Technology NewsTechnology NewsTechnology News
  • Computing
  • AI
  • Robotics
  • Cybersecurity
  • Electric Vehicle
  • Wearables
  • Gaming
  • Space
Reading: Microsoft Patches 63 Security Vulnerabilities Across Key Products
Share
Font ResizerAa
Technology NewsTechnology News
Font ResizerAa
Search
  • Computing
  • AI
  • Robotics
  • Cybersecurity
  • Electric Vehicle
  • Wearables
  • Gaming
  • Space
Follow US
  • Cookie Policy (EU)
  • Contact
  • About
© 2025 NEWSLINKER - Powered by LK SOFTWARE
Cybersecurity

Microsoft Patches 63 Security Vulnerabilities Across Key Products

Highlights

  • Microsoft released patches for 63 security vulnerabilities.

  • Two zero-day flaws were actively exploited before the patch.

  • Experts urge immediate patching to prevent system compromises.

Kaan Demirel
Last updated: 12 February, 2025 - 1:50 am 1:50 am
Kaan Demirel 5 months ago
Share
SHARE

Microsoft has rolled out a significant security update addressing 63 different vulnerabilities that affect its core software and services. The update encompasses critical applications such as Microsoft Excel, Office, Windows CoreMessaging, and Windows Storage, aiming to enhance the security framework for millions of users globally. This latest patch not only includes routine fixes but also tackles two zero-day vulnerabilities that have been actively targeted by cyber adversaries.

Contents
High-Severity Flaws Target Core Microsoft ServicesZero-Day Vulnerabilities Pose Immediate ThreatsIndustry Experts Emphasize Urgent Patching

This release marks a shift from previous updates that primarily addressed low-severity issues, highlighting an increased focus on high-impact vulnerabilities. The selection of high-severity defects this month reflects a strategic response to the growing sophistication of cyber threats targeting Microsoft’s essential systems.

High-Severity Flaws Target Core Microsoft Services

A majority of the vulnerabilities addressed are classified as high-severity on the CVSS scale, impacting critical components such as Windows Telephony Service, Windows Ancillary Function Driver, and Microsoft Dynamics 365 Sales. These flaws pose significant risks to the functionality and security of key business operations, necessitating immediate attention and remediation.

Zero-Day Vulnerabilities Pose Immediate Threats

Among the patched vulnerabilities are two zero-day exploits: CVE-2025-21391 and CVE-2025-21418. CVE-2025-21391, with a CVSS score of 7.1, allows attackers to delete specific files, potentially disrupting services without accessing confidential data. CVE-2025-21418, a heap-based overflow vulnerability scoring 7.8, enables unauthorized system access by targeting the Windows Ancillary Function Driver for WinSock.

“Microsoft is aware of existing exploitation in the wild, and with low attack complexity, low privilege requirements, and no requirement for user interaction, CVE-2025-21418 is one to prioritize for patching,”

said Adam Barnett, lead software engineer at Rapid7.

Industry Experts Emphasize Urgent Patching

“Large organizations with numerous Windows systems are at significant risk due to the widespread use of Windows Storage features,”

Walters, president and co-founder of Action1, highlighted the extensive reach of the vulnerabilities. Experts also stress the importance of addressing these flaws promptly to prevent potential exploitation and mitigate damage to systems.

Microsoft identified nine additional vulnerabilities deemed more likely to be exploited, including remote-code execution flaws in Microsoft SharePoint Server and privilege escalation issues in Windows CoreMessaging. This comprehensive patching effort underscores Microsoft’s ongoing commitment to securing its software ecosystem against diverse and evolving cyber threats.

Organizations are advised to apply the latest updates without delay and maintain robust security practices to safeguard against potential attacks. Regular patching remains a critical component in defending against the increasingly sophisticated methods employed by cyber adversaries targeting Microsoft’s infrastructure.

You can follow us on Youtube, Telegram, Facebook, Linkedin, Twitter ( X ), Mastodon and Bluesky

You Might Also Like

Cambodian Scam Compounds Trap Victims in Forced Labor, Amnesty Finds

Cybercrime Group Targets Airlines in New Wave of Attacks

Authorities Apprehend IntelBroker After Multimillion-Dollar Data Breaches

States Investigate Unregistered Data Brokers as Oversight Gaps Grow

Citrix Faces Active Exploitation of NetScaler Zero-Day Flaw

Share This Article
Facebook Twitter Copy Link Print
Kaan Demirel
By Kaan Demirel
Kaan Demirel is a 28-year-old gaming enthusiast residing in Ankara. After graduating from the Statistics department of METU, he completed his master's degree in computer science. Kaan has a particular interest in strategy and simulation games and spends his free time playing competitive games and continuously learning new things about technology and game development. He is also interested in electric vehicles and cyber security. He works as a content editor at NewsLinker, where he leverages his passion for technology and gaming.
Previous Article Apple & Google Rename Gulf, Google Calendar Drops Key Holidays
Next Article Stellar Activity Distorts Exoplanet Discoveries, Study Finds

Stay Connected

6.2kLike
8kFollow
2.3kSubscribe
1.7kFollow

Latest News

Beep Launches Jacksonville’s Autonomous Transit with Ford E-Transit Fleet
Robotics
Tesla Marks First Self-Driving Car Delivery and Sets New Goals
Electric Vehicle
Court Rulings Allow Meta and Anthropic to Train A.I. on Books
AI Technology
Tesla Stops Rumors Linking Henry Kuang to AI Director Role
Electric Vehicle
Leaked Samsung Galaxy Watch Designs Spark Strong Reactions
Wearables
NEWSLINKER – your premier source for the latest updates in ai, robotics, electric vehicle, gaming, and technology. We are dedicated to bringing you the most accurate, timely, and engaging content from across these dynamic industries. Join us on our journey of discovery and stay informed in this ever-evolving digital age.

ARTIFICAL INTELLIGENCE

  • Can Artificial Intelligence Achieve Consciousness?
  • What is Artificial Intelligence (AI)?
  • How does Artificial Intelligence Work?
  • Will AI Take Over the World?
  • What Is OpenAI?
  • What is Artifical General Intelligence?

ELECTRIC VEHICLE

  • What is Electric Vehicle in Simple Words?
  • How do Electric Cars Work?
  • What is the Advantage and Disadvantage of Electric Cars?
  • Is Electric Car the Future?

RESEARCH

  • Robotics Market Research & Report
  • Everything you need to know about IoT
  • What Is Wearable Technology?
  • What is FANUC Robotics?
  • What is Anthropic AI?
Technology NewsTechnology News
Follow US
About Us   -  Cookie Policy   -   Contact

© 2025 NEWSLINKER. Powered by LK SOFTWARE
Welcome Back!

Sign in to your account

Register Lost your password?