Microsoft released 57 updates on Tuesday spanning 13 product families. Microsoft deems two of the issues addressed as Critical, with a CVSS base score of 8.0 or higher for 13. Among these, two Windows issues are currently being exploited in the wild.
During patching, two Windows issues (CVE-2025-21391, CVE-2025-21418) are identified as actively exploited, with 17 more CVEs expected to be exploited in the next 30 days according to Microsoft. Four of this month’s issues can be detected by Sophos protections, and details are provided in the following table.
Aside from the patches, there are also updates on Servicing Stack Updates. Additionally, information is available on this month’s 10 Edge patches, and a patch for Internet Explorer for the second consecutive month, detailed below. One Dynamics 365 issue addressed in the release has already been mitigated by Microsoft.
We are providing appendices at the end of this post listing all Microsoft patches, categorized by severity, expected exploitability, and product family. An appendix outlining advisory-style updates is also included, along with a breakdown of patches affecting the various supported Windows Server platforms.
This month, additional information is included in Appendix B summarizing the CVSS Base scores for the most critical vulnerabilities.
By the statistics
- Total CVEs: 57
- Publicly disclosed: 2
- Exploit detected: 2
- Severity
- Critical: 2
- Important: 55
- Impact
- Remote Code Execution: 23
- Elevation of Privilege: 19
- Denial of Service: 9
- Security Feature Bypass: 2
- Spoofing: 2
- Information Disclosure: 1
- Tampering: 1
- CVSS base score 9.0 or greater: 1
- CVSS base score 8.0 or greater: 12
Figure 1: Approximately half of February’s CVE count relates to Remote Code Execution, including the Critical-severity issues.
Products
- Windows: 37
- 365: 8
- Office: 8
- Excel: 6
- Visual Studio: 4
- Azure: 2
- CBL Mariner: 1
- PC: 1
- Microsoft AutoUpdate for Mac: 1
- Outlook: 1
- PC Manager: 1
- SharePoint: 1
- Surface: 1
For this list, CVEs that apply to multiple product families are counted once for each affected family.
Figure 2: All of February’s 37 Windows patches apply to the server-side OS, with most also relevant to the client side. An interesting observation for this month is the presence of four patches for Visual Studio, but none for .NET
Noteworthy February updates
In addition to the aforementioned issues, several specific items are worth highlighting.
CVE-2025-21391 — Windows Storage Elevation of Privilege Vulnerability
One of the two known issues currently exploited in the wild, this flaw enables an attacker to delete targeted files on the system without requiring user interaction.
CVE-2025-21198 – Microsoft High Performance Compute (HPC) Pack Linux Compute Node Remote Code Execution Vulnerability
Microsoft categorizes this Important-severity CVE with a CVSS score of 9.0, indicating it is less likely to be exploited in the next 30 days. Exploiting this flaw necessitates network access to the targeted clusters and nodes, with the attacker sending a malicious HTTPS request to the head node or Linux compute node.
CVE-2025-21381, CVE-2025-21386, CVE-2025-21387, CVE-2025-21390, CVE-2025-21394 – all Microsoft Excel Remote Code Execution Vulnerability
Five of this month’s six Excel vulnerabilities, also present in 365 and Office, involve Preview Pane as a potential attack vector. These issues are rated as Important with a CVSS Base score of 7.8.
CVE-2025-21194 — Microsoft Surface Security Feature Bypass Vulnerability
While challenging to exploit, this vulnerability demands significant preparation, attacker access to a restricted network, and a user-initiated reboot. Noteworthy about this flaw is its dependency on the hardware, specifically across various versions of Microsoft’s Surface platform and VMs within a UEFI host machine. If successfully exploited, an attacker could bypass the UEFI, potentially compromising the hypervisor and secure kernel.
CVE-2025-21377 — NTLM Hash Disclosure Spoofing Vulnerability
Back to Internet Explorer? Indeed, and this patch brings some retro vibes. This vulnerability, revealing the user’s NTLMv2 hash, impacts the underlying MSHTML, EdgeHTML, and scripting platforms within various applications. Microsoft anticipates this issue to be among those likely exploited in the wild within the next month. The bug’s discovery involved a multinational effort, with credit shared by researchers at Cathay Pacific, as well as security firms Securify BV and ACROS Security. The latter may ring a bell for seasoned tech professionals, recalling their early find, which was part of the vulnerabilities exploited by Stuxnet.
