Microsoft has released its February Patch Tuesday update, addressing a total of 63 vulnerabilities across its software products. This month’s update is notably smaller than January’s, which saw a massive 159 vulnerabilities fixed. However, it still includes critical patches that require immediate attention from system administrators and users alike.
Key Takeaways
Total Vulnerabilities Fixed: 63
Critical Vulnerabilities: 4
Actively Exploited Flaws: 2
Notable Products Affected: Windows, Office, SharePoint
Overview of Vulnerabilities
The February update includes a mix of vulnerabilities, with varying levels of severity. Among the 63 vulnerabilities, three are rated as critical, while the majority are classified as important. The vulnerabilities span across various Microsoft products, including Windows, Office, and SharePoint.
Actively Exploited Vulnerabilities
Two vulnerabilities in this month’s update are already being exploited in the wild:
CVE-2025-21418 (CVSS 7.8): An elevation of privilege vulnerability in the Windows Ancillary Function Driver for WinSock. This flaw allows attackers to gain SYSTEM-level privileges on affected machines.
CVE-2025-21391 (CVSS 7.1): An elevation of privilege vulnerability in Windows Storage that enables local attackers to delete files under specific conditions, potentially leading to data loss.
Critical Vulnerabilities to Address
In addition to the actively exploited vulnerabilities, several critical flaws have been identified that require immediate attention:
CVE-2025-21198 (CVSS 9.0): A remote code execution vulnerability in the High-Performance Compute (HPC) Pack, which could allow attackers to execute arbitrary code on connected nodes.
CVE-2025-21376 (CVSS 8.1): A remote code execution vulnerability in Windows Lightweight Directory Access Protocol (LDAP), which could lead to widespread network breaches.
CVE-2025-21379 (CVSS 7.1): A remote code execution vulnerability in the DHCP Client Service, allowing attackers on the same network to execute arbitrary code.
CVE-2025-21381 (CVSS 7.8): A remote code execution vulnerability in Microsoft Excel that can be triggered without opening a file.
Importance of Patching
Applying these patches is crucial for maintaining the security of systems. Unpatched vulnerabilities can lead to:
Malware Infections: Exploits can deliver malware, including ransomware and spyware.
Data Breaches: Attackers can gain unauthorized access to sensitive data.
System Takeover: Vulnerabilities can allow attackers to take complete control of a system.
Recommended Actions
To mitigate risks associated with these vulnerabilities, users and administrators should:
Install Updates Immediately: Apply the February Patch Tuesday updates as soon as possible.
Prioritize Critical Updates: Focus on the most critical updates first, especially those addressing remote code execution vulnerabilities.
Test Updates: In business environments, test updates in a non-production setting before wide deployment.
Enable Automatic Updates: Where possible, enable automatic updates to ensure timely installation of security patches.
Stay Informed: Keep up with the latest security news and advisories to remain aware of potential threats.
While this month’s Patch Tuesday may seem lighter, the presence of critical vulnerabilities and actively exploited flaws underscores the importance of regular patching and proactive security measures. System administrators should act swiftly to protect their networks from potential exploitation.
Cybersecurity is more crucial than ever. At BetterWorld Technology, we provide advanced solutions to tackle emerging threats while fostering innovation. Secure your business with confidence—contact us today for a consultation.
Sources
Microsoft takes it easy on February's Patch Tuesday • The Register, The Register.
February's Patch Tuesday: A Lighter Load, But Still Critical, PC-Tablet India.
Microsoft's Patch Tuesday Fixes 63 Flaws, Including Two Under Active Exploitation, The Hacker News.
February 2025 Patch Tuesday: Microsoft Fixes 63 Vulnerabilities, Including Two Actively Exploited Zero-Days - SOCRadar® Cyber Intelligence Inc., SOCRadar® Cyber Intelligence Inc..
Microsoft's February Patch a Lighter Lift Than January's, Dark Reading | Security.