Tripwire's April 2025 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Google.
Up first on the list are patches for Microsoft Edge (Chromium-based) and Google Chromium that resolve 11 issues including remote code execution and improper implementation vulnerabilities.
Next on the list are patches for Microsoft Office, Excel, Word, and OneNote. These patches resolve 15 issues, such as elevation of privilege, security feature bypass, and remote code execution vulnerabilities.
Next are patches that affect components of the core Windows operating system. These patches resolve over 656 vulnerabilities, including elevation of privilege, denial of service, information disclosure, and remote code execution vulnerabilities. These vulnerabilities affect Kernel, NTFS, Standards-based storage management, LSA, VBS, Security Zone Mapping, HTTP.sys, DWM Core Library, Remote Desktop Client, Secure Channel, and various others.
Up next are patches for ASP.NET, Visual Studio, Visual Studio Code, and Visual Studio Tools that resolve elevation of privilege, remote code execution, and elevation of privilege vulnerabilities.
Lastly, administrators should focus on server-side patches for Kerberos, Active Directory Domain Services, LDAP, Hyper-V, Telephony Service, Remote Desktop Service, Windows Active Directory Certificate Services, SharePoint, Dynamics, Routing and Remote Access Service (RRAS), and Telephony Server. These patches resolve remote code execution, denial of service, information disclosure, and elevation of privilege vulnerabilities.
| BULLETIN | CVE |
|---|---|
| Microsoft Edge (Chromium-based) and Chromium | CVE-2025-3066, CVE-2025-3067, CVE-2025-3068, CVE-2025-3069, CVE-2025-3070, CVE-2025-3071, CVE-2025-3072, CVE-2025-3073, CVE-2025-3074, CVE-2025-29815, CVE-2025-25000 |
| Microsoft Office | CVE-2025-29791, CVE-2025-29792, CVE-2025-27744, CVE-2025-26642, CVE-2025-27745, CVE-2025-27746, CVE-2025-27749, CVE-2025-27748 |
| Microsoft Office Word | CVE-2025-29820, CVE-2025-27747, CVE-2025-29816 |
| Microsoft Office Excel | CVE-2025-29823, CVE-2025-27752, CVE-2025-27750, CVE-2025-27751 |
| Microsoft Office OneNote | CVE-2025-29822 |
| Windows I | CVE-2025-27727, CVE-2025-27471, CVE-2025-27482, CVE-2025-27480, CVE-2025-27738, CVE-2025-26674, CVE-2025-26666, CVE-2025-26641, CVE-2025-29808, CVE-2025-26651, CVE-2025-27487, CVE-2025-29824, CVE-2025-29800, CVE-2025-29801, CVE-2025-27472, CVE-2025-26686, CVE-2025-26675, CVE-2025-27492, CVE-2025-26649, CVE-2025-29811, CVE-2025-26681, CVE-2025-26687, CVE-2025-27732, CVE-2025-27739, CVE-2025-26648, CVE-2025-24073, CVE-2025-24074, CVE-2025-24062, CVE-2025-24060 |
| Windows II | CVE-2025-24058, CVE-2025-26680, CVE-2025-27470, CVE-2025-27486, CVE-2025-27485, CVE-2025-21174, CVE-2025-26652, CVE-2025-27736, CVE-2025-27729, CVE-2025-26678, CVE-2025-21204, CVE-2025-27475, CVE-2025-27478, CVE-2025-21191, CVE-2025-26679, CVE-2025-27735, CVE-2025-27737, CVE-2025-27473, CVE-2025-29812, CVE-2025-27728, CVE-2025-27490, CVE-2025-26665, CVE-2025-26688, CVE-2025-26637, CVE-2025-26673, CVE-2025-27469, CVE-2025-26663, CVE-2025-27733, CVE-2025-27483, CVE-2025-27741, CVE-2025-27742, CVE-2025-21197, CVE-2025-27476, CVE-2025-27730, CVE-2025-26640, CVE-2025-27467, CVE-2025-27484, CVE-2025-26639, CVE-2025-26635, CVE-2025-26644 |
| ASP.NET Core | CVE-2025-26682 |
| Visual Studio, Visual Studio Code, Visual Studio Tools | CVE-2025-29802, CVE-2025-29804, CVE-2025-20570, CVE-2025-29803 |
| Windows Kerberos | CVE-2025-27479, CVE-2025-26647, CVE-2025-29809 |
| Active Directory Domain Services | CVE-2025-29810 |
| Windows LDAP - Lightweight Directory Access Protocol | CVE-2025-26670 |
| Windows Hyper-V | CVE-2025-27491 |
| Windows Telephony Service | CVE-2025-27477, CVE-2025-27481, CVE-2025-21205, CVE-2025-21221, CVE-2025-21222 |
| Windows Remote Desktop Services | CVE-2025-26671 |
| Windows Active Directory Certificate Services | CVE-2025-27740 |
| System Center | CVE-2025-27743 |
| Microsoft Office SharePoint | CVE-2025-29794, CVE-2025-29793 |
| Dynamics Business Central | CVE-2025-29821 |
| Windows Routing and Remote Access Service (RRAS) | CVE-2025-27474, CVE-2025-26676, CVE-2025-26672, CVE-2025-26669, CVE-2025-26664, CVE-2025-26667, CVE-2025-21203, CVE-2025-26668 |