Figure 3: With only one vulnerability related to Tampering this month, the 2025 cumulative chart now represents all the usual categories.
Sophos safeguards
| CVE | Sophos Intercept X/Endpoint IPS | Sophos XGS Firewall |
| CVE-2025-21184 | Exp/2521184-A | Exp/2521184-A |
| CVE-2025-21358 | Exp/2521358-A | Exp/2521358-A |
| CVE-2025-21377 | sid:2310588 | sid:2310588 |
| CVE-2025-21414 | Exp/2521414-A | Exp/2521414-A |
Every single month, in case you are not interested in waiting for your system to automatically fetch Microsoft’s updates, you are able to manually obtain them from the Windows Update Catalog website. Use the winver.exe utility to figure out the specific version of Windows 10 or 11 running on your computer. Following that, grab the Cumulative Update package suitable for your system’s architecture and build version.
Appendix A: Impact and Severity of Vulnerabilities
Here is a compilation of February’s patches arranged based on impact and then ranked by severity. The list is further categorized by CVE.
Remote Code Execution (23 CVEs)
| Critical severity | |
| CVE-2025-21376 | Windows Lightweight Directory Access Protocol (LDAP) Vulnerability with Remote Code Execution |
| CVE-2025-21379 | Vulnerability in DHCP Client Service with Remote Code Execution |
| Important severity | |
| CVE-2023-32002 | Remote Code Execution Vulnerability in Node.js `Module._load()` policy (HackerOne: CVE-2023-32002) |
| CVE-2025-21188 | Remote Code Execution Vulnerability in Azure Network Watcher VM Extension |
| CVE-2025-21190 | Windows Telephony Service Vulnerability with Remote Code Execution |
| CVE-2025-21198 | Remote Code Execution Vulnerability in Microsoft High Performance Compute (HPC) Pack Linux Compute Node |
| CVE-2025-21200 | Windows Telephony Service Vulnerability with Remote Code Execution |
| CVE-2025-21201 | Remote Code Execution Vulnerability in Windows Telephony Server |
| CVE-2025-21208 | Remote Code Execution Vulnerability in Windows Routing and Remote Access Service (RRAS) |
| CVE-2025-21368 | Remote Code Execution Vulnerability in Microsoft Digest Authentication |
| CVE-2025-21369 | Remote Code Execution Vulnerability in Microsoft Digest Authentication |
| CVE-2025-21371 | Windows Telephony Service Vulnerability with Remote Code Execution |
| CVE-2025-21381 | Remote Code Execution Vulnerability in Microsoft Excel |
| CVE-2025-21386 | Remote Code Execution Vulnerability in Microsoft Excel |
| CVE-2025-21387 | Remote Code Execution Vulnerability in Microsoft Excel |
| CVE-2025-21390 | Remote Code Execution Vulnerability in Microsoft Excel |
| CVE-2025-21392 | Remote Code Execution Vulnerability in Microsoft Office |
| CVE-2025-21394 | Remote Code Execution Vulnerability in Microsoft Excel |
| CVE-2025-21397 | Remote Code Execution Vulnerability in Microsoft Office |
| CVE-2025-21400 | Remote Code Execution Vulnerability in Microsoft SharePoint Server |
| CVE-2025-21406 | Windows Telephony Service Vulnerability with Remote Code Execution |
| CVE-2025-21407 | Windows Telephony Service Vulnerability with Remote Code Execution |
| CVE-2025-21410 | Remote Code Execution Vulnerability in Windows Routing and Remote Access Service (RRAS) |
Elevation of Privilege (19 CVEs)
| Important severity | |
| CVE-2025-21182 | Elevation of Privilege Vulnerability in Windows Resilient File System (ReFS) Deduplication Service |
