat/apsb25-14.html
for more details.
▪Restart Required: Requires application restart
1
APSB25-14: Security Update for Adobe Acrobat and Reader
▪Maximum Severity: Critical
▪Affected Products: Adobe Acrobat and Reader (DC Continuous, Classic 2020, and Classic 2024)
▪Description: Adobe has released a security update for Adobe Acrobat and Reader for Windows
and macOS. This update addresses 9 vulnerabilities - 6 rated Critical and 3 rated Important.
Adobe is not aware of any exploits in the wild for any of the issues addressed in these updates.
▪Impact: Arbitrary Code Execution, Information Disclosure
▪Fixes 9 Vulnerabilities: See https://helpx.adobe.com/security/products/acrobat/apsb25-14.html
for more details.
▪Restart Required: Requires application restart
1
Copyright © 2025 Ivanti. All rights reserved.
APSB25-17: Security Update for Adobe Illustrator
▪Maximum Severity: Critical
▪Affected Products: Adobe Illustrator 2024 and Illustrator 2025
▪Description: Adobe has releasedanupdatefor AdobeIllustrator for Windows and macOS.This
update resolves 6 vulnerabilities – 3 rated Critical and 3 rated Important. Adobe is not aware of
any exploits in the wild for any of the issues addressed in these updates.
▪Impact: Arbitrary Code Execution, Denial of Service, Information Disclosure
▪Fixes 6 Vulnerabilities: See https://helpx.adobe.com/security/products/illustrator/apsb25-17.html
for more details.
▪Restart Required: Requires application restart
1
APSB25-17: Security Update for Adobe Illustrator
▪Maximum Severity: Critical
▪Affected Products: Adobe Illustrator 2024 and Illustrator 2025
▪Description: Adobe has releasedanupdatefor AdobeIllustrator for Windows and macOS.This
update resolves 6 vulnerabilities – 3 rated Critical and 3 rated Important. Adobe is not aware of
any exploits in the wild for any of the issues addressed in these updates.
▪Impact: Arbitrary Code Execution, Denial of Service, Information Disclosure
▪Fixes 6 Vulnerabilities: See https://helpx.adobe.com/security/products/illustrator/apsb25-17.html
for more details.
▪Restart Required: Requires application restart
1
Copyright © 2025 Ivanti. All rights reserved.
APSB25-19: Security Update for Adobe InDesign
▪Maximum Severity: Critical
▪Affected Products: Adobe InDesign 19 and InDesign 20
▪Description: Adobe has releasedanupdatefor AdobeInDesign for Windows and macOS. This
update addresses 9 vulnerabilities - 7 rated Critical and 2 rated Important. Adobe is not aware of
any exploits in the wild for any of the issues addressed in these updates.
▪Impact: Arbitrary Code Execution, Denial of Service, Information Disclosure
▪Fixes 9 Vulnerabilities: See https://helpx.adobe.com/security/products/indesign/apsb25-19.html
for more details.
▪Restart Required: Requires application restart
1
APSB25-19: Security Update for Adobe InDesign
▪Maximum Severity: Critical
▪Affected Products: Adobe InDesign 19 and InDesign 20
▪Description: Adobe has releasedanupdatefor AdobeInDesign for Windows and macOS. This
update addresses 9 vulnerabilities - 7 rated Critical and 2 rated Important. Adobe is not aware of
any exploits in the wild for any of the issues addressed in these updates.
▪Impact: Arbitrary Code Execution, Denial of Service, Information Disclosure
▪Fixes 9 Vulnerabilities: See https://helpx.adobe.com/security/products/indesign/apsb25-19.html
for more details.
▪Restart Required: Requires application restart
1
Copyright © 2025 Ivanti. All rights reserved. 24
MS25-03-W11: Windows 11 Update
▪Maximum Severity: Critical
▪Affected Products: Microsoft Windows 11 Version 22H2, 23H2, 24H2, Server 2025 and Edge
Chromium
▪Description: This bulletin references KB 5053602 (22H2/23H2), and KB 5053598 (24H2 and
Server 2025). See KBs for details of all changes.
▪Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Spoofing,
Elevation of Privilege, and Information Disclosure
▪Fixes 36 Vulnerabilities: CVE-2025-24984, CVE-2025-24985, CVE-2025-24991, CVE-2025-
24993 and CVE-2025-26633 are known exploited. No CVEs are publicly disclosed. See the
Security Update Guide for the complete list of CVEs.
