Summary: Microsoft has patched a critical vulnerability in the Windows Disk Cleanup Tool, known as CVE-2025-21420, during its February 2025 Patch Tuesday. This flaw could permit attackers to gain SYSTEM privileges on affected systems, posing a significant security risk. Users are urged to apply the security update promptly to safeguard against potential exploits.
Affected: Windows Disk Cleanup Tool (cleanmgr.exe)
Keypoints :
- Vulnerability CVE-2025-21420 allows for potential SYSTEM privilege escalation.
- The exploit utilizes a DLL sideloading technique to hijack the Disk Cleanup tool’s execution.
- Microsoft’s February 2025 Patch Tuesday includes fixes for 55 vulnerabilities, with strong recommendations for users to update immediately.