Microsoft's February 2025 Patch Tuesday security update has revealed and fixed 55 security vulnerabilities across Windows systems, with two of them already exploited by malicious actors before the patches were released.
The security update addresses multiple types of flaws, including 22 remote code execution vulnerabilities, 19 elevation of privilege issues, nine denial of service problems, three spoofing vulnerabilities, two security feature bypass flaws, and one information disclosure vulnerability.
Among these, four were classified as zero-day vulnerabilities - security weaknesses discovered before patches were available. Two of these zero-day flaws had already been actively exploited by hackers.
The first exploited vulnerability, identified as CVE-2025-21391, allowed attackers to delete specific files on targeted Windows computers. While this flaw didn't expose confidential information, it could potentially damage system functionality through targeted file deletion.
The second actively exploited flaw, CVE-2025-21418, enabled attackers to gain elevated system privileges in Windows. Microsoft has kept details about the exploitation methods and discoverers confidential to prevent further security risks.
The other two zero-day vulnerabilities, while not yet exploited, posed serious risks. CVE-2025-21194 could potentially compromise virtual machines and the operating system's secure kernel, while CVE-2025-21377 could allow attackers to obtain user passwords through NTLM hash disclosure.
Users can protect their systems by installing the latest security update through Windows Update in their system settings. Given the active exploitation of two vulnerabilities, immediate installation is recommended for all Windows users.
Microsoft continues its monthly security update cycle to address newly discovered vulnerabilities and maintain system security for its users worldwide.