▪Restart Required: Requires restart
▪Known Issues: See next slide
1
MS25-03-W11: Windows 11 Update
▪Maximum Severity: Critical
▪Affected Products: Microsoft Windows 11 Version 22H2, 23H2, 24H2, Server 2025 and Edge
Chromium
▪Description: This bulletin references KB 5053602 (22H2/23H2), and KB 5053598 (24H2 and
Server 2025). See KBs for details of all changes.
▪Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Spoofing,
Elevation of Privilege, and Information Disclosure
▪Fixes 36 Vulnerabilities: CVE-2025-24984, CVE-2025-24985, CVE-2025-24991, CVE-2025-
24993 and CVE-2025-26633 are known exploited. No CVEs are publicly disclosed. See the
Security Update Guide for the complete list of CVEs.
▪Restart Required: Requires restart
▪Known Issues: See next slide
1
Copyright © 2025 Ivanti. All rights reserved. 25
March Known Issues for Windows 11
▪KB 5053602 – Windows 11 Enterprise and Education version 22H2, Windows 11 version 23H2,
all editions
▪[Citrix_SRA] Devices that have certain Citrix components installed might be unable to
complete installation of the January 2025 Windows security update. This has been noted
with the Citrix Session Recording Agent installed.
▪Workaround: Citrix has provided several workaround options until they resolve the issue
with Microsoft. See KB for details.
▪KB 5053598 – Windows 11 version 24H2, all editions, Server 2025
▪[Roblox] We’re aware of an issue where players on Arm devices are unable to download
and play Roblox via the Microsoft Store on Windows.
▪Workaround: Download Roblox directly from vendor.
▪[Citrix_SRA]
March Known Issues for Windows 11
▪KB 5053602 – Windows 11 Enterprise and Education version 22H2, Windows 11 version 23H2,
all editions
▪[Citrix_SRA] Devices that have certain Citrix components installed might be unable to
complete installation of the January 2025 Windows security update. This has been noted
with the Citrix Session Recording Agent installed.
▪Workaround: Citrix has provided several workaround options until they resolve the issue
with Microsoft. See KB for details.
▪KB 5053598 – Windows 11 version 24H2, all editions, Server 2025
▪[Roblox] We’re aware of an issue where players on Arm devices are unable to download
and play Roblox via the Microsoft Store on Windows.
▪Workaround: Download Roblox directly from vendor.
▪[Citrix_SRA]
Copyright © 2025 Ivanti. All rights reserved. 26
MS25-03-W10: Windows 10 Update
▪Maximum Severity: Critical
▪Affected Products: Microsoft Windows 10 Versions 1607, 1809, 22H2, Server 2016, Server
2019, Server 2022, Server 2022 Datacenter: Azure Edition and Edge Chromium
▪Description: This bulletin references multiple KB articles. See Windows 10 and associated
server KBs for details of all changes.
▪Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Spoofing,
Elevation of Privilege, and Information Disclosure
▪Fixes 36 Vulnerabilities: CVE-2025-24983, CVE-2025-24984, CVE-2025-24985, CVE-2025-
24991, CVE-2025-24993 and CVE-2025-26633 are known exploited. No CVEs are publicly
disclosed. See the Security Update Guide for the complete list of CVEs.
▪Restart Required: Requires restart
▪Known Issues: See next slide
1
MS25-03-W10: Windows 10 Update
▪Maximum Severity: Critical
▪Affected Products: Microsoft Windows 10 Versions 1607, 1809, 22H2, Server 2016, Server
2019, Server 2022, Server 2022 Datacenter: Azure Edition and Edge Chromium
▪Description: This bulletin references multiple KB articles. See Windows 10 and associated
server KBs for details of all changes.
▪Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Spoofing,
Elevation of Privilege, and Information Disclosure
▪Fixes 36 Vulnerabilities: CVE-2025-24983, CVE-2025-24984, CVE-2025-24985, CVE-2025-
24991, CVE-2025-24993 and CVE-2025-26633 are known exploited. No CVEs are publicly
disclosed. See the Security Update Guide for the complete list of CVEs.
