This month’s Patch Tuesday updates from Microsoft arrived with over 50 safety fixes, changing into a comparatively modest replace bundle as in comparison with the January updates. Nonetheless, what makes the February Patch Tuesday essential for Microsoft customers is the safety fixes for some zero-day vulnerabilities.
Microsoft Patch Tuesday February Safety Fixes
A very powerful safety fixes within the newest Patch Tuesday tackle 4 completely different zero-day vulnerabilities. Two of those flaws had been publicly disclosed however escaped energetic exploitation, whereas the opposite two had been attacked regardless of remaining undisclosed. Beneath is a fast overview of those vulnerabilities.
- CVE-2025-21418 (essential; CVSS 7.8): A privilege escalation vulnerability in Home windows Ancillary Operate Driver for WinSock. Exploiting the flaw may permit SYSTEM privileges to the attacker. Whereas it remained undisclosed prior a repair, Microsoft confirmed detecting energetic exploitation for it.
- CVE-2025-21391 (essential; CVSS 7.1): One other privilege escalation vulnerability that went below assault prior a repair. This vulnerability existed in Home windows Storage, permitting an attacker to delete information on the goal machine. Whereas this vulnerability didn’t result in info disclosure, an adversary may nonetheless brick the goal system by deleting some essential information.
- CVE-2025-21194 (essential; CVSS 7.1): A safety function bypass in Microsoft Floor that grew to become publicly disclosed. But, it escaped energetic exploitation doubtless as a result of difficulties related to it. Microsoft confirmed that exploiting this flaw required “a number of circumstances to be met,” that too after the attacker gained entry to the goal restricted community. Even upon assembly all necessities, the attacker needed to depend on a bodily person to reboot the goal machine for a profitable exploit. If finished, the vulnerability may permit bypassing UEFI and compromising the safe kernel and hypervisor.
- CVE-2025-21377 (essential; CVSS 6.5): A spoofing vulnerability affecting NTLM Hash Disclosure. It’s one other publicly disclosed vulnerability that remained unexploited earlier than the patch. An attacker may exploit the flaw by tricking the goal person into interacting with a maliciously crafted file. As soon as finished, the vulnerability would disclose the person’s NTLMv2 hash, letting the attacker authenticate because the sufferer person.
Different Noteworthy Patches From Microsoft
Along with the above, Microsoft addressed three important severity vulnerabilities this month. These embody 2 distant code execution vulnerabilities every in DHCP Consumer Service (CVE-2025-21379) and Home windows Light-weight Listing Entry Protocol (LDAP) (CVE-2025-21376) respectively, and a privilege escalation flaw in Microsoft Dynamics 365 Gross sales (CVE-2025-21177).
This replace bundle additionally patched 49 vulnerabilities of essential severity and a single low severity flaw. Customers should guarantee immediate updates to their gadgets to obtain all safety fixes in time and keep away from potential threats.
Tell us your ideas within the feedback.
