Microsoft Windows Security Updates for April 2025 are now available

Martin Brinkmann
Apr 8, 2025
Updated • Apr 9, 2025
Windows Updates
|
11

It is the second Tuesday of the month and that means Microsoft has released security updates for Windows and other company products like Office. Our overview gives regular users and system administrators an overview of what has been released.

It includes information about known issues, new features, links to downloads, an Excel spreadsheet with information about the updates and much more.

Microsoft Windows Security Updates: March 2025

You may download the following Excel spreadsheet to get a list of released updates. Click on the following link to download the archive to the local device: Windows security updates april 2025

Executive Summary

  • Microsoft released a total of 126 security updates for various Microsoft products and 9 security update for non-Microsoft issues (e.g. Chromium).
  • Windows clients with issues:
    • Windows 10 version 1809, 21H2, 22H2
    • Windows 11 version 22H2, 23H2, and 24H2
  • Windows Server clients with issues:
    • Windows Server 2008
    • Windows Server 2019
    • Windows Server 2022

Product overview

Each supported version of Windows and their critical vulnerabilities are listed below.

  • Windows 10 version 22H2: 60 vulnerabilities, 4 critical, 56 important
    • Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability -- CVE-2025-26663
    • Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability --
      CVE-2025-26670
    • Windows TCP/IP Remote Code Execution Vulnerability -- CVE-2025-26686
    • Windows Hyper-V Remote Code Execution Vulnerability -- CVE-2025-27491
  • Windows 11 version 22H2 and 23H2: 66 vulnerabilities, 2 critical, 64 important
    • Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability -- CVE-2025-26663
    • Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability --
      CVE-2025-26670
    • Windows Hyper-V Remote Code Execution Vulnerability -- CVE-2025-27491
  • Windows 11 version 24H2: 66 vulnerabilities, 3 critical, 30 important
    • Same as Windows 11, Version 22H3.

Windows Server products

  • Windows Server 2008 R2 (extended support only): 39 vulnerabilities: 3 critical,  36 important
    • Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability -- CVE-2025-26663
    • Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability --
      CVE-2025-26670
    • Windows TCP/IP Remote Code Execution Vulnerability -- CVE-2025-26686
  • Windows Server 2016: 60 vulnerabilities: 6 critical, 54 important
    • Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability -- CVE-2025-26663
    • Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability --
      CVE-2025-26670
    • Windows TCP/IP Remote Code Execution Vulnerability -- CVE-2025-26686
    • Windows Remote Desktop Services Remote Code Execution Vulnerability -- CVE-2025-27480
    • Windows Remote Desktop Services Remote Code Execution Vulnerability -- CVE-2025-27482
    • Windows Hyper-V Remote Code Execution Vulnerability -- CVE-2025-27491
  • Windows Server 2019: 74 vulnerabilities: 6 critical, 68 important
    • Same as Windows Server 2016
  • Windows Server 2022: 76 vulnerabilities: 5 critical, 29 important
    • Same as Windows Server 2016
  • Windows Server 2025:  82  vulnerabilities: 6 critical, 76 important
    • Same as Windows Server 2016

Windows Security Updates

Windows 10 version 22H2

Updates and improvements:

  • Security updates
  • This update provides Noto CJK (Chinese, Japanese, and Korean) fonts in Windows.
  • Improved support for web search providers in the EEA.

Windows 11 version 22H2 / 23H2

Updates and improvements:

  • Security updates.
  • Gamepad keyboard layout is now available for the touch keyboard.
  • Chinese support in Voice access.
  • Top cards in System > About.

Windows 11 version 24H2

Updates and improvements:

  • Security updates.
  • [Copilot+ PCs] Improved Windows search using semantic indexing models with traditional lexical indexing.
  • [Copilot+ PCs] Search for cloud-stored photos using natural language.
  • [Copilot+ PCs] Improves Live captions and real-time translations on AMD and Intel systems. Snapdragon systems get support for additional languages for real-time translations.
  • [Copilot+ PCs] Natural language commanding in voice access on Snapdragon systems. Also Chinese support.
  • Gamepad keyboard layout is now available for the touch keyboard.
  • Improved discoverability of emoji and more panels.
  • Top Cards feature under System > About.
  • Support for lock screen widgets in the EEA.

