*Important note: These are not the only vulnerabilities that were recently released; however, these are the vulnerabilities RedLegg has identified as critical and require immediate attention.
VULNERABILITIES
Microsoft Windows Hyper-V NT Kernel Integration VSP Heap-based Buffer Overflow Vulnerability
CVSS Score: 7.8 (High)
Identifier: CVE-2025-21333
Exploit or POC: Yes, active exploitation has been observed in the wild.
Update: CVE-2025-21333 – Microsoft Security Update Guide
Description: CVE-2025-21333 is a heap-based buffer overflow vulnerability in the Microsoft Windows Hyper-V NT Kernel Integration Virtual Service Provider (VSP). This flaw allows a local attacker to gain SYSTEM privileges, potentially leading to full system compromise. Active exploitation of this vulnerability has been reported.
Mitigation Recommendation: Patching is currently the only method of mitigation. Please update to the latest software versions as listed in the Microsoft Security Update Guide. Immediate patching is recommended to prevent potential exploitation.
Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability
CVSS Score: 7.8 (High)
Identifier: CVE-2025-21334
Exploit or POC: Yes, active exploitation has been observed in the wild.
Update: CVE-2025-21334 – Microsoft Security Update Guide
Description: CVE-2025-21334 is a use-after-free vulnerability in the Microsoft Windows Hyper-V NT Kernel Integration Virtual Service Provider (VSP). This flaw allows a local attacker to gain SYSTEM privileges, potentially leading to full system compromise. Active exploitation of this vulnerability has been reported.
Mitigation Recommendation: Patching is currently the only method of mitigation. Please update to the latest software versions as listed in the Microsoft Security Update Guide. Immediate patching is recommended to prevent potential exploitation.
Microsoft Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability
CVSS Score: 7.8 (High)
Identifier: CVE-2025-21335
Exploit or POC: Yes, active exploitation has been observed in the wild.
Update: CVE-2025-21335 – Microsoft Security Update Guide
Description: CVE-2025-21335 is an elevation of privilege vulnerability in the Microsoft Windows Hyper-V NT Kernel Integration Virtual Service Provider (VSP). This flaw allows a local attacker to gain SYSTEM privileges, potentially leading to full system compromise. Active exploitation of this vulnerability has been reported.
Mitigation Recommendation: Patching is currently the only method of mitigation. Please update to the latest software versions as listed in the Microsoft Security Update Guide. Immediate patching is recommended to prevent potential exploitation.
Windows App Package Installer Spoofing Vulnerability
CVSS Score: 7.8 (High)
Identifier: CVE-2025-21275
Exploit or POC: No known public proof of concept has been reported.
Update: CVE-2025-21275 – Microsoft Security Update Guide
Description: CVE-2025-21275 is a spoofing vulnerability in the Windows App Package Installer. An attacker can exploit this flaw by crafting a malicious package that appears to be from a trusted source, potentially leading to unauthorized actions on the affected system.
Mitigation Recommendation: Patching is currently the only method of mitigation. Please update to the latest software versions as listed in the Microsoft Security Update Guide. Immediate patching is recommended to prevent potential exploitation.
Microsoft Windows Graphics Component Remote Code Execution Vulnerability
CVSS Score: 7.8 (High)
Identifier: CVE-2025-21308
Exploit or POC: No known public proof of concept has been reported.
Update: CVE-2025-21308 – Microsoft Security Update Guide
Description: CVE-2025-21308 is a remote code execution vulnerability in the Microsoft Windows Graphics Component. An attacker can exploit this flaw by convincing a user to open a specially crafted file, potentially leading to arbitrary code execution on the affected system.
Mitigation Recommendation: Patching is currently the only method of mitigation. Please update to the latest software versions as listed in the Microsoft Security Update Guide. Immediate patching is recommended to prevent potential exploitation.
Microsoft Access Remote Code Execution Vulnerability
CVSS Score: 7.8 (High)
Identifier: CVE-2025-21186
Exploit or POC: No known public proof of concept has been reported.
Update: CVE-2025-21186 – Microsoft Security Update Guide
Description: CVE-2025-21186 is a remote code execution vulnerability in Microsoft Access. An attacker can exploit this flaw by convincing a user to open a specially crafted Access file, potentially leading to arbitrary code execution on the affected system.
Mitigation Recommendation: Patching is currently the only method of mitigation. Please update to the latest software versions as listed in the Microsoft Security Update Guide. Immediate patching is recommended to prevent potential exploitation.
Microsoft Access Remote Code Execution Vulnerability
CVSS Score: 7.8 (High)
Identifier: CVE-2025-21366
Exploit or POC: No known public proof of concept has been reported.
Update: CVE-2025-21366 – Microsoft Security Update Guide
Description: CVE-2025-21366 is a remote code execution vulnerability in Microsoft Access. An attacker can exploit this flaw by convincing a user to open a specially crafted Access file, potentially leading to arbitrary code execution on the affected system.
Mitigation Recommendation: Patching is currently the only method of mitigation. Please update to the latest software versions as listed in the Microsoft Security Update Guide. Immediate patching is recommended to prevent potential exploitation.
Microsoft Access Remote Code Execution Vulnerability
CVSS Score: 7.8 (High)
Identifier: CVE-2025-21395
Exploit or POC: No known public proof of concept has been reported.
Update: CVE-2025-21395 – Microsoft Security Update Guide
Description: CVE-2025-21395 is a remote code execution vulnerability in Microsoft Access. An attacker can exploit this flaw by convincing a user to open a specially crafted Access file, potentially leading to arbitrary code execution on the affected system.
Mitigation Recommendation: Patching is currently the only method of mitigation. Please update to the latest software versions as listed in the Microsoft Security Update Guide. Immediate patching is recommended to prevent potential exploitation.