| CVE-2025-21183 | Elevation of Privilege Vulnerability in Windows Resilient File System (ReFS) Deduplication Service |
| CVE-2025-21184 | Elevation of Privileges Vulnerability in Windows Core Messaging |
| CVE-2025-21206 | Elevation of Privilege Vulnerability in Visual Studio Installer |
| CVE-2025-21322 | Elevation of Privilege Vulnerability in Microsoft PC Manager |
| CVE-2025-21337 | Elevation of Privilege Vulnerability in Windows NTFS |
| CVE-2025-21358 | Elevation of Privileges Vulnerability in Windows Core Messaging |
| CVE-2025-21367 | Elevation of Privilege Vulnerability in Windows Win32 Kernel Subsystem |
| CVE-2025-21373 | Elevation of Privilege Vulnerability in Windows Installer |
| CVE-2025-21375 | Elevation of Privilege Vulnerability in Kernel Streaming WOW Thunk Service Driver |
| CVE-2025-21391 | Elevation of Privilege Vulnerability in Windows Storage |
| CVE-2025-21414 | Elevation of Privileges Vulnerability in Windows Core Messaging |
| CVE-2025-21418 | Elevation of Privilege Vulnerability in Windows Ancillary Function Driver for WinSock |
| CVE-2025-21419 | Elevation of Privilege Vulnerability in Windows Setup Files Cleanup |
| CVE-2025-21420 | Elevation of Privilege Vulnerability in Windows Disk Cleanup Tool |
| CVE-2025-24036 | Elevation of Privilege Vulnerability in Microsoft AutoUpdate (MAU) |
| CVE-2025-24038 | Elevation of Privilege Vulnerability in Azure Firmware |
| CVE-2025-24039 | Elevation of Privilege Vulnerability in Visual Studio Code |
| CVE-2025-24042 | Elevation of Privilege Vulnerability in Visual Studio Code JS Debug Extension |
Denial of Service (9 CVEs)
| Important severity | |
| CVE-2025-21179 | Denial of Service Vulnerability in DHCP Client Service |
| CVE-2025-21181 | Denial of Service Vulnerability in Microsoft Message Queuing (MSMQ) |
| CVE-2025-21212 | Denial of Service Vulnerability in Internet Connection Sharing (ICS) |
| CVE-2025-21216 | Denial of Service Vulnerability in Internet Connection Sharing (ICS) |
| CVE-2025-21254 | Denial of Service Vulnerability in Internet Connection Sharing (ICS) |
| Windows Deployment Services Denial of Service Weakness | |
| CVE-2025-21350 | Windows Kerberos Denial of Service Weakness |
| CVE-2025-21351 | Windows Active Directory Domain Services API Denial of Service Weakness |
| CVE-2025-21352 | Internet Connection Sharing (ICS) Denial of Service Weakness |
Security Feature Circumvention (2 CVEs)
| Significant severity | |
| CVE-2025-21194 | Microsoft Surface Security Feature Circumvention Weakness |
| CVE-2025-21359 | Windows Kernel Security Feature Circumvention Weakness |
Forgery (2 CVEs)
| Significant severity | |
| CVE-2025-21259 | Microsoft Outlook Forgery Weakness |
| CVE-2025-21377 | NTLM Hash Disclosure Forgery Weakness |
Data Leakage (1 CVE)
| Significant severity | |
| CVE-2025-21383 | Microsoft Excel Data Leakage Weakness |
Fiddling (1 CVE)
| Significant severity | |
| CVE-2025-21349 | Windows Remote Desktop Configuration Service Fiddling Weakness |
Appendix B: Vulnerability to Exploitation and CVSS
Below is a list of the February CVEs assessed by Microsoft as either being exploited in the wild or having a higher likelihood of being exploited within the initial 30 days post-release. The list is further organized by CVE.
