Microsoft Patch Tuesday For February Includes Two Zero Days Under Attack
Thumbnail
February 2025’s Patch Tuesday from Microsoft addressed four zero-day vulnerabilities, two of which are currently under active attack. The update also includes eight additional high-risk flaws from a total of 63 Microsoft CVEs. Notably, CVE-2025-21198, a critical code execution vulnerability, was evaluated as lower risk due to its specific requirements for exploitation. Affected: Microsoft Windows, Microsoft Edge, Microsoft SharePoint Server

Keypoints :

  • February 2025 Patch Tuesday released 63 Microsoft CVEs and four non-Microsoft CVEs.
  • Two zero-day vulnerabilities under active attack are CVE-2025-21391 and CVE-2025-21418.
  • CVE-2025-21198, a high severity code execution vulnerability, was assessed to have lower exploitation risk.
  • Microsoft reported a decrease in vulnerabilities in February compared to January 2025.
  • A total of eight additional vulnerabilities were rated as “Exploitation More Likely.”
  • Several other vendors also released Patch Tuesday updates on this day.

MITRE Techniques :

  • Elevation of Privilege (T1068) – CVE-2025-21391 allows an attacker to delete data, making services unavailable.
  • Elevation of Privilege (T1068) – CVE-2025-21418 can permit an attacker to gain system privileges through a Heap-based Buffer Overflow.
  • Remote Code Execution (T1203) – CVE-2025-21400 for Microsoft SharePoint Server allows remote code execution vulnerabilities.
  • Elevation of Privilege (T1068) – Multiple vulnerabilities including CVE-2025-21419/20 and CVE-2025-21184/58 lead to system privilege elevation.
  • Remote Code Execution (T1203) – CVE-2025-21376 is classified as LDAP Remote Code Execution.

Indicator of Compromise :

  • None explicitly mentioned in the provided text.

Full Story: https://thecyberexpress.com/microsoft-patch-tuesday-february-2025/

Views: 37