Sales: 1-877-600-2295 | | Login
Request a Demo
News and Events

Microsoft Patch Tuesday February 2025: 53 Fixes, Including Weaponized Threats

February 11, 2025

5 Min Read

After January’s record-breaking Patch Tuesday release, February’s update is significantly smaller, addressing 53 vulnerabilities. However, size doesn’t always equate to impact as this month’s fixes include two actively exploited vulnerabilities and two publicly disclosed ones.

The release consists of:

  • 2 Critical and 51 Important fixes
  • Coverage across Windows, Windows Components, Hyper-V, Azure, Office, Visual Studio, RDS, Android, and iOS
  • A combined CVSS score of 398.3, with an average severity of 7.5 - higher than last month’s

Robert Brown, Senior Director of Professional Services at Absolute, emphasizes the importance of prioritization in vulnerability management. He warns that some of these threats could act as jump points for attackers, making swift action crucial.

Patch Tuesday Recap: Top 3 Vulnerabilities You Need to Know

As always, Patch Tuesday brings critical updates and security fixes to keep your systems protected. Here’s a breakdown of the most significant issues and why you should prioritize addressing them immediately.

  1. CVE-2025-21418 – WinSock Privilege Escalation

    • Weaponized, actively exploited

      This vulnerability in the Windows Ancillary Function Driver allows attackers to gain SYSTEM privileges, enabling them to take full control of a compromised machine.

    • Severity: Important | CVSS Score: 7.8
    • Attack Vector: Local | Privileges Required: Low
    • User Interaction: None | Complexity: Low
    • Why it matters: With active exploitation in the wild, this flaw is a prime target for attackers aiming to escalate privileges and bypass security measures.

  2. CVE-2025-21391 – Windows Storage Privilege Escalation

    • Weaponized, actively exploited

      Attackers can delete targeted files, potentially leading to data loss and system instability.

    • Severity: Important | CVSS Score: 7.1
    • Attack Vector: Local | Privileges Required: Low
    • User Interaction: None | Complexity: Low
    • Why it matters: While this exploit doesn’t offer full system control, data corruption or deletion can disrupt operations significantly.

  3. CVE-2025-21194 – Surface Security Feature Bypass

    • Publicly disclosed

      A Hypervisor vulnerability affecting UEFI-based systems, requiring a system reboot for exploitation.

    • Severity: Important | CVSS Score: 7.1
    • Attack Vector: Adjacent | Privileges Required: None
    • User Interaction: Required | Complexity: High
    • Why it matters: Attackers targeting this flaw could compromise the secure kernel and hypervisor, making it a serious concern for virtualization security.

  4. CVE-2025-21377 – NTLM Hash Disclosure

    • Publicly disclosed, high exploitation risk

      This flaw allows attackers to capture NTLMv2 hashes, which can be used for authentication attacks and credential theft.

    • Severity: Important | CVSS Score: 6.5
    • Attack Vector: Network | Privileges Required: None
    • User Interaction: Required
    • Why it matters: Credential theft is a key tactic in phishing campaigns and lateral movement attacks, making this vulnerability a priority for organizations relying on NTLM authentication.

  5. CVE-2025-21198 – HPC Pack Remote Code Execution

    • Serious risk, high CVSS score (9.0)

      This vulnerability enables attackers to execute remote code on a targeted head node using specially crafted HTTPS requests.

    • Severity: Important | CVSS Score: 9.0
    • Attack Vector: Adjacent | Privileges Required: Low
    • User Interaction: None
    • Why it matters: Remote code execution (RCE) vulnerabilities pose significant risks to infrastructure, especially in environments with exposed HPC services.

Final Thoughts: Act Now to Stay Secure

February’s Patch Tuesday highlights the ongoing risks of unpatched vulnerabilities, especially as attackers leverage AI and automation to identify new exploits faster than ever before.

  1. Prioritize patches for actively exploited and publicly disclosed vulnerabilities.
  2. Ensure your security team is equipped to respond quickly.
  3. Consider leveraging automation and vulnerability management solutions to stay ahead of threats.

Need help implementing these patches or optimizing your cybersecurity strategy? Our team is here to assist, reach out today.

Until next time, Happy Patching!

See the February, 2025 Patch Tuesday Chart.

News and Events

Share this article

Absolute Editorial Team

All Posts By This Author
Related Articles
Absolute Security Acquires Syxsense: Making Cyber Resilience Accessible to the Global Enterprise
Christy Wyatt - 9/5/2024
- 4 min read
Our Official Statement on the Crisis in Ukraine
Christy Wyatt - 3/11/2022
- 1 min read
Absolute Software Recognized as a Top Company of the Year in 2021 American Business Awards®
Robert Booker - 6/7/2021
- 2 min read
View Recent Articles
Financial Services