ClearDraft

ClearDraft

Microsoft Patch Tuesday, February 2025 Edition


“February 2025 Patch Tuesday: Updates and Fixes for Microsoft Users”


Microsoft issues security updates for Windows, fixing 56 vulnerabilities including two zero-day flaws. Updates to address critical issues in Windows operating systems and supported software.

Microsoft has rolled out a series of security updates to address a total of 56 vulnerabilities across their Windows operating systems and various software products. Among these are two zero-day flaws that are currently being actively exploited by cyber attackers.

One of the critical vulnerabilities being patched, known as CVE-2025-21418, is a buffer overflow flaw affecting all supported Windows operating systems. This vulnerability is particularly concerning as Microsoft has confirmed that it is being exploited in the wild, with low attack complexity and no user interaction required.

Tenable’s senior staff research engineer, Satnam Narang, highlighted the history of similar elevation of privilege vulnerabilities in Windows components, emphasizing the potential risks associated with these security flaws. Another zero-day, CVE-2025-21391, enables attackers to delete files on a targeted system, posing a serious threat to user data and system integrity.

Rapid7’s lead software engineer, Adam Barnett, raised concerns about the impact of these vulnerabilities, warning that arbitrary file deletion can potentially lead to severe security breaches if exploited by skilled attackers. Microsoft has also addressed another disclosed vulnerability, CVE-2025-21377, which allows attackers to elevate their privileges on a compromised Windows system.

In addition to Microsoft’s security updates, other tech giants like Apple and Adobe have released patches for vulnerabilities in their offerings. Apple’s iOS 18.3.1 update fixes a zero-day vulnerability that has been exploited by attackers, while Adobe has addressed 45 vulnerabilities in various software products.

Furthermore, Google Chrome’s latest update will trigger updates for Chromium-based browsers like Microsoft Edge, underlining the importance of staying vigilant and updating all software to mitigate security risks. As cyber threats continue to evolve, it is essential for users to prioritize security updates and adopt best practices to safeguard their digital assets.


Published on: 2025-02-12 04:58:00 | Author: BrianKrebs

🔗 Source
New Reddit controls let you block your most-hated advertisers for a year

New Reddit controls let you block your most-hated advertisers for a year

“New Reddit Feature Lets Users Block Disliked Advertisers for 1 Year” Reddit users can report ads that go against policies,…
VIRGINIA – Site Selection Magazine

VIRGINIA – Site Selection Magazine

“Virginia Tops Charts for Site Selection – Ready for Investment Boom” Virginia invests $2 billion to boost tech talent, surpassing…
Mercedes’s Most Affordable Sedan Will Be Electric

Mercedes’s Most Affordable Sedan Will Be Electric

“Mercedes Unveils Budget-Friendly Electric Sedan for the Masses” Mercedes-Benz is set to release its least expensive sedan as an all-electric…
US lawmakers urge UK spy court to hold Apple ‘backdoor’ secret hearing in public

US lawmakers urge UK spy court to hold Apple ‘backdoor’ secret hearing in public

“US Lawmakers Push for Public Apple ‘Backdoor’ Hearing in UK Spy Court” Bipartisan lawmakers urge open hearing into Apple’s challenge…
Lancaster University research urges firms to prioritise employee wellbeing for responsible cybersecurity – Intelligent CISO

Lancaster University research urges firms to prioritise employee wellbeing for responsible cybersecurity – Intelligent CISO

“Study highlights importance of employee wellbeing for cybersecurity” New research led by Lancaster University suggests cybersecurity strategies should prioritize employee…
Hubble Sees a Spiral and a Star

Hubble Sees a Spiral and a Star

“Captivating Images: Hubble Reveals Spiral Galaxy and Luminous Star Cluster” Discover a stunning image captured by the Hubble Space Telescope…
James Webb Space Telescope investigates the origins of 'failed stars' in the Flame Nebula

James Webb Space Telescope investigates the origins of 'failed stars' in the Flame Nebula

Uncovering the Origins of ‘Failed Stars’ in the Flame Nebula: James Webb Space Telescope’s Discovery The James Webb Space Telescope…
How we are pioneering artificial intelligence applications in public health  – UK Health Security Agency

How we are pioneering artificial intelligence applications in public health  – UK Health Security Agency

Revolutionizing Public Health with Artificial Intelligence: UK’s Groundbreaking Initiatives Harnessing AI technology to address health security challenges, the UK Health…
OBSCURE#BAT Malware Highlights Risks of API Hooking

OBSCURE#BAT Malware Highlights Risks of API Hooking

“Stealthy #BAT Malware Exposes Dangers of API Hooking” Researchers uncover advanced attack chain utilizing obfuscated batch files and PowerShell scripts…
Microsoft Patch Tuesday, February 2025 Edition

Microsoft Patch Tuesday, February 2025 Edition

“February 2025 Patch Tuesday: Updates and Fixes for Microsoft Users” Microsoft issues security updates for Windows, fixing 56 vulnerabilities including…

Copyright ©cleardraft 2025