The February 2025 Security Upd... Note

The February 2025 Security Update Review

February 2025's Patch Tuesday saw Microsoft and Adobe release critical security updates. Adobe addressed 45 CVEs across several applications, including critical code execution vulnerabilities in InDesign and Illustrator. No Adobe vulnerabilities were publicly known or under active attack. Microsoft released 67 CVEs, including two from Trend ZDI, across various products. Four of these were either publicly known or under active attack. Two critical Windows vulnerabilities, CVE-2025-21391 and CVE-2025-21418, allowed privilege escalation and were actively exploited. Another critical vulnerability, CVE-2025-21376, enabled remote code execution in Windows LDAP. A critical vulnerability in Microsoft Excel, CVE-2025-21387, was also patched, impacting the Preview Pane. Microsoft urged swift testing and deployment of these patches due to the severity and active exploitation of some vulnerabilities. The overall patch volume was considered more manageable compared to previous releases.
CdXz5zHNQW_zcdjcs4nCR.png