EHA
Home Cyber Security News Microsoft Releases February 2025 Patch Tuesday Update Addressing 61 Vulnerabilities

Microsoft Releases February 2025 Patch Tuesday Update Addressing 61 Vulnerabilities

By
AnuPriya
-
0

February 12, 2025 – Microsoft has rolled out its February 2025 Patch Tuesday update, addressing a total of 61 vulnerabilities across its product ecosystem.

The update includes fixes for 25 critical Remote Code Execution (RCE) vulnerabilities, three of which are zero-day vulnerabilities actively exploited in the wild.

The security updates span a wide range of Microsoft products, including Windows, Office, Visual Studio, Azure, and the .NET Framework, emphasizing the need for organizations to act swiftly to mitigate potential threats.

Zero-Day Vulnerabilities: Actively Exploited Threats

Among the patched vulnerabilities, three zero-day flaws were identified as actively exploited:

  1. CVE-2023-24932: A Secure Boot security feature bypasses vulnerability allowing attackers with physical access or administrative rights to install unauthorized boot policies.
  2. CVE-2025-21391: A Windows Storage elevation of privilege vulnerability enabling attackers to delete critical data and disrupt services.
  3. CVE-2025-21418: An elevation of privilege vulnerability in the Windows Ancillary Function Driver for WinSock, potentially granting SYSTEM-level privileges to attackers.

Microsoft urges users to prioritize patching these zero-day vulnerabilities immediately to prevent further exploitation.

Critical Vulnerabilities: Remote Code Execution Risks

The February update also addresses several critical RCE vulnerabilities that pose significant risks if left unpatched. Notable examples include:

  • CVE-2025-21376: A Windows Lightweight Directory Access Protocol (LDAP) RCE vulnerability enabling remote code execution.
  • CVE-2025-21379: A DHCP Client Service RCE vulnerability that could allow attackers to execute code with elevated privileges remotely.
  • CVE-2025-21381: An RCE vulnerability in Microsoft Excel triggered by malicious spreadsheet files.

These vulnerabilities highlight the importance of applying updates to prevent potential unauthorized access and system compromise.