▪Restart Required: Requires restart
▪Known Issues: See next slide
1
Copyright © 2025 Ivanti. All rights reserved. 27
March Known Issues for Windows 10
▪KB 5053596 – Win 10 Ent LTSC 2019, Win 10 IoT Ent LTSC 2019, Windows 10 IoT Core LTSC,
Windows Server 2019
▪[Citrix_SRA]
▪KB 5053606 – Windows 10 Enterprise LTSC 2021, Windows 10 IoT Enterprise LTSC 2021,
Windows 10, version 22H2, all editions
▪[Broker] The Windows Event Viewer might display an error related to SgrmBroker.exe, on
devices that have installed Windows updates released January 14, 2025 or later. This error
can be found under Windows Logs > System as Event 7023, with text similar to ‘The
System Guard Runtime Monitor Broker service terminated with the following error:
%%3489660935’.
▪Workaround: This is an error due to a Windows Defender service being disabled. Ignore it
and it will be corrected in a future release. See KB for more details.
▪[Citrix_SRA]
▪KB 5053599 – Windows Server, version 23H2
▪[Citrix_SRA]
March Known Issues for Windows 10
▪KB 5053596 – Win 10 Ent LTSC 2019, Win 10 IoT Ent LTSC 2019, Windows 10 IoT Core LTSC,
Windows Server 2019
▪[Citrix_SRA]
▪KB 5053606 – Windows 10 Enterprise LTSC 2021, Windows 10 IoT Enterprise LTSC 2021,
Windows 10, version 22H2, all editions
▪[Broker] The Windows Event Viewer might display an error related to SgrmBroker.exe, on
devices that have installed Windows updates released January 14, 2025 or later. This error
can be found under Windows Logs > System as Event 7023, with text similar to ‘The
System Guard Runtime Monitor Broker service terminated with the following error:
%%3489660935’.
▪Workaround: This is an error due to a Windows Defender service being disabled. Ignore it
and it will be corrected in a future release. See KB for more details.
▪[Citrix_SRA]
▪KB 5053599 – Windows Server, version 23H2
▪[Citrix_SRA]
Copyright © 2025 Ivanti. All rights reserved. 28
▪Maximum Severity: Critical
▪Affected Products: Access 2016, Excel 2016, Office 2016, Office LTSC for Mac 2021 & 2024,
Office Online Server, Word 2016
▪Description: This security update addresses 10 vulnerabilities in Microsoft Office and supporting
products.
▪Impact: Remote Code Execution
▪Fixes 10 Vulnerabilities: CVE-2025-26630 is reported publicly disclosed. No vulnerabilities are
known exploited. See the Security Update Guide for the complete list of CVEs.
▪Restart Required: Requires application restart
▪Known Issues: None reported
MS25-03-OFF: Security Updates for Microsoft Office1
▪Maximum Severity: Critical
▪Affected Products: Access 2016, Excel 2016, Office 2016, Office LTSC for Mac 2021 & 2024,
Office Online Server, Word 2016
▪Description: This security update addresses 10 vulnerabilities in Microsoft Office and supporting
products.
▪Impact: Remote Code Execution
▪Fixes 10 Vulnerabilities: CVE-2025-26630 is reported publicly disclosed. No vulnerabilities are
known exploited. See the Security Update Guide for the complete list of CVEs.
▪Restart Required: Requires application restart
▪Known Issues: None reported
MS25-03-OFF: Security Updates for Microsoft Office1
Copyright © 2025 Ivanti. All rights reserved. 29
▪Maximum Severity: Critical
▪Affected Products: Microsoft 365 Apps, Office 2019, Office LTSC 2021 and Office LTSC 2024
▪Description: This security update addresses several vulnerabilities in Microsoft Office.
Information on the security updates is available at https://learn.microsoft.com/en-
us/officeupdates/microsoft365-apps-security-updates.
▪Impact: Remote Code Execution
▪Fixes 11 Vulnerabilities: CVE-2025-26630 is reported publicly disclosed. No vulnerabilities are
known exploited. See the Security Update Guide for the complete list of CVEs
▪Restart Required: Requires application restart
▪Known Issues: None reported
MS25-03-O365: Security Updates for Microsoft 365 Apps1
▪Maximum Severity: Critical
▪Affected Products: Microsoft 365 Apps, Office 2019, Office LTSC 2021 and Office LTSC 2024
▪Description: This security update addresses several vulnerabilities in Microsoft Office.
