Always On VPN Security Updates May 2025

Once again, it’s the second Tuesday of the month, and Microsoft has published its monthly security updates for May 2025. Once again, this month includes many updates for the Windows Server Routing and Remote Access Service (RRAS) and an update for Active Directory Certificate Services (AD CS).

RRAS Updates

The Microsoft security updates for May 2025 address the following CVEs for Windows Server RRAS.

All the reported vulnerabilities in RRAS this month are information disclosure vulnerabilities, with exploitation unlikely. Most appear to be memory-related (null pointer references, out-of-bounds reads, etc.). None are Remote Code Execution (RCE) vulnerabilities, and none are rated Critical.

AD CS Update

This month’s update release also includes a single CVE addressing a denial of service (DoS) vulnerability in AD CS.

Additional Information

Microsoft May 2025 Security Updates

Leave a comment
by Richard M. Hicks on May 13, 2025  •  Permalink
Posted in Always On VPN, AOVPN, CVE, Microsoft, routing and remote access service, RRAS, Security, Security Update, VPN, Vulnerability, Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, Windows Server 2022, Windows Server 2025
Tagged , , , , , ,

Posted by Richard M. Hicks on May 13, 2025

https://directaccess.richardhicks.com/2025/05/13/always-on-vpn-security-updates-may-2025/

Previous Post
Next Post
Leave a comment

Leave a Reply

Discover more from Richard M. Hicks Consulting, Inc.

Subscribe now to keep reading and get access to the full archive.

Continue reading