Microsoft Patch Tuesday, February 2025 – 61 Vulnerabilities list

CVE NumberCVE TitleExploitedcMax Severity
CVE-2025-21376Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution VulnerabilityNoRemote Code ExecutionCritical
CVE-2025-21379DHCP Client Service Remote Code Execution VulnerabilityNoRemote Code ExecutionCritical
CVE-2025-21381Microsoft Excel Remote Code Execution VulnerabilityNoRemote Code ExecutionCritical
CVE-2023-24932Secure Boot Security Feature Bypass VulnerabilityYesSecurity Feature BypassImportant
CVE-2025-21176.NET, .NET Framework, and Visual Studio Remote Code Execution VulnerabilityNoRemote Code ExecutionImportant
CVE-2025-21178Visual Studio Remote Code Execution VulnerabilityNoRemote Code ExecutionImportant
CVE-2025-21172.NET and Visual Studio Remote Code Execution VulnerabilityNoRemote Code ExecutionImportant
CVE-2025-21188Azure Network Watcher VM Extension Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportant
CVE-2025-21206Visual Studio Installer Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportant
CVE-2025-21351Windows Active Directory Domain Services API Denial of Service VulnerabilityNoDenial of ServiceImportant
CVE-2025-21352Internet Connection Sharing (ICS) Denial of Service VulnerabilityNoDenial of ServiceImportant
CVE-2025-21368Microsoft Digest Authentication Remote Code Execution VulnerabilityNoRemote Code ExecutionImportant
CVE-2025-21369Microsoft Digest Authentication Remote Code Execution VulnerabilityNoRemote Code ExecutionImportant
CVE-2025-21375Kernel Streaming WOW Thunk Service Driver Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportant
CVE-2025-21383Microsoft Excel Information Disclosure VulnerabilityNoInformation DisclosureImportant
CVE-2025-21182Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportant
CVE-2025-21183Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportant
CVE-2025-21391Windows Storage Elevation of Privilege VulnerabilityYesElevation of PrivilegeImportant
CVE-2025-21418Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityYesElevation of PrivilegeImportant
CVE-2025-21419Windows Setup Files Cleanup Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportant
CVE-2025-21420Windows Disk Cleanup Tool Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportant
CVE-2023-32002HackerOne: CVE-2023-32002 Node.js `Module._load()` policy Remote Code Execution VulnerabilityNoRemote Code ExecutionImportant
CVE-2025-24036Microsoft AutoUpdate (MAU) Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportant
CVE-2025-24039Visual Studio Code Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportant
CVE-2025-21259Microsoft Outlook Spoofing VulnerabilityNoSpoofingImportant
CVE-2025-21194Microsoft Surface Security Feature Bypass VulnerabilityNoSecurity Feature BypassImportant
CVE-2025-21208Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityNoRemote Code ExecutionImportant
CVE-2025-21406Windows Telephony Service Remote Code Execution VulnerabilityNoRemote Code ExecutionImportant
CVE-2025-21407Windows Telephony Service Remote Code Execution VulnerabilityNoRemote Code ExecutionImportant
CVE-2025-21410Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityNoRemote Code ExecutionImportant
CVE-2025-21190Windows Telephony Service Remote Code Execution VulnerabilityNoRemote Code ExecutionImportant
CVE-2025-21200Windows Telephony Service Remote Code Execution VulnerabilityNoRemote Code ExecutionImportant
CVE-2025-21201Windows Telephony Server Remote Code Execution VulnerabilityNoRemote Code ExecutionImportant
CVE-2025-21198Microsoft High Performance Compute (HPC) Pack Remote Code Execution VulnerabilityNoRemote Code ExecutionImportant
CVE-2025-21337Windows NTFS Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportant
CVE-2025-21347Windows Deployment Services Denial of Service VulnerabilityNoDenial of ServiceImportant
CVE-2025-21349Windows Remote Desktop Configuration Service Tampering VulnerabilityNoTamperingImportant
CVE-2025-21350Windows Kerberos Denial of Service VulnerabilityNoDenial of ServiceImportant
CVE-2025-21358Windows Core Messaging Elevation of Privileges VulnerabilityNoElevation of PrivilegeImportant
CVE-2025-21359Windows Kernel Security Feature Bypass VulnerabilityNoSecurity Feature BypassImportant
CVE-2025-21367Windows Win32 Kernel Subsystem Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportant
CVE-2025-21371Windows Telephony Service Remote Code Execution VulnerabilityNoRemote Code ExecutionImportant
CVE-2025-21377NTLM Hash Disclosure Spoofing VulnerabilityNoSpoofingImportant
CVE-2025-21386Microsoft Excel Remote Code Execution VulnerabilityNoRemote Code ExecutionImportant
CVE-2025-21387Microsoft Excel Remote Code Execution VulnerabilityNoRemote Code ExecutionImportant
CVE-2025-21390Microsoft Excel Remote Code Execution VulnerabilityNoRemote Code ExecutionImportant
CVE-2025-21392Microsoft Office Remote Code Execution VulnerabilityNoRemote Code ExecutionImportant
CVE-2025-21394Microsoft Excel Remote Code Execution VulnerabilityNoRemote Code ExecutionImportant
CVE-2025-21397Microsoft Office Remote Code Execution VulnerabilityNoRemote Code ExecutionImportant
CVE-2025-21400Microsoft SharePoint Server Remote Code Execution VulnerabilityNoRemote Code ExecutionImportant
CVE-2025-21179DHCP Client Service Denial of Service VulnerabilityNoDenial of ServiceImportant
CVE-2025-21181Microsoft Message Queuing (MSMQ) Denial of Service VulnerabilityNoDenial of ServiceImportant
CVE-2025-21184Windows Core Messaging Elevation of Privileges VulnerabilityNoElevation of PrivilegeImportant
CVE-2025-21212Internet Connection Sharing (ICS) Denial of Service VulnerabilityNoDenial of ServiceImportant
CVE-2025-21216Internet Connection Sharing (ICS) Denial of Service VulnerabilityNoDenial of ServiceImportant
CVE-2025-21254Internet Connection Sharing (ICS) Denial of Service VulnerabilityNoDenial of ServiceImportant
CVE-2025-21322Microsoft PC Manager Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportant
CVE-2025-21414Windows Core Messaging Elevation of Privileges VulnerabilityNoElevation of PrivilegeImportant
CVE-2025-21373Windows Installer Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportant
CVE-2025-24042Visual Studio Code JS Debug Extension Elevation of Privilege VulnerabilityNoElevation of PrivilegeImportant

Call to Action for Organizations

Microsoft emphasizes the importance of applying these updates promptly, especially given the presence of actively exploited zero-day vulnerabilities and critical RCE flaws.

Cybersecurity professionals are encouraged to implement best practices, including regular system updates, monitoring for unusual activity, and ensuring administrative credentials are secure.

For detailed information on all vulnerabilities patched in this update, refer to Microsoft’s official documentation or consult your IT security team for guidance on deploying these updates effectively.

Also Read:

SolarWinds Web Help Desk Vulnerability Exposes Sensitive Data Through Weak Cryptographic Key Management

RELATED ARTICLES

NO COMMENTS

LEAVE A REPLY

Please enter your comment!
Please enter your name here

© Copyright 2024 - Cyber Press
Exit mobile version