In its February 2025 Patch Tuesday update, Microsoft addressed 63 security flaws across various platforms, including Windows, Office, Azure, Visual Studio, and Remote Desktop Services. Notably, this release tackles four zero-day vulnerabilities, two of which are actively being exploited in the wild.
The security flaws covered in this patch release include a mix of severity levels: three critical, 53 important, and one moderately severe. The critical vulnerabilities are all remote code execution (RCE) flaws that could have allowed attackers to execute arbitrary code on affected systems.
Key Vulnerabilities Addressed
Two of the most pressing vulnerabilities patched in this update are actively exploited zero-day flaws:
- CVE-2025-21391 (Windows Storage Elevation of Privilege Vulnerability)
- CVSS: 7.1
This vulnerability allows local, authenticated attackers to delete targeted files on a system. While it doesn’t expose confidential information, it could lead to data loss, potentially making services unavailable. Specific details about its exploitation remain undisclosed.
- CVSS: 7.1
- CVE-2025-21418(Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability)
- CVSS: 7.8
This flaw enables attackers to run a specially crafted program, potentially granting them SYSTEM privileges on Windows. While the attack vector remains unclear, Microsoft notes that the vulnerability was reported anonymously.
- CVSS: 7.8
In addition to the actively exploited flaws, two other publicly disclosed zero-day vulnerabilities have been patched:
- CVE-2025-21194 (Microsoft Surface Security Feature Bypass Vulnerability)
- CVSS: 7.1
This flaw affects the hypervisor on Surface devices, allowing attackers to bypass UEFI and compromise the secure kernel. It is linked to the PixieFail vulnerabilities and was reported by Francisco Falcón and Iván Arce of Quarkslab.
- CVSS: 7.1
- CVE-2025-21377 (NTLM Hash Disclosure Spoofing Vulnerability)
- CVSS: 6.5
This vulnerability allows attackers to access Windows user NTLM hashes with minimal file interaction. Attackers can potentially steal hashes and impersonate users. The vulnerability was discovered by security researchers from Cathay Pacific, Securify B.V., and 0patch by ACROS Security.
- CVSS: 6.5
Recommendations for Users
To safeguard your devices and ensure you’re protected against these vulnerabilities, it’s essential to update your system immediately. To install the February 2025 Patch Tuesday security updates, follow these steps:
- Open Settings.
- Go to Update & Security.
- Select Windows Update and click on Check for updates.
For a detailed list of the vulnerabilities addressed, refer to Microsoft’s full advisory. Staying up to date with security patches is crucial for maintaining the safety and integrity of your systems.
For more updates, keep visiting digifintechedu.com.