Microsoft has taken a significant step in bolstering its security framework with the release of its February Patch Tuesday update, addressing a total of 61 vulnerabilities. Among these, 25 have been classified as critical Remote Code Execution (RCE) vulnerabilities, which pose a substantial risk to users. Notably, three of these vulnerabilities were identified as zero-days, meaning they were actively exploited in the wild prior to the update.
The breadth of this update spans various Microsoft products, including Windows, Office, Visual Studio, Azure, and the .NET Framework, underscoring the importance of timely patching across multiple platforms.
Zero-Day Vulnerabilities
Among the vulnerabilities addressed, three zero-days stand out:
- CVE-2023-24932: This vulnerability relates to a Secure Boot security feature bypass, which could allow an attacker to circumvent security restrictions and execute unauthorized code. Exploitation requires physical access or administrative rights to the target device, along with compromised admin credentials.
- CVE-2025-21391: A Windows Storage elevation of privilege vulnerability, this flaw could enable an attacker to gain higher-level access to the system. While it does not allow for the disclosure of confidential information, it could lead to data deletion, potentially resulting in service unavailability.
- CVE-2025-21418: This vulnerability affects the Windows Ancillary Function Driver for WinSock, allowing attackers to escalate privileges on targeted systems. Successful exploitation could grant an attacker SYSTEM privileges.
Critical Vulnerabilities
Microsoft has classified several vulnerabilities as critical due to their potential for remote code execution:
- CVE-2025-21376: A Windows Lightweight Directory Access Protocol (LDAP) RCE vulnerability that could enable attackers to execute arbitrary code remotely.
- CVE-2025-21379: This vulnerability in the DHCP Client Service may allow remote attackers to execute code with elevated privileges.
- CVE-2025-21381: An RCE vulnerability in Microsoft Excel that could be triggered through malicious spreadsheet files.
Other Notable Vulnerabilities
In addition to the critical vulnerabilities, the update also addresses several important vulnerabilities, including:
- Remote Code Execution Vulnerabilities: Affecting .NET, Visual Studio, Microsoft Office, and Windows Telephony Service.
- Elevation of Privilege Vulnerabilities: Impacting Azure Network Watcher VM Extension, Kernel Streaming WOW Thunk Service Driver, Microsoft AutoUpdate (MAU), and Windows Storage.
- Denial of Service Vulnerabilities: Found in Windows Active Directory Domain Services API, Internet Connection Sharing (ICS), and Windows Kerberos.
- Security Feature Bypass Vulnerabilities: Affecting Microsoft Surface and Windows Kernel security features.
- Spoofing Vulnerabilities: Found in Microsoft Outlook and NTLM Hash Disclosure mechanisms.
- Information Disclosure Vulnerabilities: Affecting Microsoft Excel.
Microsoft Patch Tuesday February 2025 – 61 Vulnerabilities list
| CVE Number | CVE Title | Exploited | c | Max Severity |
| CVE-2025-21376 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | No | Remote Code Execution | Critical |
| CVE-2025-21379 | DHCP Client Service Remote Code Execution Vulnerability | No | Remote Code Execution | Critical |
| CVE-2025-21381 | Microsoft Excel Remote Code Execution Vulnerability | No | Remote Code Execution | Critical |
| CVE-2023-24932 | Secure Boot Security Feature Bypass Vulnerability | Yes | Security Feature Bypass | Important |
With the presence of multiple critical vulnerabilities and three zero-days, Microsoft strongly advises users and organizations to apply the latest updates without delay. Cybersecurity professionals are encouraged to prioritize patching affected systems to mitigate potential threats. Adhering to regular system updates and best security practices remains essential in reducing the risk of exploitation.
Find this Story Interesting! Follow us on Google News, LinkedIn, and X to Get More Instant Updates
