The flaw, addressed in the April 2025 Patch Tuesday updates, continues a troubling trend of Kerberos-related vulnerabilities that have plagued Windows systems in recent years. However, Microsoft noted that security updates for Windows 10 for x64-based systems and Windows 10 for 32-bit systems are not immediately available and will be released “as soon as possible”. The security update addresses this vulnerability by improving how Windows Kerberos stores sensitive authentication data. The vulnerability was credited to security researcher Ceri Coburn from NetSPI, highlighting the ongoing collaboration between security researchers and Microsoft to identify and remediate potential security threats. The vulnerability was addressed as part of Microsoft’s April 2025 Patch Tuesday, which included fixes for more than 120 vulnerabilities across various Windows components. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. Security experts recommend prioritizing the patch for CVE-2025-29809, particularly in enterprise environments where credential theft could lead to lateral movement across networks. Organizations that have previously deployed policies related to Virtualization-based Security (VBS) will need to redeploy using updated policy guidance. Organizations are strongly advised to implement available patches as soon as possible and to follow Microsoft’s guidance for organizations still using unsupported Windows versions. Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.
This Cyber News was published on cybersecuritynews.com. Publication date: Wed, 09 Apr 2025 12:10:14 +0000