As per reports, Microsoft released updates to fix nearly 57 vulnerabilities across its software, including six zero-days that have been actively exploited. The update reportedly includes patches for 56 flaws, out of which, six are rated Critical, 50 are rated Important, and one is rated Low in severity. Among the fixed vulnerabilities, 23 allow remote code execution bugs, while 22 involve privilege escalation.

Additionally, this development has prompted the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to add them to the Known Exploited Vulnerabilities (KEV) catalog, requiring federal agencies to apply the fixes by 01 April 2025.