| Exploitation Detected | |
| CVE-2025-21391 | Windows Storage Elevation of Privilege Weakness |
| CVE-2025-21418 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Weakness |
| Higher Likelihood of Exploitation in the Next 30 Days | |
| CVE-2025-21184 | Windows Core Messaging Elevation of Privileges Weakness |
| CVE-2025-21358 | Windows Core Messaging Elevation of Privileges Weakness |
| CVE-2025-21367 | Windows Win32 Kernel Subsystem Elevation of Privileges Weakness |
| CVE-2025-21376 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Weakness |
| CVE-2025-21377 | NTLM Hash Disclosure Forgery Weakness |
| CVE-2025-21400 | Microsoft SharePoint Server Remote Code Execution Weakness |
| CVE-2025-21414 | Windows Core Messaging Elevation of Privileges Weakness |
| CVE-2025-21419 | Windows Setup Files Cleanup Elevation of Privilege Weakness |
| CVE-2025-21420 | Windows Disk Cleanup Tool Elevation of Privilege Weakness |
This is a catalog of February’s CVEs with a Microsoft-evaluated CVSS Base score of 8.0 or higher. They are ordered by score and further categorized by CVE. For detailed knowledge on how CVSS operates, please refer to our discussion on patch prioritization schema.
| CVSS Base | CVSS Temporal | CVE | Title |
| 9.0 | 7.8 | CVE-2025-21198 | Microsoft High Performance Compute (HPC) Pack Linux Compute Node Remote Code Execution Weakness |
| 8.8 | 7.7 | CVE-2025-21190 | Windows Telephony Service Remote Code Execution Weakness |
| 8.8 | 7.7 | CVE-2025-21200 | Windows Telephony Service Remote Code Execution Weakness |
| 8.8 | 7.7 | CVE-2025-21201 | Windows Telephony Server Remote Code Execution Weakness |
| 8.8 | 7.7 | CVE-2025-21208 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Weakness |
| 8.8 | 7.7 | CVE-2025-21368 | Microsoft Digest Authentication Remote Code Execution Weakness |
| 8.8 | 7.7 | CVE-2025-21369 | Microsoft Digest Authentication Remote Code Execution Weakness |
| 8.8 | 7.7 | CVE-2025-21371 | Windows Telephony Service Remote Code Execution Weakness |
| 8.8 | 7.7 | CVE-2025-21406 | Windows Telephony Service Remote Code Execution Weakness |
| 8.8 | 7.7 | CVE-2025-21407 | Windows Telephony Service Remote Code Execution Weakness |
| 8.8 | 7.7 | CVE-2025-21410 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Weakness |
| 8.1 | 7.1 | CVE-2025-21376 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Weakness |
| 8.0 | 7.0 | CVE-2025-21400 | Microsoft SharePoint Server Remote Code Execution Weakness |
Appendix C: Impacted Products
Provided below is a compiled list of February’s patches categorized by product family, then sorted by severity. Each listing is further organized by CVE. Patches that affect multiple product families are displayed multiple times, once for each product family. Concerns related to Windows Server are additionally arranged in Appendix E.
Windows (37 CVEs)
| Critical severity | |
| CVE-2025-21376 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Weakness |
| CVE-2025-21379 | DHCP Client Service Remote Code Execution Weakness |
| Important severity | |
| CVE-2025-21179 | DHCP Client Service Denial of Service Weakness |
| CVE-2025-21181 | MicrosoftCommunication Protocol (Vuln) |
| CVE-2025-21182 | Windows File Integrity (ReFS) Duplicate Service Elevation of Privilege Threat |
| CVE-2025-21183 | Windows Resilient File System (ReFS) Duplicate Service Privilege Escalation Vulnerability |
| CVE-2025-21184 | Windows Core Messaging Privilege Gain Weakness |
| CVE-2025-21190 | Windows Telephone Service Remote Code Injection Threat |
| CVE-2025-21200 | Windows Telephone Service Unauthorized Code Execution Vulnerability |
| CVE-2025-21201 | Windows Telephone Server Code Injection Weakness |