Windows Security updates

2025-04 Cumulative Security Update for Internet Explorer (KB5055515)

2025-04 Security Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5057588)

2025-04 Cumulative Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5055526)

2025-04 Security Update for Windows 10 Version 22H2 and Windows 10 Version 21H2 (KB5057589)

2025-04 Cumulative Update for Windows 10 Version 22H2 and Windows 10 Version 21H2 (KB5055518)

Windows Server:

2025-04 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB5055561)

2025-04 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5055570)

2025-04 Security Only Quality Update for Windows Server 2008 (KB5055596)

2025-04 Security Monthly Quality Rollup for Windows Server 2008 (KB5055609)

2025-04 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB5055557)

2025-04 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems (KB5055581)

2025-04 Cumulative Update for Windows Server 2016 and Windows 10 Version 1607 (KB5055521)

2025-04 Cumulative Update for Windows Server 2019 and Windows 10 Version 1809 (KB5055519)

Servicing Stack Updates:

2025-04 Servicing Stack Update for Windows Server 2016 and Windows 10 Version 1607 (KB5055661)

2025-04 Servicing Stack Update for Windows Server 2012 R2 for x64-based Systems (KB5055665)

2025-04 Servicing Stack Update for Windows Server 2012 for x64-based Systems (KB5055667)

2025-04 Servicing Stack Update for Windows Server 2008 R2 for x64-based Systems (KB5056456)

2025-04 Servicing Stack Update for Windows Server 2008 (KB5056457)

Non-Security updates

2025-04 Security and Quality Rollup for .NET Framework 4.6.2 for Windows Server 2008 R2 and Windows Server 2008 (KB5054696)

2025-04 Security and Quality Rollup for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Server 2012 for x64 (KB5054697)

2025-04 Security and Quality Rollup for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Server 2012 R2 for x64 (KB5054698)

2025-04 Security and Quality Rollup for .NET Framework 4.8 for Windows Server 2008 R2 for x64 (KB5055171)

2025-04 Security and Quality Rollup for .NET Framework 4.8 for Windows Server 2012 for x64 (KB5055172)

2025-04 Security and Quality Rollup for .NET Framework 4.8 for Windows Server 2012 R2 for x64 (KB5055173)

2025-04 Security and Quality Rollup for .NET Framework 3.5.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2008 R2 (KB5055684)

2025-04 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 (KB5055685)

2025-04 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 R2 (KB5055686)

2025-04 Security and Quality Rollup for .NET Framework 2.0, 3.0, 3.5 SP1, 4.6.2 for Windows Server 2008 (KB5055687)

2025-04 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Microsoft server operating system, version 22H2 for x64 (KB5054693)

2025-04 Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows Server 2019 and Windows 10 Version 1809 (KB5054695)

2025-04 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Microsoft server operating system, version 23H2 for x64 (KB5054705)

2025-04 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 22H2 and Windows 10 Version 21H2 (KB5054977)

2025-04 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 10 Version 22H2 and Windows 10 Version 21H2 (KB5054978)

2025-04 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11 version 23H2 & version 22H2 (KB5054980)

2025-04 Cumulative Update for .NET Framework 3.5 and 4.8 for Microsoft server operating system, version 22H2 for x64 (KB5055169)

2025-04 Cumulative Update for .NET Framework 4.8 for Windows Server 2016 and Windows 10 Version 1607 (KB5055170)

2025-04 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server 2019 and Windows 10 Version 1809 (KB5055175)

2025-04 Dynamic Update for Windows 10 Version 21H2 (KB5055674)

2025-04 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Microsoft server operating system, version 22H2 for x64 (KB5055680)

2025-04 Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows Server 2019 and Windows 10 Version 1809 (KB5055681)

