MC1028758 – The March 2025 Windows security update is now available

Product:

SharePoint, Windows, Windows Server

Platform:

Online, Windows Desktop, World tenant

Status:

Change type:

Admin impact

Links:

Details:

The March 2025 security update is now available for all supported versions of Windows. We recommend that you install these updates promptly. For more information about the contents of this update, see the release notes, which are easily accessible from the Windows 11 and Windows 10 update history pages. To learn more about the different types of monthly quality updates, see Windows monthly updates explained.

Highlights for the Windows 11, version 24H2 update:
This security update includes improvements that were a part of update KB5052093 (released February 25, 2025).
This update makes quality improvements to the servicing stack, which is the component that installs Windows updates.
This update addresses security issues for your Windows operating system.


Short on time? Watch our Windows 11 release notes video for this month's tips.


For instructions on how to install this update, see the KB for your operating system listed below:
Windows 11, version 24H2: KB5053598
Windows 11, versions 23H2 and 22H2: KB5053602
Windows 10, versions 22H2 and 21H2: KB5053606
Windows 10 Enterprise LTSC 2019 and Windows Server 2019: KB5053596
Windows 10 LTSB 2016 and Windows Server 2016: KB5053594
Windows 10 LTSB 2015: KB5053618
Windows Server 2025: KB5053598
Windows Server 2022: KB5053603
Windows Server 2012 R2: Monthly Rollup: KB5053887
Windows Server 2012: Monthly Rollup: KB5053886
Windows Server 2008 R2 Service Pack 1: Monthly Rollup: KB5053620 / Security Only: KB5053627
Windows Server 2008 SP2: Monthly Rollup: KB5053888 / Security Only: KB5053995

Change Category:
XXXXXXX ... free basic plan only

Scope:
XXXXXXX ... free basic plan only

Release Phase:

Created:
2025-03-12

updated:
2025-03-12

Task Type

XXXXXXX ... free basic plan only

Docu to Check

XXXXXXX ... free basic plan only

MS Preperations

XXXXXXX ... free basic plan only

MS Urgency

XXXXXXX ... free basic plan only

MS workload name

XXXXXXX ... free basic plan only

summary for non-techies**

XXXXXXX ... free basic plan only

Direct effects for Operations**

System Downtime
Failure to install the security update may lead to system vulnerabilities, resulting in potential downtime due to security breaches.
   - roles: IT Administrator, System Engineer
   - references: https://support.microsoft.com/help/5052093

User Experience Degradation
Without the update, users may experience performance issues or bugs that have been resolved in the latest version, leading to frustration and decreased productivity.
   - roles: End User, Help Desk Support
   - references: https://support.microsoft.com/help/5053602

Increased Security Risks
Not applying the security update exposes the organization to malware and cyber attacks, compromising sensitive data and user trust.
   - roles: Security Analyst, Compliance Officer
   - references: https://support.microsoft.com/help/5053598

Compatibility Issues
Older versions of Windows may not function properly with new applications or updates, leading to compatibility issues for users.
   - roles: Application Developer, IT Support Specialist
   - references: https://support.microsoft.com/help/5053603

Increased Support Tickets
Failure to prepare for the update may result in a surge of support tickets from users facing issues, overwhelming the IT support team.
   - roles: Help Desk Support, IT Manager
   - references: https://support.microsoft.com/help/5053618

Configutation Options**

XXXXXXX ... paid membership only

Opportunities**

Automated Update Management
Implementing an automated update management system can streamline the process of applying security updates, reducing the workload on IT staff and ensuring that all systems are consistently updated without manual intervention. This can improve security posture and reduce the risk of vulnerabilities due to outdated software.
   - next-steps: Research and select an appropriate automated update management tool that integrates with existing systems. Pilot the tool in a controlled environment before full deployment.
   - roles: IT Administrators, Security Officers, System Engineers
   - references: https://www.microsoft.com/en-us/security/blog/2023/09/01/automating-windows-update-management/

User Education on Update Importance
Creating a user education program focused on the importance of timely updates can enhance user compliance and awareness. Educated users are more likely to ensure their devices are updated promptly, reducing security risks associated with outdated systems.
   - next-steps: Develop training materials and schedule sessions to educate users on the importance of updates and how to check for them. Monitor compliance rates post-training to measure effectiveness.
   - roles: Training Coordinators, IT Support Staff, End Users
   - references: https://www.csoonline.com/article/3570420/the-importance-of-user-education-in-cybersecurity.html

Centralized Update Reporting
Implementing a centralized reporting system for updates can provide visibility into which systems are updated and which are not. This can help in identifying compliance issues and prioritizing systems that need immediate attention, thus improving overall IT operations efficiency.
   - next-steps: Evaluate existing reporting tools and consider integrating a centralized dashboard that aggregates update statuses across the organization. Train IT staff on using the new reporting system.
   - roles: IT Managers, Compliance Officers, System Administrators
   - references: https://www.techrepublic.com/article/how-to-create-a-centralized-update-reporting-system-for-windows/

Potentional Risks**

XXXXXXX ... paid membership only

IT Security**

XXXXXXX ... paid membership only

explanation for non-techies**

XXXXXXX ... free basic plan only