Microsoft addresses two publicly disclosed vulnerabilities
The first publicly disclosed vulnerability is an NTLM Hash Disclosure spoofing vulnerability (CVE-2025-21377) rated important with a 6.5 CVSS score. This flaw affects most Windows desktop and server systems. Microsoft tagged this vulnerability with an “exploitation more likely” assessment.
Microsoft’s CVE notes indicate attackers can exploit this vulnerability across the internet, and it only requires minimal user interaction, such as a right-click on a malicious file, to trigger the exploit. Admins who deploy the “security only” updates on older Windows server systems must apply the Internet Explorer cumulative update to protect the MSHTML, EdgeHTML and scripting platforms.
“It’s not actively being exploited in the wild, but there is confirmed exploit code, so the likelihood of somebody finding the code and trying to weaponize it means the bar is much lower,” Goettl said.
In June 2024, Microsoft added the NTLM authentication protocol to its deprecated features list.While NTLM will continue to work, it is no longer under active growth. Microsoft advises customers to seek more secure user authentication methods, rnrn### Key security Updates from February Patch Tuesday
microsoft recently released its February Patch Tuesday updates, addressing several critical vulnerabilities across various products.One notable update involves the retirement of NTLM in favor of more secure authentication methods like Kerberos. This shift aims to enhance security by mitigating risks associated with NTLM.
#### Surface Security Feature Bypass Vulnerability
Another critically important disclosure is a security feature bypass vulnerability (CVE-2025-21194) affecting several Microsoft Surface products,including the Surface Hub and Surface laptops.This vulnerability has a CVSS rating of 7.1. To exploit it, an attacker must navigate several technical challenges, such as gaining access to a restricted network and compelling the user to reboot the device.
#### Critical Excel Vulnerabilities
Microsoft addressed six critical vulnerabilities in Excel this month. These include CVE-2025-21383, CVE-2025-21386, CVE-2025-21387, CVE-2025-21390, and CVE-2025-21394. these flaws could allow an attacker to execute arbitrary code, potentially leading to significant security breaches within an institution.
#### windows LDAP Remote Code Execution Flaw
A critical Windows Lightweight Directory Access Protocol (LDAP) remote-code execution flaw (CVE-2025-21376) was also patched. This vulnerability affects most supported Windows desktop and server systems and has a CVSS rating of 8.1. microsoft assessed it as ”exploitation more likely,” indicating a high risk. An attacker on the network must win a race condition to trigger the exploit, which does not require privileges or user interaction.Prosperous exploitation could result in a buffer overflow, potentially leading to remote code execution.
Microsoft’s security update addresses these critical issues, emphasizing the importance of regular patching and security updates to protect against potential threats.