Information on the security updates is available at https://learn.microsoft.com/en-
us/officeupdates/microsoft365-apps-security-updates.
▪Impact: Remote Code Execution
▪Fixes 11 Vulnerabilities: CVE-2025-26630 is reported publicly disclosed. No vulnerabilities are
known exploited. See the Security Update Guide for the complete list of CVEs
▪Restart Required: Requires application restart
▪Known Issues: None reported
MS25-03-O365: Security Updates for Microsoft 365 Apps1
Copyright © 2025 Ivanti. All rights reserved. 30
Between
Patch Tuesdays
Between
Patch Tuesdays
Copyright © 2025 Ivanti. All rights reserved. 31
Windows Release Summary
▪Security Updates (with CVEs): Adobe InCopy (1), Google Chrome (2), Firefox (2), Firefox ESR (1),
LibreOffice (2), Thunderbird ESR (1), VMware Workstation Pro (1), Wireshark (2)
▪Security Updates (w/o CVEs): Adobe Acrobat DC and Acrobat Reader DC (2), Amazon WorkSpaces
(1), Apple Itunes (2), Apache Tomcat (3), Apple Mobile Device Support (2), CCleaner (1), Google
Chrome (1), ClickShare App Machine-Wide Installer (1), Devolutions Remote Desktop Manager (1),
Docker (1), Dropbox (1), Grammarly for Windows (3), Cisco Jabber (1), Nitro Pro (2), Node.JS (LTS
Lower) (1), Notepad++ (1), Opera (3), PDF-Xchange PRO (1), PDF-Xchange Editor Plus (1), Paint.net
(1), PeaZip (1), Royal TS (1), Screenpresso (1), Skype (1), Slack Machine-Wide Installer (1), Snagit (1),
Splunk Universal Forwarder (2), Thunderbird ESR (1), TeamViewer (1), VSCodium (2), WinSCP (1),
Wireshark (1), WinRAR (1), Zoom Workplace Desktop App (2), Zoom Rooms App (1)
▪Non-Security Updates: 1Password (2), 8x8 Work Desktop (1), BlueBeam Revu (1), Beyond Compare
(1), Box Drive (1), Bitwarden (1), Cisco Webex Teams (1), draw.io (2), Evernote (4), Google Drive File
Stream (1), GoodSync (3), GeoGebra Classic (2), GoTo Connect (1), KeePass Pro (1), KeePass
Classic (1), KeePassXC (1), Krisp (2), Poly Lens Dekstop App (1), R for Windows (1), RingCentral App
(Machine-Wide Installer) (2), Rocket.Chat Desktop Client (1), Wazuh Agent (1), WeCom (1), WinMerge
(1)
Windows Release Summary
▪Security Updates (with CVEs): Adobe InCopy (1), Google Chrome (2), Firefox (2), Firefox ESR (1),
LibreOffice (2), Thunderbird ESR (1), VMware Workstation Pro (1), Wireshark (2)
▪Security Updates (w/o CVEs): Adobe Acrobat DC and Acrobat Reader DC (2), Amazon WorkSpaces
(1), Apple Itunes (2), Apache Tomcat (3), Apple Mobile Device Support (2), CCleaner (1), Google
Chrome (1), ClickShare App Machine-Wide Installer (1), Devolutions Remote Desktop Manager (1),
Docker (1), Dropbox (1), Grammarly for Windows (3), Cisco Jabber (1), Nitro Pro (2), Node.JS (LTS
Lower) (1), Notepad++ (1), Opera (3), PDF-Xchange PRO (1), PDF-Xchange Editor Plus (1), Paint.net
(1), PeaZip (1), Royal TS (1), Screenpresso (1), Skype (1), Slack Machine-Wide Installer (1), Snagit (1),
