Recently, based on warnings about 13 new security vulnerabilities in Microsoft products, the Department of Information Security (Ministry of Information and Communications) has recommended that units and organizations review the system to detect early and handle promptly to minimize the risks of cyber attacks.
Accordingly, on February 11, 2025, Microsoft announced a list of February patches with a total of 67 security vulnerabilities, including 57 vulnerabilities in Microsoft products and 10 vulnerabilities from third parties affecting the company's system. Of which, there are 3 serious level vulnerabilities, 53 high-level vulnerabilities and 1 medium-level vulnerability.
Notably, there are 13 vulnerabilities with special warnings, of which 10 vulnerabilities allow remote code execution, including:
CVE-2025-21376 in Windows Lightweight Directory Access Protocol (LDAP).
CVE-2025-21400 in Microsoft SharePoint Server.
CVE-2025-21392, CVE-2025-21397 in Microsoft Office.
CVE-2025-21381, CVE-2025-21386, CVE-2025-21387, CVE-2025-21390, CVE-2025-21394 in Microsoft Excel.
CVE-2025-21379 in DHCP client Service.
In addition, there are 2 security vulnerabilities that are being exploited in practice:
CVE-2025-21418 in Windows Ancillary Function Driver for WinSock, allowing attackers to scale their privileges.
CVE-2025-21391 in Windows Storage also allows assigned escalation attacks.
In particular, the CVE-2025-21377 vulnerability in Windows can cause leakage of NTLM minuses, creating conditions for attackers to carry out fake attacks (spoofing). Detailed information about this vulnerability has been made public.
In response to warnings about the seriousness of the above vulnerabilities, the Department of Information Security has recommended that agencies, organizations and businesses check, review the system, detect early and handle them promptly to minimize the risk of cyber attacks. Units need to update the security patch from Microsoft, while enhancing monitoring and being ready to respond when there are signs of exploitation.
Cybersecurity experts have also warned that these vulnerabilities could be exploited by attackers to illegally execute code, steal information and endanger system safety.
Therefore, in addition to updating patches, organizations need to regularly monitor warnings from authorities and specialized organizations on information security to promptly respond to new risks.