| CVE-2025-21208 | Windows Routing and Remote Access Service (RRAS) Code Execution Flaw |
| CVE-2025-21212 | Internet Sharing Facility (ICS) Disruption of Service Weakness |
| CVE-2025-21216 | Internet Sharing Facility (ICS) Service Disruption Vulnerability |
| CVE-2025-21254 | Internet Sharing Facility (ICS) Service Disruption Threat |
| CVE-2025-21337 | Windows NT File System Privilege Escalation Threat |
| CVE-2025-21347 | Windows Deployment Services Disruption of Service Weakness |
| CVE-2025-21349 | Windows Remote Desktop Configuration Service Manipulation Vulnerability |
| CVE-2025-21350 | Windows Kerberos Service Disruption of Service Issue |
| CVE-2025-21351 | Windows Active Directory Domain Services API Disruption of Service Weakness |
| CVE-2025-21352 | Internet Sharing Facility (ICS) Service Disruption Weakness |
| CVE-2025-21358 | Windows Core Messaging Privilege Gain Weakness |
| CVE-2025-21359 | Windows Kernel Security Feature Evasion Weakness |
| CVE-2025-21367 | Windows Win32 Kernel Subsystem Privilege Escalation Threat |
| CVE-2025-21368 | Microsoft Digest Authentication Unauthorized Remote Code Injection Vulnerability |
| CVE-2025-21369 | Microsoft Digest Authentication Unauthorized Remote Code Injection Weakness |
| CVE-2025-21371 | Windows Telephone Service Remote Code Injection Threat |
| CVE-2025-21373 | Windows Installer Elevation of Privileges Issue |
| CVE-2025-21375 | Kernel Streaming WOW Thunk Service Driver Privilege Elevation Risk |
| CVE-2025-21377 | NTLM Hash Disclosure Impersonation Threat |
| CVE-2025-21391 | Windows Storage Privilege Escalation Weakness |
| CVE-2025-21406 | Windows Telephone Service Unauthorized Code Execution Vulnerability |
| CVE-2025-21407 | Windows Telephone Service Unauthorized Code Execution Weakness |
| CVE-2025-21410 | Windows Routing and Remote Access Service (RRAS) Code Execution Threat |
| CVE-2025-21414 | Windows Core Messaging Privilege Gain Vulnerability |
| CVE-2025-21418 | Windows Ancillary Function Driver for WinSock Privilege Elevation Weakness |
| CVE-2025-21419 | Windows Setup Files Cleanup Privilege Escalation Threat |
| CVE-2025-21420 | Windows Disk Cleanup Tool Privilege Elevation Weakness |
365 (8 Vulnerabilities)
| Important severity | |
| CVE-2025-21381 | Microsoft Excel Unauthorized Remote Code Injection Vulnerability |
| CVE-2025-21383 | Microsoft Excel Sensitive Data Exposure Threat |
| CVE-2025-21386 | Microsoft Excel Unauthorized Remote Code Injection Vulnerability |
| CVE-2025-21387 | Microsoft Excel Unauthorized Remote Code Injection Vulnerability |
| CVE-2025-21390 | Microsoft Excel Unauthorized Remote Code Injection Vulnerability |
| CVE-2025-21392 | Microsoft Office Unauthorized Remote Code Injection Vulnerability |
| CVE-2025-21394 | Microsoft Excel Unauthorized Remote Code Injection Vulnerability |
| CVE-2025-21397 | Microsoft Office Unauthorized Remote Code Injection Vulnerability |
Office (8 Threats)
| Important severity | |
| CVE-2025-21381 | Microsoft Excel Unauthorized Remote Code Injection Vulnerability |
| CVE-2025-21383 | Microsoft Excel Sensitive Data Exposure Threat |
| CVE-2025-21386 | Microsoft Excel Unauthorized Remote Code Injection Vulnerability |
| CVE-2025-21387 | Microsoft Excel Unauthorized Remote Code Injection Vulnerability |
| CVE-2025-21390 | Microsoft Excel Unauthorized Remote Code Injection Vulnerability |
| CVE-2025-21392 | Microsoft Office Unauthorized Remote Code Injection Vulnerability |
| CVE-2025-21394 | Microsoft Excel Unauthorized Remote Code Injection Vulnerability |
| CVE-2025-21397 | Microsoft Office Unauthorized Remote Code Injection Vulnerability |
Excel (6 Vulnerabilities)
| Important severity | |
| CVE-2025-21381 | Microsoft Excel Unauthorized Remote Code Injection Vulnerability |
