April 2025 Monthly Patch

9 April 2025

Microsoft has released security patches to address multiple vulnerabilities in their software and products.

The vulnerabilities that have been classified as Critical in severity are listed in the table below.

For the full list of security patches released by Microsoft, please refer to https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2025-Apr

Critical Vulnerabilities

CVE Number	CVE Name	Base Score	Reference
CVE-2025-27482	Windows Remote Desktop Services Remote Code Execution Vulnerability	8.1	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-27482
CVE-2025-27480	Windows Remote Desktop Services Remote Code Execution Vulnerability	8.1	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-27480
CVE-2025-26663	Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability	8.1	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-26663
CVE-2025-26670	Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability	8.1	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-26670
CVE-2025-27749	Microsoft Office Remote Code Execution Vulnerability	7.8	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-27749
CVE-2025-27748	Microsoft Office Remote Code Execution Vulnerability	7.8	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-27748
CVE-2025-27745	Microsoft Office Remote Code Execution Vulnerability	7.8	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-27745
CVE-2025-29791	Microsoft Excel Remote Code Execution Vulnerability	7.8	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-29791
CVE-2025-27752	Microsoft Excel Remote Code Execution Vulnerability	7.8	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-27752
CVE-2025-26686	Windows TCP/IP Remote Code Execution Vulnerability	7.5	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-26686
CVE-2025-27491	Windows Hyper-V Remote Code Execution Vulnerability	7.1	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2025-27491

Government officials will never ask you to transfer money or disclose bank log-in details over a phone call.

April 2025 Monthly Patch

Reach us