Splunk Universal Forwarder (2), Thunderbird ESR (1), TeamViewer (1), VSCodium (2), WinSCP (1),
Wireshark (1), WinRAR (1), Zoom Workplace Desktop App (2), Zoom Rooms App (1)
▪Non-Security Updates: 1Password (2), 8x8 Work Desktop (1), BlueBeam Revu (1), Beyond Compare
(1), Box Drive (1), Bitwarden (1), Cisco Webex Teams (1), draw.io (2), Evernote (4), Google Drive File
Stream (1), GoodSync (3), GeoGebra Classic (2), GoTo Connect (1), KeePass Pro (1), KeePass
Classic (1), KeePassXC (1), Krisp (2), Poly Lens Dekstop App (1), R for Windows (1), RingCentral App
(Machine-Wide Installer) (2), Rocket.Chat Desktop Client (1), Wazuh Agent (1), WeCom (1), WinMerge
(1)
Copyright © 2025 Ivanti. All rights reserved. 32
Windows Third Party CVE Information
▪Adobe InCopy
▪APSB25-10, QAICY201
▪Fixes 1 Vulnerability: CVE-2025-21156
▪Google Chrome 133.0.6943.127
▪CHROME-250219, QGC13306943127
▪Fixes 3 Vulnerabilities: CVE-2025-0999, CVE-2025-1006, CVE-2025-1426
▪Google Chrome 134.0.6998.36
▪CHROME-250304, QGC1340699836
▪Fixes 9 Vulnerabilities: CVE-2025-1914, CVE-2025-1915, CVE-2025-1916, CVE-2025-1917, CVE-
2025-1918, CVE-2025-1919, CVE-2025-1921, CVE-2025-1922, CVE-2025-1923
Windows Third Party CVE Information
▪Adobe InCopy
▪APSB25-10, QAICY201
▪Fixes 1 Vulnerability: CVE-2025-21156
▪Google Chrome 133.0.6943.127
▪CHROME-250219, QGC13306943127
▪Fixes 3 Vulnerabilities: CVE-2025-0999, CVE-2025-1006, CVE-2025-1426
▪Google Chrome 134.0.6998.36
▪CHROME-250304, QGC1340699836
▪Fixes 9 Vulnerabilities: CVE-2025-1914, CVE-2025-1915, CVE-2025-1916, CVE-2025-1917, CVE-
2025-1918, CVE-2025-1919, CVE-2025-1921, CVE-2025-1922, CVE-2025-1923
Copyright © 2025 Ivanti. All rights reserved. 33
Windows Third Party CVE Information (cont)
▪Firefox 135.0.1
▪FF-250218, QFF13501
▪Fixes 1 Vulnerability: CVE-2025-1414
▪Firefox 136.0
▪FF-250205, QFF1350
▪Fixes 16 Vulnerabilities: CVE-2024-9956, CVE-2025-0245, CVE-2025-1930, CVE-2025-1931,
CVE-2025-1932, CVE-2025-1933, CVE-2025-1934, CVE-2025-1935, CVE-2025-1936, CVE-2025-
1937, CVE-2025-1938, CVE-2025-1939, CVE-2025-1940, CVE-2025-1941, CVE-2025-1942,
CVE-2025-1943
▪Firefox ESR 128.8.0
▪FFE128-250304, QFFE12880
▪Fixes 10 Vulnerabilities: CVE-2024-43097, CVE-2025-1930, CVE-2025-1931, CVE-2025-1932,
CVE-2025-1933, CVE-2025-1934, CVE-2025-1935, CVE-2025-1936, CVE-2025-1937, CVE-2025-
1938
Windows Third Party CVE Information (cont)
▪Firefox 135.0.1
▪FF-250218, QFF13501
▪Fixes 1 Vulnerability: CVE-2025-1414
▪Firefox 136.0
▪FF-250205, QFF1350
▪Fixes 16 Vulnerabilities: CVE-2024-9956, CVE-2025-0245, CVE-2025-1930, CVE-2025-1931,
CVE-2025-1932, CVE-2025-1933, CVE-2025-1934, CVE-2025-1935, CVE-2025-1936, CVE-2025-
1937, CVE-2025-1938, CVE-2025-1939, CVE-2025-1940, CVE-2025-1941, CVE-2025-1942,
CVE-2025-1943
▪Firefox ESR 128.8.0
▪FFE128-250304, QFFE12880
▪Fixes 10 Vulnerabilities: CVE-2024-43097, CVE-2025-1930, CVE-2025-1931, CVE-2025-1932,
