In a recent article from Infosecurity Magazine, Microsoft’s first Patch Tuesday of 2025 addressed eight zero-day vulnerabilities, three of which were under active exploitation. Fortra’s Tyler Reguly flagged three critical vulnerabilities in this month’s update, including CVE-2025-21311, CVE-2025-21307, and CVE-2025-21298, all with CVSS scores of 9.8. Tyler also emphasized the importance of automated patch management.
Originally published in Infosecurity Magazine.
Excerpt: “Patching vulnerabilities should not be a solo endeavour in the enterprise and, if it is, it may be time to talk to your leadership about staffing and tooling changes.”