The Situation
Microsoft’s May 2025 Patch Tuesday is here, and our IT Helpdesk wants to ensure you have the information you need to make vital technology decisions.

In this release 72 security vulnerabilities, are addressed, including 5 actively exploited and 2 publicly disclosed zero-days. Among these, 6 are rated Critical, with 5 involving remote code execution; a high-impact category for enterprise environments.

Actively Exploited in the Wild:

• CVE-2025-30397 – Scripting Engine Memory Corruption (CVSS 7.5)
• CVE-2025-30400 – DWM Core Library Elevation of Privilege (CVSS 7.8)
• CVE-2025-32701 – CLFS Driver Elevation of Privilege (CVSS 7.8)
• CVE-2025-32706 – CLFS Driver Elevation of Privilege (CVSS 7.8)
• CVE-2025-32709 – WinSock Ancillary Function Driver Elevation of Privilege (CVSS 7.8)

For full details on all addressed vulnerabilities, refer to Microsoft’s official bulletin.

What We’re Doing

Fizen Technology is already deploying patches in line with Microsoft’s guidance. Our teams are also actively threat hunting across client environments to identify any indicators of compromise related to these vulnerabilities.

What You Should Do

• Prioritize patching systems affected by the actively exploited vulnerabilities listed above.
• If immediate patching isn’t possible, review Microsoft’s documentation for workarounds or mitigations.
• Conduct environment-wide scans to identify systems that remain unpatched.

Timely patching remains one of the most effective defenses against exploitation. If you need support with validation, deployment, or impact analysis; please remember, we are here to help.