This month’s Patch Tuesday updates from Microsoft arrived with over 50 safety fixes, changing into a comparatively modest replace bundle as in comparison with the January updates. Nonetheless, what makes the February Patch Tuesday vital for Microsoft customers is the safety fixes for some zero-day vulnerabilities.
Microsoft Patch Tuesday February Safety Fixes
Crucial safety fixes within the newest Patch Tuesday tackle 4 completely different zero-day vulnerabilities. Two of those flaws have been publicly disclosed however escaped lively exploitation, whereas the opposite two have been attacked regardless of remaining undisclosed. Beneath is a fast overview of those vulnerabilities.
- CVE-2025-21418 (vital; CVSS 7.8): A privilege escalation vulnerability in Home windows Ancillary Operate Driver for WinSock. Exploiting the flaw might permit SYSTEM privileges to the attacker. Whereas it remained undisclosed prior a repair, Microsoft confirmed detecting lively exploitation for it.
- CVE-2025-21391 (vital; CVSS 7.1): One other privilege escalation vulnerability that went below assault prior a repair. This vulnerability existed in Home windows Storage, permitting an attacker to delete information on the goal system. Whereas this vulnerability didn’t result in info disclosure, an adversary might nonetheless brick the goal system by deleting some vital information.
- CVE-2025-21194 (vital; CVSS 7.1): A safety characteristic bypass in Microsoft Floor that turned publicly disclosed. But, it escaped lively exploitation possible as a result of difficulties related to it. Microsoft confirmed that exploiting this flaw required “a number of circumstances to be met,” that too after the attacker gained entry to the goal restricted community. Even upon assembly all necessities, the attacker needed to depend on a bodily person to reboot the goal machine for a profitable exploit. If carried out, the vulnerability might permit bypassing UEFI and compromising the safe kernel and hypervisor.
- CVE-2025-21377 (vital; CVSS 6.5): A spoofing vulnerability affecting NTLM Hash Disclosure. It’s one other publicly disclosed vulnerability that remained unexploited earlier than the patch. An attacker might exploit the flaw by tricking the goal person into interacting with a maliciously crafted file. As soon as carried out, the vulnerability would disclose the person’s NTLMv2 hash, letting the attacker authenticate because the sufferer person.
Different Noteworthy Patches From Microsoft
Along with the above, Microsoft addressed three vital severity vulnerabilities this month. These embody 2 distant code execution vulnerabilities every in DHCP Consumer Service (CVE-2025-21379) and Home windows Light-weight Listing Entry Protocol (LDAP) (CVE-2025-21376) respectively, and a privilege escalation flaw in Microsoft Dynamics 365 Gross sales (CVE-2025-21177).
This replace bundle additionally patched 49 vulnerabilities of vital severity and a single low severity flaw. Customers should guarantee immediate updates to their gadgets to obtain all safety fixes in time and keep away from potential threats.
Tell us your ideas within the feedback.