The March 2025 Security Update Review

**Executive summary:** Adobe published seven bulletins addressing 37 CVEs (multiple Critical-rated code-execution flaws) and Microsoft released dozens of updates (56 new CVEs, 67 including third-party) that include multiple actively exploited vulnerabilities—most notably CVE-2025-26633 used by EncryptHub/Larva-208—which together warrant prioritizing Reader/Illustrator/InDesign fixes and the actively exploited Microsoft updates for rapid deployment.