CVE-2025-1933, CVE-2025-1934, CVE-2025-1935, CVE-2025-1936, CVE-2025-1937, CVE-2025-
1938
Copyright © 2025 Ivanti. All rights reserved. 34
Windows Third Party CVE Information (cont)
▪LibreOffice 24.8.5
▪LIBRE-250220, QLIBRE2485
▪Fixes 2 Vulnerabilities: CVE-2025-0514, CVE-2025-1080
▪LibreOffice 25.2.1
▪LIBRE-250227, QLIBRE2521
▪Fixes 1 Vulnerability: CVE-2025-1080
▪Thunderbird ESR 128.8.0
▪TB-250305, QTB12880ESR
▪Fixes 10 Vulnerabilities: CVE-2024-43097, CVE-2025-1930, CVE-2025-1931, CVE-2025-1932,
CVE-2025-1933, CVE-2025-1934, CVE-2025-1935, CVE-2025-1936, CVE-2025-1937, CVE-
2025-1938
▪VMware Workstation Pro 17.6.3
▪VMWW17-250304, QVMWW1763
▪Fixes 3 Vulnerabilities: CVE-2025-22224, CVE-2025-22225, CVE-2025-22226
Windows Third Party CVE Information (cont)
▪LibreOffice 24.8.5
▪LIBRE-250220, QLIBRE2485
▪Fixes 2 Vulnerabilities: CVE-2025-0514, CVE-2025-1080
▪LibreOffice 25.2.1
▪LIBRE-250227, QLIBRE2521
▪Fixes 1 Vulnerability: CVE-2025-1080
▪Thunderbird ESR 128.8.0
▪TB-250305, QTB12880ESR
▪Fixes 10 Vulnerabilities: CVE-2024-43097, CVE-2025-1930, CVE-2025-1931, CVE-2025-1932,
CVE-2025-1933, CVE-2025-1934, CVE-2025-1935, CVE-2025-1936, CVE-2025-1937, CVE-
2025-1938
▪VMware Workstation Pro 17.6.3
▪VMWW17-250304, QVMWW1763
▪Fixes 3 Vulnerabilities: CVE-2025-22224, CVE-2025-22225, CVE-2025-22226
Copyright © 2025 Ivanti. All rights reserved. 35
Windows Third Party CVE Information (cont)
▪Wireshark 4.2.11
▪WIRES42-250219, QWIRES4211EXE &QWIRES4211MSI
▪Fixes 1 Vulnerability: CVE-2025-1492
▪Wireshark 4.4.4
▪WIRES44-250219, QWIRES444EXE &QWIRES444MSI
▪Fixes 1 Vulnerability: CVE-2025-1492
Windows Third Party CVE Information (cont)
▪Wireshark 4.2.11
▪WIRES42-250219, QWIRES4211EXE &QWIRES4211MSI
▪Fixes 1 Vulnerability: CVE-2025-1492
▪Wireshark 4.4.4
▪WIRES44-250219, QWIRES444EXE &QWIRES444MSI
▪Fixes 1 Vulnerability: CVE-2025-1492
Copyright © 2025 Ivanti. All rights reserved. 36
Apple Release Summary
▪Security Updates (with CVEs): Google Chrome (3), Emacs (1), Firefox (2), Firefox ESR (2),
Microsoft Edge (2), Thunderbird (1), Thunderbird ESR (1)
▪Security Updates (w/o CVEs): None
▪Non-Security Updates: 1Password (2), Alfred (1), Adobe Acrobat DC and Acrobat Reader DC
(1), Brave (4), Cyberduck (1), Devolutions Remote Desktop Manager (1), Docker Desktop (1),
draw.io (2), Evernote (4), Figma (1), Google Drive (1), Grammarly (2), HandBrake (1), Hazel
(1), IntelliJ IDEA (1), Krisp (3), LibreOffice (1), Microsoft Edge (2), Obsidian (2), OneDrive (2),
Microsoft Office Outlook (2), Parallels Desktop (1), PyCharm Professional (2), Skype (1), Slack
(1), Spotify (1), Thunderbird ESR (1), Microsoft Teams (1), Visual Studio Code (1), VSCodium
(1), Webex Teams (1), Zoom Client (2)
Apple Release Summary
▪Security Updates (with CVEs): Google Chrome (3), Emacs (1), Firefox (2), Firefox ESR (2),
Microsoft Edge (2), Thunderbird (1), Thunderbird ESR (1)
▪Security Updates (w/o CVEs): None