2025-04 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 21H2 (KB5055682)

2025-04 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 22H2 (KB5055683)

2025-04 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Microsoft server operating system version 21H2 for x64 (KB5055688)

2025-04 Dynamic Update for Microsoft server operating system, version 22H2 for x64-based Systems (KB5055765)

2025-04 Dynamic Update for Windows 10 Version 1607 (KB5055768)

2025-04 Dynamic Update for Windows 10 Version 1809 (KB5055769)

2025-04 Dynamic Update for Windows 10 Version 1507 (KB5055770)

2025-04 Dynamic Update for Microsoft server operating system, version 22H2 for x64-based Systems (KB5055771)

2025-04 Dynamic Update for Windows 10 Version 21H2 & Update for Windows 10 Version 22H2 (KB5056474)

Known Issues

Windows 10 version 22H2

  • (OLD) Windows Event Viewer may display an error related to SgrmBroker.exe on devices with the January 14, 2025 update or later installed. It is logged as Event 7023 and the text should say "The System Guard Runtime Monitor Broker service terminated with the following error:".
    • Workaround: Microsoft says that this error has no impact on performance or functionality. The service has not been used "for a very long time" according to Microsoft.
  • (OLD) Devices with Citrix components installed may not be able to install the January 2025 security updates.
    • Citrix has released a workaround that needs to be applied before installing the January 2025 security updates. Link here
  • (Fixed) Issue with certain types of USB printers that printed automatically.
    • Workaround: Microsoft resolved the issue with a Known Issue Rollback. System administrators need to make Group Policy changes to apply this. Link here

Windows 11 version 22H2 and 23H2

  • (OLD) Devices with Citrix components installed may not be able to install the January 2025 security updates.
    • Citrix has released a workaround that needs to be applied before installing the January 2025 security updates. Link here
  • (Fixed) Issue with certain types of USB printers that printed automatically.
    • Workaround: Microsoft resolved the issue with a Known Issue Rollback. System administrators need to make Group Policy changes to apply this. Link here

Windows 11 version 24H2

  • (NEW) Windows users who use Windows Hello to sign-in may experience the following. When they reset the PC and decided to keep the files and pick local install, they may be unable to login using Windows Hello facial recognition or their PIN.
    • Workaround: to log on using a PIN, users need to select Set my PIN on the logon screen to re-enroll. Face logon can only be enabled after the initial sign-in. Check Settings > Accounts > Sign-in options > Facial recognition (Windows Hello) > Set up for that.
  • (OLD) Devices with Citrix components installed may not be able to install the January 2025 security updates.
    • Citrix has released a workaround that needs to be applied before installing the January 2025 security updates. Link here
  • (OLD) Players on ARM devices may not be able to play Roblox via the Microsoft Store.

Security advisories and updates

Microsoft Office Updates

You find Office update information here.

How to download and install the April 2025 security updates

All non-managed Windows systems install security updates by default automatically. This does not happen in real-time though, and it may make sense in some scenarios to install them early.

We do recommend that you create a backup of the opera ting system before the update process is started. You may use the free Paragon Backup & Recovery Free software for that or any other suitable backup software.

Once done, complete the following three steps to get started:

  1. Open the Start menu, type Windows Update, and select the result.
  2. Activate the "check for updates" button. This runs a manual check for updates.
  3. Activate the "download & install all" button, if the update is not downloaded automatically.

Direct update downloads

Below are resource pages with direct download links, if you prefer to download the updates to install them manually.

