Microsoft February 2025 Security Updates

Security 10828 Published by

Microsoft has announced the release of 63 security updates, addressing a range of vulnerabilities across various platforms including Windows 10, Windows DHCP Client, Windows Message Queuing, Windows Resilient File System (ReFS) Deduplication Service, Windows CoreMessaging, Azure Network Watcher, Windows Telephony Service, Microsoft Surface, Microsoft High Performance Compute Pack (HPC) Linux Node Agent, Windows Telephony Service, Windows Telephony Server, Visual Studio, Windows Routing and Remote Access Service (RRAS), Windows Internet Connection Sharing (ICS), Windows CoreMessaging, Windows Kernel, Windows Win32 Kernel Subsystem, Windows LDAP, Windows NTLM, Windows DHCP Server, Microsoft Office Excel, Windows Storage, Microsoft Office SharePoint, Windows DWM Core Library, Windows Ancillary Function Driver for WinSock, Windows Setup Files Cleanup, Windows Disk Cleanup Tool, Microsoft AutoUpdate (MAU), and Visual Studio Code.





February 2025 Security Updates

This release consists of the following 63 Microsoft CVEs:

TagCVEBase ScoreFAQs?Workarounds?Mitigations?
Microsoft Dynamics 365 Sales CVE-2025-211778.7YesNoNo
Windows DHCP Client CVE-2025-211794.8YesNoNo
Windows Message Queuing CVE-2025-211817.5YesNoNo
Windows Resilient File System (ReFS) Deduplication Service CVE-2025-211827.4YesNoNo
Windows Resilient File System (ReFS) Deduplication Service CVE-2025-211837.4YesNoNo
Windows CoreMessaging CVE-2025-211847.0YesNoNo
Azure Network Watcher CVE-2025-211886.0YesNoNo
Windows Telephony Service CVE-2025-211908.8YesNoNo
Microsoft Surface CVE-2025-211947.1YesNoNo
Microsoft High Performance Compute Pack (HPC) Linux Node Agent CVE-2025-211989.0YesNoNo
Windows Telephony Service CVE-2025-212008.8YesNoNo
Windows Telephony Server CVE-2025-212018.8YesNoNo
Visual Studio CVE-2025-212067.3YesNoNo
Windows Routing and Remote Access Service (RRAS) CVE-2025-212088.8YesNoNo
Windows Internet Connection Sharing (ICS) CVE-2025-212126.5YesNoNo
Windows Internet Connection Sharing (ICS) CVE-2025-212166.5YesNoNo
Microsoft Edge for iOS and Android CVE-2025-212535.3YesNoNo
Windows Internet Connection Sharing (ICS) CVE-2025-212546.5YesNoNo
Outlook for Android CVE-2025-212595.3YesNoNo
Microsoft Edge (Chromium-based) CVE-2025-212674.4YesNoNo
Microsoft Edge (Chromium-based) CVE-2025-212796.5YesNoNo
Microsoft Edge (Chromium-based) CVE-2025-212836.5YesNoNo
Microsoft PC Manager CVE-2025-213227.8YesNoNo
Microsoft Windows CVE-2025-213373.3YesNoNo
Microsoft Edge (Chromium-based) CVE-2025-213428.8YesNoNo
Windows Update Stack CVE-2025-213476.0YesNoNo
Windows Remote Desktop Services CVE-2025-213496.8YesNoNo
Windows Kerberos CVE-2025-213505.9YesNoNo
Active Directory Domain Services CVE-2025-213517.5NoNoNo
Windows Internet Connection Sharing (ICS) CVE-2025-213526.5YesNoNo
Windows CoreMessaging CVE-2025-213587.8YesNoNo
Windows Kernel CVE-2025-213597.8YesNoNo
Windows Win32 Kernel Subsystem CVE-2025-213677.8YesNoNo
Microsoft Digest Authentication CVE-2025-213688.8YesNoNo
Microsoft Digest Authentication CVE-2025-213698.8YesNoNo
Windows Telephony Service CVE-2025-213718.8YesNoNo
Windows Installer CVE-2025-213737.8YesNoNo
Microsoft Streaming Service CVE-2025-213757.8YesNoNo
Windows LDAP - Lightweight Directory Access Protocol CVE-2025-213768.1YesNoNo
Windows NTLM CVE-2025-213776.5YesNoNo
Windows DHCP Server CVE-2025-213797.1YesNoNo
Microsoft Office Excel CVE-2025-213817.8YesNoNo
Microsoft Office Excel CVE-2025-213837.8YesNoNo
Microsoft Office Excel CVE-2025-213867.8YesNoNo
Microsoft Office Excel CVE-2025-213877.8YesNoNo
Microsoft Office Excel CVE-2025-213907.8YesNoNo
Windows Storage CVE-2025-213917.1YesNoNo
Microsoft Office CVE-2025-213927.8YesNoNo
Microsoft Office Excel CVE-2025-213947.8YesNoNo
Microsoft Office CVE-2025-213977.8YesNoNo
Microsoft Office SharePoint CVE-2025-214008.0YesNoNo
Microsoft Edge (Chromium-based) CVE-2025-214044.3YesNoNo
Windows Telephony Service CVE-2025-214068.8YesNoNo
Windows Telephony Service CVE-2025-214078.8YesNoNo
Microsoft Edge (Chromium-based) CVE-2025-214088.8YesNoNo
Windows Routing and Remote Access Service (RRAS) CVE-2025-214108.8YesNoNo
Windows DWM Core Library CVE-2025-214147.0YesNoNo
Windows Ancillary Function Driver for WinSock CVE-2025-214187.8YesNoNo
Windows Setup Files Cleanup CVE-2025-214197.1YesNoNo
Windows Disk Cleanup Tool CVE-2025-214207.8YesNoNo
Microsoft AutoUpdate (MAU) CVE-2025-240367.0YesNoNo
Visual Studio Code CVE-2025-240397.3YesNoNo
Visual Studio Code CVE-2025-240427.3YesNoNo