▪Non-Security Updates: 1Password (2), Alfred (1), Adobe Acrobat DC and Acrobat Reader DC
(1), Brave (4), Cyberduck (1), Devolutions Remote Desktop Manager (1), Docker Desktop (1),
draw.io (2), Evernote (4), Figma (1), Google Drive (1), Grammarly (2), HandBrake (1), Hazel
(1), IntelliJ IDEA (1), Krisp (3), LibreOffice (1), Microsoft Edge (2), Obsidian (2), OneDrive (2),
Microsoft Office Outlook (2), Parallels Desktop (1), PyCharm Professional (2), Skype (1), Slack
(1), Spotify (1), Thunderbird ESR (1), Microsoft Teams (1), Visual Studio Code (1), VSCodium
(1), Webex Teams (1), Zoom Client (2)
Copyright © 2025 Ivanti. All rights reserved. 37
Apple Third Party CVE Information
▪Google Chrome 133.0.6943.127
▪CHROMEMAC -250219
▪Fixes 3 Vulnerabilities: CVE-2025-0999, CVE-2025-1006, CVE-2025-1426
▪Google Chrome 133.0.6943.142
▪CHROMEMAC -250225
▪Fixes 7 Vulnerabilities: CVE-2025-0445, CVE-2025-0451, CVE-2025-0995, CVE-2025-0997, CVE-
2025-0998, CVE-2025-1006, CVE-2025-1566
▪Google Chrome 134.0.6998.45
▪CHROMEMAC -250304
▪Fixes 9 Vulnerabilities: CVE-2025-1914, CVE-2025-1915, CVE-2025-1916, CVE-2025-1917, CVE-
2025-1918, CVE-2025-1919, CVE-2025-1921, CVE-2025-1922, CVE-2025-1923
Apple Third Party CVE Information
▪Google Chrome 133.0.6943.127
▪CHROMEMAC -250219
▪Fixes 3 Vulnerabilities: CVE-2025-0999, CVE-2025-1006, CVE-2025-1426
▪Google Chrome 133.0.6943.142
▪CHROMEMAC -250225
▪Fixes 7 Vulnerabilities: CVE-2025-0445, CVE-2025-0451, CVE-2025-0995, CVE-2025-0997, CVE-
2025-0998, CVE-2025-1006, CVE-2025-1566
▪Google Chrome 134.0.6998.45
▪CHROMEMAC -250304
▪Fixes 9 Vulnerabilities: CVE-2025-1914, CVE-2025-1915, CVE-2025-1916, CVE-2025-1917, CVE-
2025-1918, CVE-2025-1919, CVE-2025-1921, CVE-2025-1922, CVE-2025-1923
Copyright © 2025 Ivanti. All rights reserved. 38
Apple Third Party CVE Information (cont)
▪Emacs 30.1
▪EMACSMAC-250224
▪Fixes 2 Vulnerabilities: CVE-2024-53920, CVE-2025-1244
▪Firefox 135.0.1
▪MFSA2025-12
▪Fixes 1 Vulnerability: CVE-2025-1414
▪Firefox 136.0
▪FF-250205
▪Fixes 16 Vulnerabilities: CVE-2024-9956, CVE-2025-0245, CVE-2025-1930, CVE-2025-1931,
CVE-2025-1932, CVE-2025-1933, CVE-2025-1934, CVE-2025-1935, CVE-2025-1936, CVE-2025-
1937, CVE-2025-1938, CVE-2025-1939, CVE-2025-1940, CVE-2025-1941, CVE-2025-1942,
CVE-2025-1943
Apple Third Party CVE Information (cont)
▪Emacs 30.1
▪EMACSMAC-250224
▪Fixes 2 Vulnerabilities: CVE-2024-53920, CVE-2025-1244
▪Firefox 135.0.1
▪MFSA2025-12
▪Fixes 1 Vulnerability: CVE-2025-1414
▪Firefox 136.0
▪FF-250205
▪Fixes 16 Vulnerabilities: CVE-2024-9956, CVE-2025-0245, CVE-2025-1930, CVE-2025-1931,
CVE-2025-1932, CVE-2025-1933, CVE-2025-1934, CVE-2025-1935, CVE-2025-1936, CVE-2025-
1937, CVE-2025-1938, CVE-2025-1939, CVE-2025-1940, CVE-2025-1941, CVE-2025-1942,
CVE-2025-1943
Copyright © 2025 Ivanti. All rights reserved. 39
Apple Third Party CVE Information (cont)
▪Firefox ESR 115.21.0
▪FFE115-250305
