Windows Users Alert: Microsoft Fixes 63 Security Bugs, Including Active Threats

Microsoft has rolled out its latest Patch Tuesday update, addressing 63 security vulnerabilities across its software ecosystem.

This includes three critical flaws, 57 important ones, and two actively exploited vulnerabilities that have already been used in cyberattacks.

Two Actively Exploited Vulnerabilities

The most concerning flaws in this update are:

CVE-2025-21391 (CVSS 7.1) – Windows Storage Elevation of Privilege Vulnerability
- Allows attackers to delete targeted files, which could disrupt system services.
- Could be combined with other exploits to escalate privileges and cover up attacks.
CVE-2025-21418 (CVSS 7.8) – Windows Ancillary Function Driver (AFD.sys) Privilege Escalation
- Exploited to gain SYSTEM privileges, giving attackers complete control over affected machines.
- Similar to a previous Lazarus Group attack using a vulnerability in the same Windows component.

These flaws are severe enough that the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added them to its Known Exploited Vulnerabilities (KEV) catalog, requiring federal agencies to apply patches by March 4, 2025.

Most Severe Vulnerability – CVE-2025-21198 (CVSS 9.0)

This remote code execution (RCE) vulnerability affects Microsoft’s High Performance Compute (HPC) Pack.

Attackers can exploit it by sending a specially crafted HTTPS request, potentially compromising entire clusters of connected systems.

Another RCE flaw (CVE-2025-21376, CVSS 8.1) in Windows LDAP could allow attackers to execute arbitrary code, posing a major risk to enterprise networks that rely on Active Directory.

Other Key Fixes and Third-Party Patches

NTLMv2 hash disclosure vulnerability (CVE-2025-21377, CVSS 6.5) – Attackers could authenticate as a targeted user.
Security patches from other vendors include Adobe, AMD, Apple, Cisco, Google, Intel, NVIDIA, Samsung, and more.

Final Thoughts

This Patch Tuesday update is one of the most important in recent months, addressing actively exploited Windows vulnerabilities that could be used for privilege escalation, remote code execution, and system compromise.

Windows users and IT administrators should prioritize these updates immediately to secure their systems.

Browse By Categories

Windows Users Alert: Microsoft Fixes 63 Security Bugs, Including Active Threats

Two Actively Exploited Vulnerabilities

Most Severe Vulnerability – CVE-2025-21198 (CVSS 9.0)

Other Key Fixes and Third-Party Patches

Final Thoughts

Google Working on Song Search History Feature for Android

WhatsApp Will Soon Let You Show Your Role in Group Chats

Find Your Lost Android Phone Even If It’s Offline – Google’s New Feature Rolls Out

uTag App Unlocks Samsung SmartTags for All Android Devices

Android Users Advised to Follow iPhone Workaround for TikTok Amid Ongoing App Store Block

Parents Sue TikTok Over ‘Blackout Challenge’ Deaths, Demand Answers

Drake Responds to Kendrick Lamar with Lyric Change and New Music Tease

Lisa Introduces ‘Vixi’ as Fifth Persona for Upcoming Solo Album ‘ALTER EGO’

Kendrick Lamar Makes History with New Music Records in Last 12 Months

Adobe Launches AI-Powered Text-to-Video Tool for Everyone

Save Money with These 12 Free AI Tool Alternatives for 2025

Open-Source Model, Goku AI by ByteDance Challenges OpenAI and the U.S.

Kendrick Lamar Joins MCU with Title Track for “Captain America: Brave New World”

Squid Game Season 3: Could The Front Man and Gi-hun Team Up to Destroy the Game?

Captain America 4 Drops Major Spoiler: This Character Dies

North Korean Hackers Target Devices with PowerShell Trick in Evolving Cyberattack

Amazon to Unveil Next-Gen Alexa on February 26 – Here’s What to Expect

Tipster Claims No 7,000mAh Battery for Samsung Galaxy S26 Ultra – Just 5,500mAh Max

Browse By Categories

Windows Users Alert: Microsoft Fixes 63 Security Bugs, Including Active Threats

Two Actively Exploited Vulnerabilities

Most Severe Vulnerability – CVE-2025-21198 (CVSS 9.0)

Other Key Fixes and Third-Party Patches

Final Thoughts

Read More