Summary: Microsoft has addressed numerous vulnerabilities in its Windows platform, including urgent fixes for two zero-day exploits that could allow attackers to gain privileged access and execute malicious code. Notably, two critical vulnerabilities are highlighted: one affecting Windows Storage and another in the Windows Ancillary Function Driver for WinSock. The company also emphasizes the importance of patching remote code execution issues in Microsoft Excel and other applications.
Affected: Microsoft Windows OS and applications
Keypoints :
- Microsoft patched at least 55 vulnerabilities during this month’s Patch Tuesday, focusing on critical zero-days.
- Key vulnerabilities include CVE-2025-21391 and CVE-2025-21418, which allow file deletion and privilege escalation, respectively.
- Remote code execution issues in Microsoft Excel and LDAP also require urgent attention from users.
Source: https://www.securityweek.com/microsoft-patches-wormable-windows-flaw-and-file-deleting-zero-day/