Microsoft recently patched 55 security vulnerabilities in Windows, including four zero-day flaws. Among them, two flaws were actively exploited by cybercriminals in attacks. They allow to take complete control of the computer or crash it.
Microsoft has just fixed 55 security vulnerabilities discovered in the Windows code. Among the vulnerabilities listed by the editor, there are four zero-day vulnerabilities. Microsoft defines a zero-day flaw as a vulnerability that is either made public or already exploited by hackers, before an official patch is available.
Two vulnerabilities exploited in cyberattacks
Two of the vulnerabilities have been actively exploited by cybercriminals in their operations. One of the flaws could “allow an attacker to delete data, including data that could result in a service interruption ,” but is unlikely to result in “disclosure of confidential information . ”
As Tenable experts point out, “seven elevation of privilege vulnerabilities have been identified in the Windows Storage category, including two in 2022, one in 2023, and four in 2024.” However, “this is the first time that a vulnerability in this category has been reported as being exploited in the wild as a Zero Day . “
The second exploited flaw affects the Auxiliary Functions Driver ( AFD.sys ), a core component of Windows that manages network communications via the Windows Sockets (WinSock) API. The vulnerability allows a local attacker to bypass security restrictions and execute malicious code with elevated privileges , or even take complete control of the PC. The American giant did not say more about the circumstances of the attacks, nor about the identity of the hackers.
“Both of these vulnerabilities appear to be exploitable after an initial compromise, meaning an attacker must first gain local access to the vulnerable system through other means, such as leveraging another vulnerability for initial access, a social engineering technique, or using compromised or weak credentials,” Tenable explained in a response to 01Net.
Other worrying gaps plugged
Other zero-day flaws include a flaw in the hypervisor , a software that manages virtual machines on Windows. It could let an attacker bypass the Unified Extensible Firmware Interface ( UEFI ), the firmware that manages the boot process, to gain access to the secure Windows kernel. On some computers, an attacker could use the flaw to take control of a virtual machine, eventually compromising the operating system.
According to our colleagues at Bleeping Computer, the breach is likely linked to PixieFail, a set of nine security flaws discovered in UEFI last month. It affects all manufacturers that rely on this open source solution. Finally, Microsoft also announced that it has patched a Windows vulnerability that exposes users’ NTLM (New Technology LAN Manager) hashes, i.e. encrypted versions of passwords. All it took was to encourage the user to interact with a malicious file, even without opening it, to get their hands on the hashes.
To protect its users, Microsoft has included fixes in the February 2025 Patch Tuesday. We obviously recommend that you install the update on your Windows computer. To install the latest updates released by Microsoft, go to your computer’s Settings , then select Update & Security . In the Windows Update section , click Check for updates . If updates are available, they will be downloaded and installed automatically.
ALSO READ: Powerbeats Pro 2: Beats Headphones That Track Your Heart Like the Apple Watch!