You Should Install This Windows Security Patch Now
Microsoft just released the February 2025 Patch Tuesday security update. This is a monthly update for Windows that includes all the security fixes and stability fixes that Microsoft has been working on since the last release. But just because these updates come without any new user-facing features doesn’t mean they’re not as important, if not more so.
As reported by Bleeping Computer , the latest Patch Tuesday update fixes 55 security flaws in Windows. These included 22 remote code execution errors, 19 privilege escalation errors, nine denial of service errors, three spoofing errors, two security feature bypass errors, and one information disclosure error.
Here’s what Microsoft fixed in the latest Patch Tuesday update
Although all 55 deficiencies deserved to be corrected, four of them were especially important to correct, and correcting two of them was even more important. That’s because four of these flaws were zero-day vulnerabilities, security flaws that are publicly known without a fix available. This is a recipe for disaster: attackers will inevitably find ways to exploit security flaws, but the key is for software developers to find and fix those flaws before the attackers even have a chance to know what those flaws are. When flaws are discovered before a fix is available, it dramatically increases the likelihood that an exploit will be developed before a patch is created.
In this case, four such vulnerabilities were fixed in the latest Patch Tuesday update. Two of them weren’t actively used – at least Microsoft claims they aren’t. One of them is CVE-2025-21194, a Microsoft Surface security feature bypass vulnerability that can bypass the Unified Extensible Firmware Interface (UEFI) and compromise both the hypervisor and the secure kernel of certain computers. Simply put, this vulnerability could allow attackers to compromise the software that powers virtual machines in Windows, as well as the kernel of your OS.
Another publicly disclosed flaw is CVE-2025-21377, an NTLM hash disclosure spoofing vulnerability that allows attackers to access your computer’s NTLM hash to obtain your password in plain text. Because of this particular flaw, a user may only need to select, right-click, or interact with a malicious file to trigger the exploit, which could then allow the hacker to log in as the user. Microsoft remains silent on this matter.
However, two other zero-day vulnerability fixes in this update were actually actively exploited. This included CVE-2025-21391, a Windows storage escalation of privilege vulnerability that allowed attackers to delete targeted files on your computer. Microsoft explained that this vulnerability prevents attackers from seeing your sensitive information, but the ability to delete files means attackers can break parts of your system. The second actively exploited zero-day vulnerability was CVE-2025-21418, a privilege escalation vulnerability that allowed attackers to gain system privileges on Windows. Microsoft has not said how attackers exploited these flaws and is keeping the identities of those who discovered them anonymous.
While we don’t know the full extent of these last two zero days, it’s important to update and fix them as soon as possible. Since they are actively used, it is possible that someone could use them against your computer if you do not install a patch.
How to install the latest security updates in Windows
To protect your PC, install the latest Patch Tuesday update as soon as possible. To do this, go to Start > Settings > Windows Update , then select Check for Windows updates .