We are republishing 4 non-Microsoft CVEs:

CNATagCVEFAQs?Workarounds?Mitigations?
HackerOneOpen Source Software CVE-2023-32002YesNoNo
ChromeMicrosoft Edge (Chromium-based) CVE-2025-0444YesNoNo
ChromeMicrosoft Edge (Chromium-based) CVE-2025-0445YesNoNo
ChromeMicrosoft Edge (Chromium-based) CVE-2025-0451YesNoNo

Security Update Guide Blog Posts

DateBlog Post
November 12, 2024 Toward greater transparency: Publishing machine-readable CSAF files
June 27, 2024 Toward greater transparency: Unveiling Cloud Service CVEs
April 9, 2024 Toward greater transparency: Security Update Guide now shares CWEs for CVEs
January 6, 2023 Publishing CBL-Mariner CVEs on the Security Update Guide CVRF API
January 11, 2022 Coming Soon: New Security Update Guide Notification System
February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
December 8, 2020 Security Update Guide: Let’s keep the conversation going
November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide

Relevant Resources

  • The Hotpatching feature now supports Windows 11 version 24H2 client in addition to Windows Server 2022 and 2025. Please see  Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
  • Windows 10 and Windows 11 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10 and Windows 11, in addition to non-security updates. The updates are available via the  Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 and Windows 11 operating systems, please see  Windows Lifecycle Facts Sheet.
  • Microsoft is improving Windows Release Notes. For more information, please see  What's next for Windows release notes.
  • A list of the latest servicing stack updates for each operating system can be found in  ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
  • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
  • Customers running Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See  4522133 for more information.

Known Issues

You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

For more information about Windows Known Issues, please see  Windows message center (links to currently-supported versions of Windows are in the left pane).

KB ArticleApplies To
5051974Windows 10, version 21H2, Windows 10, version 22H2
5051979Windows Server 2022
5051980Windows Server 2022, 23H2 Edition (Server Core installation)
5051987Windows 11, version 24H2
5051989Windows 11, version 22H2, Windows 11, version 23H2
5052000Windows 10, version 1809, Windows Server 2019
5052038Windows Server 2008 (Monthly Rollup)
5052072Windows Server 2008 (Security-only update)

Win10

Security Update Guide - Microsoft Security Response Center

PHP 8.4.4 released

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.org  I ...