| CVE-2025-21383 | Microsoft Excel Sensitive Data Exposure Threat |
| CVE-2025-21386 | Microsoft Excel Unauthorized Remote Code Injection Vulnerability |
| CVE-2025-21387 | Microsoft Excel Unauthorized Remote Code Injection Vulnerability |
| CVE-2025-21390 | Microsoft Excel Unauthorized Remote Code Injection Vulnerability |
| CVE-2025-21394 | Microsoft Excel Unauthorized Remote Code Injection Vulnerability |
Visual Studio (4 Vulnerabilities)
| Important severity | |||
| CVE-2023-32002 | HackerOne: CVE-2023-32002 Node.js `Module._load()` Policy Unauthorized Remote Code Injection Vulnerability | ||
| CVE-2025-21206 | Visual Studio Installer | Vulnerability of Elevated Privilege | |
| CVE-2025-24039 | Issue with Elevation of Privilege in Visual Studio Code | ||
| CVE-2025-24042 | Elevation of Privilege Vulnerability in Visual Studio Code JS Debug Extension | ||
Azure (2 Common Vulnerability Exposures)
| Significant severity | |
| CVE-2025-21188 | Azure Network Watcher VM Extension Vulnerability allowing Remote Code Execution |
| CVE-2025-24038 | Elevation of Privilege Vulnerability in Azure Firmware |
CBL Mariner (1 Common Vulnerability Exposure)
| Significant severity | |
| CVE-2023-32002 | Node.js Module._load() policy Remote Code Execution Vulnerability in HackerOne: CVE-2023-32002 |
High Performance Computing (1 CVE)
| Significant severity | |
| CVE-2025-21198 | Vulnerability for Remote Code Execution on Linux Compute Node in Microsoft High Performance Compute (HPC) Pack |
Microsoft AutoUpdate for Mac (1 CVE)
| Significant severity | |
| CVE-2025-24036 | Elevation of Privilege Vulnerability in Microsoft AutoUpdate (MAU) |
Outlook (1 Vulnerability)
| Significant severity | |
| CVE-2025-21259 | Spoofing Vulnerability in Microsoft Outlook |
PC Manager (1 CVE)
| Significant severity | |
| CVE-2025-21322 | Elevation of Privilege Vulnerability in Microsoft PC Manager |
SharePoint (1 Vulnerability)
| Significant severity | |
| CVE-2025-21400 | Remote Code Execution Vulnerability in Microsoft SharePoint Server |
Surface (1 Vulnerability Exposed)
| Significant severity | |
| CVE-2025-21194 | Security Feature Bypass Vulnerability in Microsoft Surface |
Appendix D: Announcements and Other Products
Here is a compilation of announcements and details pertaining to other relevant CVEs in the February release. Microsoft has already taken necessary steps to address the issues associated with these CVEs, but they are included in the release for the sake of transparency.
Microsoft details:
| CVE / identifier | Product | Title |
| ADV990001 | Latest Servicing Stack Updates | |
| CVE-2025-0444 | Edge | Use-after-free issue in Skia (Chromium: CVE-2025-0444) |
| CVE-2025-0445 | Edge | Use-after-free issue in V8 (Chromium: CVE-2025-0445) |
| CVE-2025-0451 | Edge | Inappropriate Implementation in Extensions API (Chromium: CVE-2025-0451) |
| CVE-2025-21177 | Dynamics 365 | Elevation of Privilege Vulnerability in Microsoft Dynamics 365 Sales |
| CVE-2025-21253 | Edge | Spoofing Vulnerability in Microsoft Edge for IOS and Android |
| CVE-2025-21267 | Edge | (Chromium-based) Spoofing Vulnerability in Microsoft Edge |
| CVE-2025-21279 | Edge | (Chromium-based) Remote Code Execution Vulnerability in Microsoft Edge |
| CVE-2025-21283 | Edge | (Chromium-based) Remote Code Execution Vulnerability in Microsoft Edge |
| CVE-2025-21342 | Edge | (Chromium-based) Remote Code Execution Vulnerability in Microsoft Edge |
| CVE-2025-21404 | Edge | (Chromium-based) Spoofing Vulnerability in Microsoft Edge |
| CVE-2025-21408 | Edge | (Chromium-based) Remote Code Execution Vulnerability in Microsoft Edge |
There are no Adobe announcements in this month’s release.
