Microsoft Japan Co., Ltd. has launched its monthly security update for February. Users are advised to apply the patches without delay. The update fixes issues in several Microsoft products. These include Windows, Office, SharePoint, Visual Studio, Microsoft Azure, and Microsoft Surface. Additionally, Microsoft Edge receives updates separately from the monthly patch cycle.
Affected software includes Windows (11/10, Server 2025/2022/2019/2016) and Office. They received fixes for vulnerabilities rated as “critical,” the highest level on Microsoft’s scale.
This month, we found 56 vulnerabilities linked to CVE numbers.
こちらもお読みください: 既存のセキュリティ機器に柔軟に対応する「インテリリンクカスタムSOCサービス」を開始
Three of these are “critical.” Three vulnerabilities are important:
- NTLM Hash Disclosure Spoofing (CVE-2025-21377)
- Microsoft Surface Security Feature Bypass (CVE-2025-21194)
- Windows Ancillary Function Driver for WinSock Elevation of Privilege (CVE-2025-21418)
These have already been exploited or had their details shared before the patch was released.
Given the potential risks, マイクロソフト strongly advises users to install the updates without delay.
ソース ヤフー
