Summary
On February 12, 2025, Microsoft released its February 2025 Security Updates, which included patches for a total of 67 CVEs, a decrease of 94 compared to the previous month.
In terms of vulnerability severity, there were 3 vulnerabilities marked as "Critical," and 60 vulnerabilities were marked as "Important/High" level vulnerabilities. Regarding the types of vulnerabilities, there were primarily 29 remote code execution vulnerabilities, 20 privilege escalation vulnerabilities, and 1 information disclosure vulnerabilities.
Statistics
Vulnerability Trend
Figure 1 Vulnerabilities Patched by Microsoft in the Last 12 Months
On the whole, Microsoft released 67 patches in February 2025, including patches for 3 critical vulnerability patches.
Based on Microsoft's historical vulnerability disclosures and the specific circumstances of this year, Sangfor FarSight Labs estimates that Microsoft will announce more vulnerabilities in the coming March in comparison to February. We expect a figure of approximately 80 vulnerabilities.
Comparison of Vulnerability Trends
The following figure shows the number of patches released by Microsoft in the month of February from 2022 to 2025.
Figure 2 Number of Windows Patches Released by Microsoft in February from 2022 to 2025
The following figure shows the trend and number of vulnerabilities at different severity levels addressed by Microsoft in February from 2022 to 2025.
Figure 3 Number of Vulnerabilities by Severity Level Addressed by Microsoft in February from 2022 to 2025
The following figure shows the number of vulnerabilities by type addressed by Microsoft in February from 2022 to 2025.
Figure 4 Number of Vulnerabilities by Type Addressed by Microsoft in February from 2022 to 2025
Data source: Microsoft security updates
Compared to last year, there has been a decrease in terms of the number of vulnerabilities of this year. The number of vulnerabilities addressed by Microsoft in February 2025 has increased. A total of 67 vulnerability patches, including 3 critical ones, have been reported this month.
Compared to last year, the number of vulnerabilities at the Critical level addressed by Microsoft has decreased, and that of vulnerabilities at the Important/High level has also decreased. 60 vulnerabilities at the Important/High level have been addressed, a decrease of about 15%, and 3 vulnerabilities at the Critical level have been addressed, a decrease of about 40%.
In terms of Vulnerability Type, the number of RCE vulnerability has decreased; the number of DoS vulnerabilities remains unchanged; and that of EoP vulnerabilities has increased. However, we should remain highly vigilant because, when combined with social engineering techniques, attackers can exploit RCE vulnerabilities to take over an entire LAN and launch attacks.
Details of Key Vulnerabilities
Analysis
WinSock Windows Auxiliary Function Driver Escalation of Privilege Vulnerability (CVE-2025-21418)
Winsock is the network programming interface of the Windows operating system, defining how applications access network services through sockets, especially the TCP/IP protocol. It provides a standard interface that enables network applications on Windows to perform data transfer and communication.
A privilege escalation vulnerability exists within it, which attackers can exploit to gain higher privileges on the target system. This vulnerability is known to be exploited in the wild, and after assessment, it is considered critical in threat level. We recommend that users promptly update the Microsoft security patches.
Windows Storage Escalation of Privilege Vulnerability (CVE-2025-21391)
Windows Storage Spaces is a feature that allows multiple physical drives to be combined into a virtual drive to enhance data protection and the flexibility of storage management.
A privilege escalation vulnerability exists within it, which attackers can exploit to gain higher privileges on the target system. This vulnerability is known to be exploited in the wild, and after assessment, it is considered critical in threat level. We recommend that users promptly update the Microsoft security patches.
Affected Versions
| Vulnerability Name | Affected Versions |
WinSock Windows Auxiliary Function Driver Escalation of Privilege Vulnerability (CVE-2025-21418) | Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 23H2 for ARM64-based Systems Windows 11 Version 23H2 for x64-based Systems Windows 11 Version 24H2 for ARM64-based Systems Windows 11 Version 24H2 for x64-based Systems Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Ser ver Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Windows Server 2016 Windows Server 2016 (Server Core installation) Windows Server 2019 Windows Server 2019 (Server Core installation) Windows Server 2022 Windows Server 2022 (Server Core installation) Windows Server 2022, 23H2 Edition (Server Core installation) Windows Server 2025 Windows Server 2025 (Server Core installation) |
Windows Storage Escalation of Privilege Vulnerability (CVE-2025-21391) | Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 23H2 for ARM64-based Systems Windows 11 Version 23H2 for x64-based Systems Windows 11 Version 24H2 for ARM64-based Systems Windows 11 Version 24H2 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) Windows Server 2019 Windows Server 2019 (Server Core installation) Windows Server 2022 Windows Server 2022 (Server Core installation) Windows Server 2022, 23H2 Edition (Server Core installation) Windows Server 2025 Windows Server 2025 (Server Core installation) |