▪Fixes 5 Vulnerabilities: CVE-2024-43097, CVE-2025-1930, CVE-2025-1931, CVE-2025-1933,
CVE-2025-1937
▪Firefox ESR 128.8.0
▪FFE128-250304, QFFE12880
▪Fixes 10 Vulnerabilities: CVE-2024-43097, CVE-2025-1930, CVE-2025-1931, CVE-2025-1932,
CVE-2025-1933, CVE-2025-1934, CVE-2025-1935, CVE-2025-1936, CVE-2025-1937, CVE-2025-
1938
▪Microsoft Edge 133.0.3065.69
▪MEDGEMAC-250217
▪Fixes 4 Vulnerabilities: CVE-2025-0995, CVE-2025-0996, CVE-2025-0997, CVE-2025-0998
Apple Third Party CVE Information (cont)
▪Firefox ESR 115.21.0
▪FFE115-250305
▪Fixes 5 Vulnerabilities: CVE-2024-43097, CVE-2025-1930, CVE-2025-1931, CVE-2025-1933,
CVE-2025-1937
▪Firefox ESR 128.8.0
▪FFE128-250304, QFFE12880
▪Fixes 10 Vulnerabilities: CVE-2024-43097, CVE-2025-1930, CVE-2025-1931, CVE-2025-1932,
CVE-2025-1933, CVE-2025-1934, CVE-2025-1935, CVE-2025-1936, CVE-2025-1937, CVE-2025-
1938
▪Microsoft Edge 133.0.3065.69
▪MEDGEMAC-250217
▪Fixes 4 Vulnerabilities: CVE-2025-0995, CVE-2025-0996, CVE-2025-0997, CVE-2025-0998
Copyright © 2025 Ivanti. All rights reserved. 40
Apple Third Party CVE Information (cont)
▪Microsoft Edge 133.0.3065.82
▪MEDGEMAC-250221
▪Fixes 3 Vulnerabilities: CVE-2025-0999, CVE-2025-1006, CVE-2025-1426
▪Thunderbird 136
▪TB-250305
▪Fixes 11 Vulnerabilities: CVE-2025-1930, CVE-2025-1931, CVE-2025-1932, CVE-2025-1933,
CVE-2025-1934, CVE-2025-1935, CVE-2025-1936, CVE-2025-1937, CVE-2025-1938, CVE-
2025-1942, CVE-2025-1943
▪Thunderbird ESR 128.8.0
▪TB-250305
▪Fixes 10 Vulnerabilities: CVE-2024-43097, CVE-2025-1930, CVE-2025-1931, CVE-2025-1932,
CVE-2025-1933, CVE-2025-1934, CVE-2025-1935, CVE-2025-1936, CVE-2025-1937, CVE-
2025-1938
Apple Third Party CVE Information (cont)
▪Microsoft Edge 133.0.3065.82
▪MEDGEMAC-250221
▪Fixes 3 Vulnerabilities: CVE-2025-0999, CVE-2025-1006, CVE-2025-1426
▪Thunderbird 136
▪TB-250305
▪Fixes 11 Vulnerabilities: CVE-2025-1930, CVE-2025-1931, CVE-2025-1932, CVE-2025-1933,
CVE-2025-1934, CVE-2025-1935, CVE-2025-1936, CVE-2025-1937, CVE-2025-1938, CVE-
2025-1942, CVE-2025-1943
▪Thunderbird ESR 128.8.0
▪TB-250305
▪Fixes 10 Vulnerabilities: CVE-2024-43097, CVE-2025-1930, CVE-2025-1931, CVE-2025-1932,
CVE-2025-1933, CVE-2025-1934, CVE-2025-1935, CVE-2025-1936, CVE-2025-1937, CVE-
2025-1938
Copyright © 2025 Ivanti. All rights reserved. 41
Q & A
Q & A
Copyright © 2025 Ivanti. All rights reserved.Copyright © 2025 Ivanti. All rights reserved. 42
Thank You!
Thank You!
Categories
GeneralDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 346
- Slides 42
- Age 267 days
Related Slideshows
22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
32 views
26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
35 views
31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
32 views
14
Fertility awareness methods for women in the society
Isaiah47
30 views
35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
29 views
5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
30 views