I wanted to bring to your attention the latest security updates from Microsoft, released as part of their February 2025 Patch Tuesday. This update addresses 63 security vulnerabilities across various Microsoft products, including two that are currently being actively exploited.

Key Points:

• Critical Vulnerabilities: Three vulnerabilities are rated as Critical, including a remote code execution flaw in the High-Performance Compute (HPC) Pack (CVE-2025-21198) with a CVSS score of 9.0.
• Actively Exploited Flaws: Two vulnerabilities are under active exploitation:
  • • CVE-2025-21391: A Windows Storage Elevation of Privilege Vulnerability (CVSS score: 7.1) that could allow an attacker to delete targeted files.
    • CVE-2025-21418: A Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability (CVSS score: 7.8) that could be exploited to achieve SYSTEM privileges.
• Other Important Fixes: The update also includes fixes for 57 Important, one Moderate, and two Low severity vulnerabilities.

Given the critical nature of some of these vulnerabilities, especially those under active exploitation, it is crucial that we prioritize applying these patches to our systems as soon as possible. You will begin receiving prompts to install these Microsoft patches. Please make sure to install them as early as possible to ensure our systems remain secure.

For more detailed information, you can read the full article here.

Additionally, I encourage everyone to follow our security and maintenance updates to stay informed about the latest developments and best practices.

Thank you for your prompt attention to this matter.