Microsoft Monthly Security Update (February 2025)

Release Date: 12 Feb 2025

RISK: Medium Risk

TYPE: Operating Systems - Windows OS

Microsoft has released monthly security update for their products:

Vulnerable Product	Risk Level	Impacts	Notes
Azure	Medium Risk	Elevation of Privilege Remote Code Execution
Developer Tools	Medium Risk	Elevation of Privilege Remote Code Execution
Windows	Medium Risk	Denial of Service Remote Code Execution Elevation of Privilege Data Manipulation Security Restriction Bypass Spoofing	CVE-2025-21391 and CVE-2025-21418 are being exploited in the wild. An attacker with local and user privileges could perform elevation of privilege on the targeted system.
Extended Security Updates (ESU)	Medium Risk	Denial of Service Remote Code Execution Elevation of Privilege Security Restriction Bypass Spoofing	CVE-2025-21391 and CVE-2025-21418 are being exploited in the wild. An attacker with local and user privileges could perform elevation of privilege on the targeted system.
Microsoft Office	Medium Risk	Information Disclosure Elevation of Privilege Remote Code Execution
Mariner	Medium Risk	Remote Code Execution
Apps	Medium Risk	Spoofing Elevation of Privilege
Microsoft Dynamics	Medium Risk	Elevation of Privilege
Browser	Medium Risk	Remote Code Execution Spoofing
Device	Medium Risk	Security Restriction Bypass

Number of 'Extremely High Risk' product(s): 0

Number of 'High Risk' product(s): 0

Number of 'Medium Risk' product(s): 10

Number of 'Low Risk' product(s): 0

Evaluation of overall 'Risk Level': Medium Risk

Impact

Before installation of the software, please visit the vendor web-site for more details.