CISOs must urgently address zero-day vulnerabilities affecting Windows and VMware products that are at risk of exploitation. Administrators are particularly warned to act quickly due to a vulnerability with an open proof-of-concept exploit, which is likely to attract threat actors’ attention.
As part of the March Patch Tuesday updates, significant security patches were issued by Microsoft, VMware parent Broadcom, and Cisco Systems. OpenSSH applications must also be reviewed and patched due to the discovery of two vulnerabilities that have persisted for over a decade.
One notable vulnerability in OpenSSH (CVE-2025-26465) surfaced in 2014 and remained undetected until recent findings. This flaw impacts clients using the VerifyHostKeyDNS option.
Broadcom issued urgent guidance regarding three zero-day vulnerabilities in VMware products, which prove particularly dangerous as they allow an attacker to escape virtual machine sandboxes. If these vulnerabilities are chained, they may give unauthorized access to the hypervisor and consequently control over all virtual machines on a server, posing a massive risk to enterprises across various sectors, including finance and healthcare.
CISOs are advised to escalate their responses, moving beyond standard patching by swiftly deploying necessary updates and enhancing monitoring systems for suspicious activities.
For Microsoft products, Windows administrators face the responsibility of patching multiple zero-days and critical vulnerabilities as described in their monthly cumulative update. Several vulnerabilities, such as those affecting the NTFS file system and Windows FAT file system driver, require immediate remediation to prevent unauthorized access and arbitrary code execution.
Actions taken by network infrastructure companies include Cisco and Juniper Networks, both of which have issued patches for critical vulnerabilities. Cisco fixed an issue in Webex for BroadWorks, which could potentially allow unauthorized access to user credentials, while Juniper announced fixes for a severe authentication bypass vulnerability in Session Smart Routers, urging affected users to update their systems promptly.
In addition to these major vendors, several other companies like Progress Software, Fortinet, and Citrix have also released patches addressing various security vulnerabilities that could allow significant remote exploits if left unmitigated. It’s crucial for organizations to stay vigilant and respond swiftly to security updates to safeguard their systems.