Microsoft has released its February 2025 Patch Tuesday security update, a crucial monthly enhancement for Windows that consolidates all security patches and stability fixes developed since the previous release. While these updates may not introduce new user-facing features, their significance cannot be overstated.
According to Bleeping Computer, this latest update addresses 55 security vulnerabilities across the Windows platform. The breakdown of these flaws includes:
- 22 remote code execution vulnerabilities
- 19 elevation of privilege vulnerabilities
- 9 denial of service vulnerabilities
- 3 spoofing vulnerabilities
- 2 security feature bypass vulnerabilities
- 1 information disclosure vulnerability
Here’s what Microsoft fixed with its latest Patch Tuesday update
Among these 55 vulnerabilities, four were deemed particularly critical, with two requiring immediate attention. These four flaws were classified as zero-day vulnerabilities, meaning they were publicly known without an available patch, creating a potential risk for exploitation. The urgency lies in the fact that if software developers can identify and rectify these flaws before they are exploited, the likelihood of a breach diminishes significantly.
In this update, two of the zero-day vulnerabilities have not been reported as actively exploited. One of these is CVE-2025-21194, a security feature bypass vulnerability related to Microsoft Surface devices. This flaw could potentially allow an attacker to bypass the Unified Extensible Firmware Interface (UEFI), compromising both the hypervisor and secure kernel of specific machines. Essentially, this could enable unauthorized access to the core functions of Windows virtual machines.
The other disclosed flaw, CVE-2025-21377, pertains to NTLM hash disclosure spoofing. This vulnerability permits attackers to access a computer’s NTLM hash, potentially leading to the retrieval of plain-text passwords. The exploit could be triggered simply by interacting with a malicious file, allowing an attacker to log into the machine as the user. Microsoft has opted for a cautious approach, revealing little about this particular vulnerability.
Conversely, the remaining two zero-day vulnerabilities were confirmed to be actively exploited. CVE-2025-21391 is a Windows storage elevation of privilege vulnerability that enabled attackers to delete targeted files on a user’s computer. While this flaw does not expose confidential information, the ability to delete files poses a significant threat to system integrity. The second actively exploited flaw, CVE-2025-21418, allows attackers to gain elevated system privileges within Windows. Microsoft has not disclosed the methods of exploitation or the identities of the individuals who discovered these vulnerabilities.
Given the active exploitation of these vulnerabilities, it is imperative for users to prioritize the installation of this patch to safeguard their systems.
How to install the latest security updates on Windows
To ensure your PC remains protected, it is advisable to install the latest Patch Tuesday update promptly. To do this, navigate to Start > Settings > Windows Update, and then select Check for Windows updates.