Appendix E: Impacted Versions of Windows Server
This table portrays the CVEs in the February release impacting nine versions of Windows Server, ranging from 2008 to 2025. The table categorizes across major editions of the platform but refrains from specific details (e.g., Server Core). Vulnerabilities of critical severity are highlighted in red; an “x” indicates inapplicability of the CVE to that particular version. System administrators are advised to utilize this appendix as a reference point to evaluate their specific exposure as each user’s scenario, particularly concerning products no longer receiving mainstream support, may differ. For precise Knowledge Base references, please refer to Microsoft.
| 2008 | 2008-R2 | 2012 | 2012-R2 | 2016 | 2019 | 2022 | 2022 23H2 | 2025 | |
| CVE-2025-21179 | × | × | × | × | × | × | × | × | ■ |
| CVE-2025-21181 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-21182 | × | × | × | × | × | × | × | × | ■ |
| CVE-2025-21183 | × | × | × | × | × | × | × | × | ■ |
| CVE-2025-21184 | × | × | × | × | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-21190 | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ | ■ |
| CVE-2025-21200 | ■ | ■ | ■ | ■ | ■ | ● | ● | ● | ● |
| Vulnerability-2025-21201 | ● | ● | ● | ● | ● | ● | ● | ● | ● |
| Vulnerability-2025-21208 | ● | ● | ● | ● | ● | ● | ● | ● | ● |
| Vulnerability-2025-21212 | × | × | × | × | ● | ● | ● | ● | ● |
| Vulnerability-2025-21216 | × | × | × | × | ● | ● | ● | ● | ● |
| Vulnerability-2025-21254 | × | × | × | × | ● | ● | ● | ● | ● |
| Vulnerability-2025-21337 | ● | ● | ● | ● | ● | ● | ● | ● | ● |
| Vulnerability-2025-21347 | × | × | ● | ● | ● | ● | ● | ● | ● |
| Vulnerability-2025-21349 | × | × | × | × | ● | ● | ● | ● | ● |
| Vulnerability-2025-21350 | ● | ● | ● | ● | ● | ● | ● | ● | ● |
| Vulnerability-2025-21351 | × | × | × | × | ● | ● | ● | ● | ● |
| Vulnerability-2025-21352 | ● | ● | ● | ● | ● | ● | ● | ● | ● |
| Vulnerability-2025-21358 | × | × | × | × | ● | ● | ● | ● | ● |
| Vulnerability-2025-21359 | ● | ● | ● | ● | ● | ● | ● | ● | ● |
| Vulnerability-2025-21367 | × | × | × | × | × | ● | ● | ● | ● |
| Vulnerability-2025-21368 | ● | ● | ● | ● | ● | ● | ● | ● | ● |
| Vulnerability-2025-21369 | ● | ● | ● | ● | ● | ● | ● | ● | ● |
| Vulnerability-2025-21371 | ● | ● | ● | ● | ● | ● | ● | ● | ● |
| Vulnerability-2025-21373 | ● | ● | ● | ● | ● | ● | ● | ● | ● |
| Vulnerability-2025-21375 | ● | ● | ● | ● | ● | ● | ● | ● | ● |
| Vulnerability-2025-21376 | ● | ● | ● | ● | ● | ● | ● | ● | ● |
| Vulnerability-2025-21377 | ● | ● | ● | ● | ● | ● | ● | ● | ● |
| Vulnerability-2025-21379 | × | × | × | × | × | × | × | × | ● |
| Vulnerability-2025-21391 | × | × | × | × | ● | ● | ● | ● | ● |
| Vulnerability-2025-21406 | ● | ● | ● | ● | ● | ● | ● | ● | ● |
| Vulnerability-2025-21407 | ● | ● | ● | ● | ● | ● | ● | ● | ● |
| Vulnerability-2025-21410 | ● | ● | ● | ● | ● | ● | ● | ● | ● |
| Vulnerability-2025-21414 | × | × | × | × | ● | ● | ● | ● | ● |
| Vulnerability-2025-21418 | ● | ● | ● | ● | ● | ● | ● | ● | ● |
| Vulnerability-2025-21419 | × | ● | ● | ● | ● | ● | ● | ● | ● |
| Vulnerability-2025-21420 | × | × | ● | ● | ● | ● | ● | ● | ● |
About Author
