Tech, Culture & Entertainment Redefined! Tech, Culture & Entertainment Redefined!
Apps & Updates

Windows Users Alert: Microsoft Fixes 63 Security Bugs, Including Active Threats

February 12, 2025100
microsoft

Microsoft has rolled out its latest Patch Tuesday update, addressing 63 security vulnerabilities across its software ecosystem.

This includes three critical flaws, 57 important ones, and two actively exploited vulnerabilities that have already been used in cyberattacks.

Two Actively Exploited Vulnerabilities

The most concerning flaws in this update are:

  • CVE-2025-21391 (CVSS 7.1) – Windows Storage Elevation of Privilege Vulnerability
    • Allows attackers to delete targeted files, which could disrupt system services.
    • Could be combined with other exploits to escalate privileges and cover up attacks.
  • CVE-2025-21418 (CVSS 7.8) – Windows Ancillary Function Driver (AFD.sys) Privilege Escalation
    • Exploited to gain SYSTEM privileges, giving attackers complete control over affected machines.
    • Similar to a previous Lazarus Group attack using a vulnerability in the same Windows component.

These flaws are severe enough that the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added them to its Known Exploited Vulnerabilities (KEV) catalog, requiring federal agencies to apply patches by March 4, 2025.

Most Severe Vulnerability – CVE-2025-21198 (CVSS 9.0)

This remote code execution (RCE) vulnerability affects Microsoft’s High Performance Compute (HPC) Pack.

Attackers can exploit it by sending a specially crafted HTTPS request, potentially compromising entire clusters of connected systems.

Another RCE flaw (CVE-2025-21376, CVSS 8.1) in Windows LDAP could allow attackers to execute arbitrary code, posing a major risk to enterprise networks that rely on Active Directory.

Other Key Fixes and Third-Party Patches

  • NTLMv2 hash disclosure vulnerability (CVE-2025-21377, CVSS 6.5) – Attackers could authenticate as a targeted user.
  • Security patches from other vendors include Adobe, AMD, Apple, Cisco, Google, Intel, NVIDIA, Samsung, and more.

Final Thoughts

This Patch Tuesday update is one of the most important in recent months, addressing actively exploited Windows vulnerabilities that could be used for privilege escalation, remote code execution, and system compromise.

Windows users and IT administrators should prioritize these updates immediately to secure their systems.

Written by
Sazid Kabir

I've loved music and writing all my life. That's why I started this blog. In my spare time, I make music and run this blog for fellow music fans.

Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Recent Posts

BTS Arirang Album Cover
Lyrics

BTS — they don’t know ’bout us LYRICS (With English Translation & Meaning)

March 19, 2026
BTS Arirang Album Cover
Lyrics

BTS — Like Animals LYRICS (With English Translation & Meaning)

March 19, 2026
BTS Arirang Album Cover
Lyrics

BTS — NORMAL LYRICS (With English Translation & Meaning)

March 19, 2026
BTS Arirang Album Cover
Lyrics

BTS — Merry Go Round LYRICS (With English Translation & Meaning)

March 19, 2026
BTS Arirang Album Cover
Lyrics

BTS — SWIM LYRICS (With English Translation & Meaning)

March 19, 2026

Stay updated with nomusica.com. Add us to your preferred sources to see our latest updates first.

Related Articles

WhatsApp
Apps & Updates

WhatsApp Lets You Chat With People Without an Account

WhatsApp is testing a new feature called “guest chats” that lets people...

March 17, 2026
Spotify App
StreamingApps & Updates

Spotify Could Finally Let You Create Playlist Folders on Mobile After 15 Years

Spotify may soon fix one of the most frustrating limits on its...

March 16, 2026
Meta Aria Gen 2 Smart Glasses
Apps & Updates

New Android App Alerts Users to Nearby Smart Glasses

A new Android app called Nearby Glasses alerts users when smart glasses...

March 3, 2026
AT4K Launcher for Google TV
Apps & Updates

This Free App Fixes Google TV’s Biggest Problem

Google TV promised a clean and smart streaming experience. At first, it...

February 28, 2026