Exploiting a scratch activity on the zero day in the additional functionality program for Windows for Winsock
The Windows Asillary Job Practical Service for Winsock has received a correction for CVE-2025-21418, which has an important danger and CVSS 7.8. Windows Asillary functional program for Winsock is mainly responsible for dealing with network related jobs. This height allows the attacker's weakness to obtain regime privileges. Microsoft indicated that the security vulnerability is the result of the pile -based temporary store flow, but it did not share the details or source of the other disclosure.
Table 1. Safar Day in the additional functionality program for Windows for Winsockseveritycvss Scorecvedescriprationimortant 7.8cve-2025-2118Windows Asillary Function Driver for Winsock Elevation of Excessive Pruction
Its exploitation in an active security vulnerability on zero to store Windows
Windows Storage received a correction of Cve-2025-21391, which has an important danger and CVSS 7.1. This height allows the victim of the attacker to delete the target files on the system. Weakness is not allowed to detect data, but it may disrupt services if critical files are deleted.
Table 2. Zero Day at Windows Storageseveritycvs Scorecvingsctionimport7.1CVE-2015-21391wwindows
It was publicly unveiled on zero day in Microsoft Surface and Windows
Microsoft Surface devices have received a correction for CVE-2025-21194, which has an important degree of important degree and CVSS 7.1. A successful exploitation of this extreme weakness depends on the convergence of multiple factors, including the specific application behavior, user procedures, teacher processing, and impersonation of the distinguished symbol of the level of integrity.
Table 3. Zero Day in Microsoft Surfaceeseveritycvss Scorecvedesctionimortant 7.1cve 2015-21194Microsoft
Windows receives a correction of Cve-2025-21377, which has a strong degree of important and CVSS 6.5. This weakness can lead to complete secret loss by exposing the user NTLMV2 retail, which may allow the attacker to ratify as a user. The minimum user interaction with a harmful file requires.
This weakness affects all versions of Windows. Meanwhile, Microsoft has announced the retirement of the Internet Explorer 11 application on certain platforms, the Microsoft Edge Legacy app is neglected, MSHTML and Edghtml platforms and supported text programming are still supported. The accumulated Internet Explorer (IE) updates are included for some servers due to the constant support of MSHTML, Edghtml and programming. For full protection, Microsoft recommends installing only Windows updates and cumulative updates. Exploiting this easy weakness and high demand, the risks of urgent and patching.
Table.
The security vulnerability in the light guide arrival in Windows
CVE-2025-21376 is a decisive security vulnerability that affects the light guide to Windows (LDAP) and has a CVSS 8.1 degree. This highly complicated security vulnerability requires attackers to win a race for successful exploitation. An unbelievable striker can use it by sending a specially made request to the weak LDAP servant, which may cause a temporary store flow that may lead to a remote symbol.
Microsoft recommends the formation of all Active Directory servers for not accepting a remote procedure calls (RPCs) from unreliable networks in addition to correcting this security vulnerability. Due to the ease of exploitation and the great risks of this weakness on the active Directory environment, it must be mitigated and correct quickly.
Table.
Critical weakness in Microsoft Excel
CVE-2025-21381 is a critical RCE weakness that affects Microsoft Excel and has a CVSS 7.8 degree. Although it is classified as a local attack in CVSS, this weakness can lead to a remote symbol because the attacker can be far while exploitation occurs locally on the victim's machine. Weakness can be run by the inspection part of the affected requests, as we have seen several times at similar weaknesses (April 2023, July 2023, December 2023, October 2024, January 2025).
Table.
The critical weakness in the service of customer formation of the dynamic host
CVE-2025-21379 is a critical RCE vulnerability with a CVSS score of 7.1 and affects the DHCP customer service (dynamic hosting protocol). This highly complex security vulnerability requires the attacker to attack the device in the center, as it pumps itself between the target and the required resource. The attack on the systems is limited to the same network chip, as the attacker, which restricts its scope on the local region network instead of multiple networks.
Table.
Tuesday dashboard on the Falcon platform
For a visual overview of the systems affected by the weaknesses of this month, you can use the newly available correction information panel. It can be found on the Crowdstrike Falcon® on the exposure management page> Security Gapility Management> Information Panel. Preparation paintings show the last three months of weaknesses on Tuesday.
Not all of the relevant weaknesses have spots: consider mitigation strategies
As we learned with other prominent weaknesses, such as Log4J, no easily exploited security vulnerability can be corrected. As with the PROXYNOTSHELL weakness, it is extremely important to develop a response plan for how to defend your environments when there is no correction protocol.
The regular review of your correction strategy should remain part of your program, but you should also consider more completely in your institutions of cybersecurity and improving the general security position.
The Crowdstrike Falcon platforms and analyzes trillions of the end of the end of the end of the end of the end of the end of the end of the end of millions of sensors that were published in 176 countries. Watch this explanatory show to see the Falcon platform while working.
Learn more
Crowdstrike Falcon® can help you quickly and easily discover weaknesses and other types of exposure – learn more here.
About CVSS degrees
CVSS is a free and open standard in industry used by Crowdstrike and many other cyber security institutions to evaluate and connect the intensity of the weaknesses and its characteristics. The CVSS base ranges from 0.0 to 10.0, and the national weakness database (NVD) adds a severity of CVSS. Learn more about recording weakness in this article.
Additional resources
