Microsoft Japan Co., Ltd. has launched its monthly security update for February. Users are advised to apply the patches without delay. The update fixes issues in several Microsoft products. These include Windows, Office, SharePoint, Visual Studio, Microsoft Azure, and Microsoft Surface. Additionally, Microsoft Edge receives updates separately from the monthly patch cycle.
Affected software includes Windows (11/10, Server 2025/2022/2019/2016) and Office. They received fixes for vulnerabilities rated as “critical,” the highest level on Microsoft’s scale.
This month, we found 56 vulnerabilities linked to CVE numbers.
Also Read: Launch of “INTELLILINK Custom SOC Service” that flexibly supports existing security devices
Three of these are “critical.” Three vulnerabilities are important:
- NTLM Hash Disclosure Spoofing (CVE-2025-21377)
- Microsoft Surface Security Feature Bypass (CVE-2025-21194)
- Windows Ancillary Function Driver for WinSock Elevation of Privilege (CVE-2025-21418)
These have already been exploited or had their details shared before the patch was released.
Given the potential risks, Microsoft strongly advises users to install the updates without delay.
SOURCE: Yahoo
