Always On VPN Security Updates May 2025

Once again, it’s the second Tuesday of the month, and Microsoft has published its monthly security updates for May 2025. Once again, this month includes many updates for the Windows Server Routing and Remote Access Service (RRAS) and an update for Active Directory Certificate Services (AD CS).

RRAS Updates

The Microsoft security updates for May 2025 address the following CVEs for Windows Server RRAS.

All the reported vulnerabilities in RRAS this month are information disclosure vulnerabilities, with exploitation unlikely. Most appear to be memory-related (null pointer references, out-of-bounds reads, etc.). None are Remote Code Execution (RCE) vulnerabilities, and none are rated Critical.

AD CS Update

This month’s update release also includes a single CVE addressing a denial of service (DoS) vulnerability in AD CS.

Additional Information

Microsoft May 2025 Security Updates

Always On VPN Security Updates April 2025

Microsoft has published its monthly security updates. Many updates address Routing and Remote Access Service (RRAS) vulnerabilities commonly used in Always On VPN deployments. In addition, an update addresses a vulnerability in Active Directory Certificate Services (AD CS). Always On VPN user and device authentication often rely on AD CS-issued certificates.

RRAS Updates

The April 2025 Microsoft security updates include the following CVEs for Windows Server RRAS.

Only one of these CVEs (26668) is a Remote Code Execution vulnerability. The others are information disclosure vulnerabilities. None of these vulnerabilities are rated Critical; all are rated Important.

AD CS Update

This month’s security update includes the following CVE for AD CS.

Additional Information

Microsoft April 2025 Security Updates

Always On VPN Discord Channel

I’m excited to announce the launch of a brand-new Discord channel dedicated to administrators working with Always On VPN! Whether you’re a seasoned pro or just getting started, this community is designed to be your go-to hub for collaboration, troubleshooting, and staying up to date on all things Always On VPN. The channel was established by my good friend Leo D’Arcy, the creator of the popular Always On VPN Dynamic Profile Generator (DPC) software.

Why Discord?

Always On VPN is a powerful solution for secure, seamless remote connectivity, but managing it comes with its own set of challenges. From configuration quirks to deployment strategies, administrators often need a space to share insights, ask questions, and learn from one another in real time. That’s where our new Discord channel comes in.

Community Forum

Discord offers a dynamic, user-friendly platform for instant communication and community building. Unlike forums or email threads, it’s a place where you can start a conversation, jump into live discussions, share resources, ask questions, share important insights or experiences, and much more.

Channels

Today, the Always On VPN Discord channel is part of the Microsoft Remote Access User Group Discord Server. It consists of multiple channels divided into the following topics.

General – This is a great place to introduce yourself and say hello to everyone!

DPC-Development – Here, you can ask questions about DPC, provide feedback, and suggest new features and functionality.

DPC-Chat – This channel is for administrators to discuss all things DPC, including deployment strategies, operation, support, and more.

Aovpn-Chat – If you’ve deployed Always On VPN but aren’t using DPC, this is your channel! Although DPC is fantastic, not everyone is using it. In this channel, you can submit questions and share general information about Always On VPN.

Gsa-Chat – We’ve also included a Microsoft Entra Global Secure Access channel for the new Microsoft Security Service Edge (SSE) solution, which includes Entra Private Access. This channel is pretty quiet right now. Hopefully, it will grow in the future!

DirectAccess-Chat – Yes, we realize some of you are still running DirectAccess, so there’s also a channel for you! Feel free to drop in and ask questions here, hopefully about migrating soon. 😉

Who Is This For?

This channel is open to anyone managing Microsoft secure remote access products. Whether you’re an IT administrator in a small business, an enterprise network engineer, or a consultant helping clients stay connected. If you’re working with Microsoft remote access technologies, this is the place to be!

Why Not Reddit?

Funny story: I tried to create an Always On VPN subreddit a few years ago. It lasted one day before it was banned! No reason was given, and I couldn’t get anyone from Reddit to respond. I answer questions ad hoc on Reddit all the time, but there’s no dedicated space for Always On VPN or Microsoft remote access in general.

How To Join

Joining our Discord channel is easy.

  1. Click this link.
  2. Set up your Discord account if you don’t already have one. It’s free and only takes a minute!
  3. Optionally, you can download the Discord app here.
  4. Say hello and introduce yourself in the #general channel.
  5. Explore the other channels, ask questions, give feedback, and share your expertise!

See You There!

Leo and I, along with many other experienced Always On VPN administrators, are on the forums daily. We encourage you to share your expertise, ask questions, and help others along the way. The more we contribute, the stronger this resource becomes for everyone. Join us today!

Additional Information

Always On VPN Discord Channel

Always On VPN Dynamic Profile Configurator (DPC)

DPC on GitHub