Windows 10 version 22H2

  • KB5055518 -- 2025-04 Cumulative Update for Windows 10 Version 22H2

Windows 11 version 22H2

  • KB5055528 -- 2025-04 Cumulative Update for Windows 11 version 22H2

Windows 11 version 23H2
  • KB5055528 -- 2025-04 Cumulative Update for Windows 11 version 23H2

Windows 11 version 24H2

  • KB5055523 -- 2025-04 Cumulative Update for Windows 11 version 24H2

Additional resources

Summary
Microsoft Windows Security Updates for April 2025 are now available
Article Name
Microsoft Windows Security Updates for April 2025 are now available
Description
This is our overview of the security updates that Microsoft released in April 2025 as part of the Windows Patch Tuesday.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Related content

Bug in Windows 11 Update disables Windows Hello authentication for some users

Windows: Empty inetpub folder creates a new security problem

The Windows security updates for March 2025 are now available
Windows update

The Windows security updates for February 2025 are now available

The Windows security updates for January 2025 are now available
Windows 11 version 21H2 and 22H2 will reach end of support in October

Microsoft releases the December 2024 security updates for Windows

Microsoft releases the November 2024 security updates for Windows

Previous Post: «
Next Post: «

Comments

  1. Tachy said on April 25, 2025 at 1:17 am
    Reply

    I just installed KB5055528 (win 11 23H2) and now “NT Kernel & System” requires access through the firewall to access PC’s on the LAN with explorer.

    Also…

    Now when ever I connect to my VPN “NT Kernel & System” asks for access to the ip I get assigned, I refuse and it’s not affecting anything while connected to the VPN.

    Note: “Asks for” because I use WFC to prevent M$ from creating firewall rules. If your not using something that does the same, you won’t notice when M$ opens your firewall to whatever it wants to.

    Why now does “system” want all this network access for me to connect to things I’ve been connecting to all along?

  2. SkyNet said on April 9, 2025 at 12:49 pm
    Reply

    I am glad I bought MacBook Air 2025 this month…everything works as it should smoothly. All this years didn’t know what I was missing. Now I know that MS sucks.

  3. Tachy said on April 9, 2025 at 6:12 am
    Reply

    As always, give a few weeks to see what they F’d up ;)~

    1. VioletMoon said on April 9, 2025 at 11:10 pm
      Reply

      Yes, I like to wait at least one week; make sure updates are paused. Create an image or a restore point in case the updates get through anyway.

  4. ONE MICROSOFT WAY said on April 9, 2025 at 5:11 am
    Reply

    Enjoy the proprietary updates for your proprietary OS!

    You cannot audit either of them so they might as well say the recent update summons unicorns from a portal at CERN and you’d have to take them at their word because YOU HAVE TO BLINDLY TRUST THEM.

    And trusting Microsoft (a convicted monopoly) IMO is a dangerous bet.

    1. Allwynd said on April 9, 2025 at 8:37 am
      Reply

      People who still use Windows despite knowing about Linux and having the intelligence to use it are the problem. I know someone personally who is smart and learns new things easily, but has views against Linux and other topics and they aren’t based on reality, facts or personal experience, just being fed lies and then actively going out of their way to seek more of those lies to reinforce the false idea.

      It’s really sad to watch these people arguing how Linux is “not good enough, doesn’t work, there are issues with drivers or running non-Linux programs or the existence of such”. They won’t even try if it works or not, but parrot other people’s words they saw on the internet.

      My first experience with Linux date from 2008 and back then I had lots of trouble setting Ubuntu 8.04 up. I remember I couldn’t get some drivers to work and gave up, also I was a kid back then and didn’t have the determination, resilience and patience to find solutions or anything. And I gave up, but my interest in Linux did not disappear, I got a laptop around 2009-2010 and I tried Linux on it and it sort of worked, but not as I expected, I only kept it for a month and still being an impatient kid, I couldn’t deal with its shenanigans and I wanted to play games, lots of games, with ease so I gave it up and went back to Windows. And I tried again sometime around 2016, with more patience and everything, but I couldn’t set up my graphics drivers and gave up. Finally in 2024, my patience with Windows completely evaporated and I decided to move to Linux or at least give it another shot, wiped my disk where Windows was completely, installed Linux and was surprised that things began working out – all my drivers were installed, I could play games on Linux with good FPS. Since then, I’ve been using Linux for a year now and I learned so much, I’ve gradually stopped playing games save for a few old titles, but now everything I want to accomplish, I can on Linux, sometimes it may take a bit more time, but it’s still much better.

