Microsoft Edge-Stable Channel Version 134 Update (Build 134.0.3124.51) Last Modified: 3/6/2025 VIA Internal Updater! Nothing posted here at the time of post: https://learn.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security
CVEs have been published or revised in the Security Update Guide March 12, 2025 These common vulnerabilities and exposures (CVEs) were recently published or revised in the Microsoft Security Update Guide: CVE-2024-30098 Title: Windows Cryptographic Services Security Feature Bypass Vulnerability Version: 2.0 Reason for revision: The following updates have been made to CVE-2024-30098: 1. In the Security Updates table, added all supported versions of the following as they are affected by this vulnerability: Windows 11 24H2 and Windows Server 2025. 2. To comprehensively address this vulnerability, Microsoft has released March 2025 security updates for all affected versions of Windows Server 2012 R2, Windows Server 2016, Windows Server 2019, Windows Server 2022, and Windows Server 2022 23H2 Edition, Windows 10, and Windows 11. 3. Updated the "Are there any further actions I need to take to be protected from this vulnerability?" FAQ to state that Starting with the April 2025, the fix will automatically generate an audit event in cases where the Cryptographic Service Provider (CSP) is being used with RSA keys. If you have not already enabled the fix using the DisableCapiOverrideForRSA setting, you should monitor your systems for any error events in the Windows system event log. See the FAQ section of this CVE for more information. Originally released: July 9, 2024 Last updated: March 11, 2025 Aggregate CVE severity rating: Important Customer action required: Yes CVE-2024-49116 Title: Windows Remote Desktop Services Remote Code Execution Vulnerability Version: 2.0 Reason for revision: To comprehensively address CVE-2024-49116, Microsoft has released March 2025 security updates for all supported editions of Windows Server 2016 and Windows Server 2019. Microsoft recommends that customers install the updates to be fully protected from the vulnerability. Customers whose systems are configured to receive automatic updates do not need to take any further action. Originally released: December 10, 2024 Last updated: March 11, 2025 Aggregate CVE severity rating: Critical Customer action required: Yes CVE-2025-24036 Title: Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability Version: 2.1 Reason for revision: Added an FAQ. This is an information change only. Originally released: February 11, 2025 Last updated: March 11, 2025 Aggregate CVE severity rating: Important Customer action required: Yes
March 19, 2025 Microsoft is aware of the recent Chromium security fixes. We are actively working on releasing a security fix.
CVEs have been published or revised in the Security Update Guide March 21, 2025 These common vulnerabilities and exposures (CVEs) were recently published or revised in the Microsoft Security Update Guide: CVE-2025-2476 · Title: Chromium: CVE-2025-2476 Use after free in Lens · Version: 1.0 · Reason for revision: Information published. · Originally released: March 21, 2025 · Last updated: March 21, 2025 · Aggregate CVE severity rating: · Customer action required: Yes CVE-2025-29795 · Title: Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability · Version: 1.0 · Reason for revision: Information published. · Originally released: March 21, 2025 · Last updated: March 21, 2025 · Aggregate CVE severity rating: Important · Customer action required: Yes CVE-2025-29806 · Title: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability · Version: 1.0 · Reason for revision: Information published. · Originally released: March 21, 2025 · Last updated: March 21, 2025 · Aggregate CVE severity rating: Important · Customer action required: Yes Thanks @ronjor
CVEs have been published or revised in the Security Update Guide March 23, 2025 These common vulnerabilities and exposures (CVEs) were recently published or revised in the Microsoft Security Update Guide: CVE-2025-25008 · Title: Windows Server Elevation of Privilege Vulnerability · Version: 1.1 · Reason for revision: Updated links to security updates. This is an informational change only. · Originally released: March 11, 2025 · Last updated: March 23, 2025 · Aggregate CVE severity rating: Important · Customer action required: Yes CVE-2025-26645 · Title: Remote Desktop Client Remote Code Execution Vulnerability · Version: 1.1 · Reason for revision: Updated links to security updates. This is an informational change only. · Originally released: March 11, 2025 · Last updated: March 23, 2025 · Aggregate CVE severity rating: Critical · Customer action required: Yes
March 27, 2025— KB5053656 (OS Build 26100.3624) Preview Applies To: Windows 11 version 24H2, all editions https://support.microsoft.com/en-us...-preview-4c35f1c4-1ae6-41ef-a317-3d8ee2e73975 March 25, 2025—KB5053657 (OS Builds 22621.5126 and 22631.5126) Preview Applies To: Windows 11 Enterprise and Education, version 22H2 Windows 11 version 23H2, all editions https://support.microsoft.com/en-us...-preview-87a95447-6e12-4cd6-a7cf-ef525b8a489f ------------ March 25, 2025—KB5053643 (OS Build 19045.5679) Preview Applies To: Windows 10 Home and Pro, version 22H2 Windows 10 Enterprise Multi-Session, version 22H2 Windows 10 Enterprise and Education, version 22H2 Windows 10 IoT Enterprise, version 22H2 https://support.microsoft.com/en-us...-preview-3fd3cc5d-2757-4092-ac0e-bb0e9c295861