      My point being is that as you expose yourself to something new and you stick with it, you gradually learn the ins and outs and gain a better understanding of it. If I knew what I did now about Linux a few years ago, I would have moved way sooner. But unless people incorporate this way of thinking, Linux will always be a niche, because they are brainwashed to think Windows is the only option, even if they don’t like it, they continue to go through mental gymnastics “how Windows is not so bad actually”, but the reality is since Windows 8 it has been becoming more user-unfriendly and more controlling. Comparing it to my experience with XP, Vista, 7, Windows now feels like a prison and anyone using it is being punished for something.

      1. bruh said on April 9, 2025 at 3:01 pm
        Reply

        Linux is a very arrogant operating system, the sheer hubris it entails is beyond belief, it has the arrogance to assume my time isn’t valuable.
        When I use cmd/powershell in Windows, it’s because I’m trying to be cool (or if using modern windows, because I’m trying to avoid the modern UI), when I use the command line in Linux it’s because that is the only documented way to do something.
        The time I spent learning Linux I do consider wasted, I thought I was missing out, but not really.

      2. Allwynd said on April 10, 2025 at 12:53 am
        Reply

        I think Linux is the way it is because it didn’t get enough support to be mainstream consumer OS. I believe reading about how in the early-mid 90s it was shipped on IBM computers and it being free meant computers with Linux costed less than computers with Windows and Microsoft felt threatened by that so they sabotaged IBM and with a lawsuit they bankrupted them, because they were afraid of the free and superior OS that is more versatile and resilient.

        At this point I don’t want to say Linux is better, because in some regards like usability it still isn’t and this is a major drawback and pretending like it doesn’t exist is disingenuous. But I think Microsoft in their monopoly have ruined Windows to the point where Linux is becoming more appealing as a daily driver for casual home users.

        When I moved to Mint in March 2024, I didn’t have to use the terminal pretty much at all. The only issues I had and tried to solve was me using some 1600×900 monitor that was VGA and my GPU only had HDMI so I had to use a VGA to HDMI cable, on Windows I had my proper resolution, but due to the VGA to HDMI, everything looked blurry. On Linux I could not get my resolution no matter what I did so I had to run on 1366×768 and have double blur, once from the cable and twice from the lower resolution. Eventually I went and bought a brand new monitor and that problem immediately went away. All my previous attempts to fix it through terminal were unsuccesful.

        Now I don’t have to use the terminal at all – brand new install of Mint, I just have to change my driver from the Drivers program, I have to make my second disk to mount automatically on boot instead of be visible but unmounted and install my programs like browser, video player and such, just like on Windows. It doesn’t cost me any more time and I like Mint for that – it’s as easy as Windows to set up except some things are different in their approach since it’s a different OS.

        Now I don’t feel the difference at all and at times I forget I’m using Linux at all. It’s not ideal, but it beats Windows by my standards since I don’t have to play an unending game of cat and mouse with the OS to keep things the way I want them to be.

  5. Paul(us) said on April 8, 2025 at 11:56 pm
    Reply

    Thanks to Martin at Ghacks a Million for helping me understand what I was doing when I updated to Windows 10 pro. version 22H2 (OS build 19045.5737.

  6. Anonymous said on April 8, 2025 at 10:16 pm
    Reply

    The update KB for Win 11 22H2 and 23H2 are showing as the same as 24H2 in the article at this time. It should be KB5055528.

    1. Martin Brinkmann said on April 9, 2025 at 8:08 am
      Reply

      Thank you, corrected!

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.

Advertisement

Spread the Word

Advertisement

Hot Discussions

Advertisement

Recently Updated

Advertisement

About gHacks

Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.

The name and logo of Ghacks are copyrights or trademarks of SOFTONIC INTERNATIONAL S.A.
Copyright SOFTONIC INTERNATIONAL S.A. © 2005- 2025 - All rights reserved